title

DevelopSec: Developing Security Awareness

Jardine Software Inc.

1
Followers
1
Plays
DevelopSec: Developing Security Awareness
DevelopSec: Developing Security Awareness

DevelopSec: Developing Security Awareness

Jardine Software Inc.

1
Followers
1
Plays
OVERVIEWEPISODESYOU MAY ALSO LIKE

Details

About Us

Curious about application security? Want to learn how to detect security vulnerabilities and protect your application. We discuss different topics and provide valuable insights into the world of application security.

Latest Episodes

Chrome Retires XSS Auditor

It was recently announced that Chrome was dropping the XSS Auditor in Chrome 78. What does that mean and how does that change things for you as a developer? https://www.chromium.org/developers/design-documents/xss-auditor For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

14 MIN3 w ago
Comments
Chrome Retires XSS Auditor

Is CSRF Really Dead?

In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead? For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

15 MINNOV 6
Comments
Is CSRF Really Dead?

Investing in People for Better Application Security

In this episode, James talks about investing in the development teams to increase application security priorities. For more info go to https://www.developsec.com or follow us on twitter (@developsec).

24 MINOCT 30
Comments
Investing in People for Better Application Security

What is your mother's maiden name?

In this episode, James talks about some of the risks and recommendations around security questions and their implementation. For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

21 MINMAY 28
Comments
What is your mother's maiden name?

Application Fingerprinting

Does your application give away details about it server, framework, or other components? How is this information used by an attacker? Check out this episode to learn more.

21 MINJAN 23
Comments
Application Fingerprinting

Authentication Alerts

Would you know if someone authenticated to your account? With the breaches we see in the news, and attacks like credential stuffing, there must be a way to be alerted to account access. James talks about authentication alerts, what they are, and why you may want to use them.

16 MINJAN 15
Comments
Authentication Alerts

Implementation Matters

James discusses how implementation matters with security controls and how it changes priorities. This came about after reading the following story: https://www.theverge.com/2018/12/31/18162541/vein-authentication-wax-hand-hack-starbug For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

19 MINJAN 8
Comments
Implementation Matters

2018 Reflection

I talk about some of what happened in 2018 and what I am looking to do in 2019. I also ask you to think about your previous year and goals. I also talk about some new training I am providing.

27 MINJAN 3
Comments
2018 Reflection

Dunkin Donuts Breach, Maybe?

In this episode James talk about the Dunkin Donuts Perks breach. This is an interesting situation as the accounts were access using the victim's username and password found from another data breach. The issue: Password Reuse. Could D&D have prevented this? Listen in to hear my thoughts. Please feel free to share your thoughts as well.

18 MIN2018 DEC 12
Comments
Dunkin Donuts Breach, Maybe?

Credential Stuffing

In this episode James talks about what credential stuffing is, how if affects your apps, and how you can look to defend against it. For more info go tohttps://www.developsec.comor follow us on twitter (@developsec). Join the conversations.. join our slack channel. Email james@developsec.com for an invitation. DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.

18 MIN2018 NOV 10
Comments
Credential Stuffing

Latest Episodes

Chrome Retires XSS Auditor

It was recently announced that Chrome was dropping the XSS Auditor in Chrome 78. What does that mean and how does that change things for you as a developer? https://www.chromium.org/developers/design-documents/xss-auditor For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

14 MIN3 w ago
Comments
Chrome Retires XSS Auditor

Is CSRF Really Dead?

In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead? For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

15 MINNOV 6
Comments
Is CSRF Really Dead?

Investing in People for Better Application Security

In this episode, James talks about investing in the development teams to increase application security priorities. For more info go to https://www.developsec.com or follow us on twitter (@developsec).

24 MINOCT 30
Comments
Investing in People for Better Application Security

What is your mother's maiden name?

In this episode, James talks about some of the risks and recommendations around security questions and their implementation. For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

21 MINMAY 28
Comments
What is your mother's maiden name?

Application Fingerprinting

Does your application give away details about it server, framework, or other components? How is this information used by an attacker? Check out this episode to learn more.

21 MINJAN 23
Comments
Application Fingerprinting

Authentication Alerts

Would you know if someone authenticated to your account? With the breaches we see in the news, and attacks like credential stuffing, there must be a way to be alerted to account access. James talks about authentication alerts, what they are, and why you may want to use them.

16 MINJAN 15
Comments
Authentication Alerts

Implementation Matters

James discusses how implementation matters with security controls and how it changes priorities. This came about after reading the following story: https://www.theverge.com/2018/12/31/18162541/vein-authentication-wax-hand-hack-starbug For more info go tohttps://www.developsec.comor follow us on twitter (@developsec).

19 MINJAN 8
Comments
Implementation Matters

2018 Reflection

I talk about some of what happened in 2018 and what I am looking to do in 2019. I also ask you to think about your previous year and goals. I also talk about some new training I am providing.

27 MINJAN 3
Comments
2018 Reflection

Dunkin Donuts Breach, Maybe?

In this episode James talk about the Dunkin Donuts Perks breach. This is an interesting situation as the accounts were access using the victim's username and password found from another data breach. The issue: Password Reuse. Could D&D have prevented this? Listen in to hear my thoughts. Please feel free to share your thoughts as well.

18 MIN2018 DEC 12
Comments
Dunkin Donuts Breach, Maybe?

Credential Stuffing

In this episode James talks about what credential stuffing is, how if affects your apps, and how you can look to defend against it. For more info go tohttps://www.developsec.comor follow us on twitter (@developsec). Join the conversations.. join our slack channel. Email james@developsec.com for an invitation. DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.

18 MIN2018 NOV 10
Comments
Credential Stuffing
hmly
himalayaプレミアムへようこそ聴き放題のオーディオブックをお楽しみください。