Archive

SummarySummary
The Unabridged History of Application Security

The Unabridged History of Application Security

Jim gives a fun and engaging history of computer security, with an overall encouraging message

Clint Gibler
Clint Gibler
SummarySummary
The White Hat’s Advantage: Open-source OWASP tools to aid in penetration testing coverage

The White Hat’s Advantage: Open-source OWASP tools to aid in penetration testing coverage

Vincent describes how two OWASP tools, Attack Surface Detector and Code Pulse, can make penetration testers more effective and demos using them.

Clint Gibler
Clint Gibler
SummarySummary
Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team

Threat Model Every Story: Practical Continuous Threat Modeling Work for Your Team

Izar describes the attributes required by threat modelling approaches in order to succeed in Agile dev environments, how to build an organization that continuously threat models new stories, how to educate devs and raise security awareness, and PyTM, a tool that lets you express TMs via Python code and output data flow diagrams, sequence diagras, and reports.

Clint Gibler
Clint Gibler
SummarySummary
Usable Security Tooling - Creating Accessible Security Testing with ZAP

Usable Security Tooling - Creating Accessible Security Testing with ZAP

In this talk, David gives an overview and demo of ZAP’s new heads-up display (HUD), an intuitive and awesome way to view OWASP ZAP info and use ZAP functionality from within your browser on the page you’re testing.

Clint Gibler
Clint Gibler
SummarySummary
Working with Developers for Fun and Progress

Working with Developers for Fun and Progress

Clint Gibler
Clint Gibler
SummarySummary
A​ Pragmatic Approach for Internal Security Partnerships

A​ Pragmatic Approach for Internal Security Partnerships

Clint Gibler
Clint Gibler
SummarySummary
Cloud Forensics: Putting The Bits Back Together

Cloud Forensics: Putting The Bits Back Together

Brandon describes an experiment he did in AWS forensics (e.g. Does the EBS volume type or instance type matter when recovering data?) and gives some advice on chain of custody and cloud security best practices.

Clint Gibler
Clint Gibler
SummarySummary
On the Frontlines: Securing a Major Cryptocurrency Exchange

On the Frontlines: Securing a Major Cryptocurrency Exchange

Neil provides an overview of cryptocurrencies and cryptocurrency exchanges, the attacks exchanges face at the application layer, on wallets, user accounts, and on the currencies themselves, as well as they defenses they’ve put in place to mitigate them.

Clint Gibler
Clint Gibler
[tl;dr sec] #19 - Epic Post Next Week, Beyond Beyond Corp, Cloud Security Tools

[tl;dr sec] #19 - Epic Post Next Week, Beyond Beyond Corp, Cloud Security Tools

[tl;dr sec] #19 - Epic Post Next Week, Beyond Beyond Corp, Cloud Security Tools

NewsletterNewsletter
[tl;dr sec] #18 - \"GitHubification\" of Infosec, Ring Privacy, Ransomware Economics

[tl;dr sec] #18 - \"GitHubification\" of Infosec, Ring Privacy, Ransomware Economics

Blue teams can become highly leveraged by sharing knowledge effectively, Ring's partnerships with the police, viewing ransomware through an economic lens.

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #17 - AWS Re:Invent, Supply Chain Security, Absolute AppSec

[tl;dr sec] #17 - AWS Re:Invent, Supply Chain Security, Absolute AppSec

A number of interesting new AWS services, backdoors on PyPI, I had a blast on the Absolute AppSec podcast, and tl;dr sec hits 500 subscribers! 🚀

Clint Gibler
Clint Gibler
SummarySummary
The Art of Vulnerability Management

The Art of Vulnerability Management

Clint Gibler
Clint Gibler
FirstBack
2324252627282930
Next Last