Season 2: Training & Awareness
Episode 12: The Future of Security Training
We're at the season finale on the theme of Training & Awareness. We're going to finish off the season by looking ahead to the future of security training and awareness. Over the past eleven episodes, we've covered everything from Security Champions to cloud security. Now it's time to explore what's next.
Season 2: Training & Awareness
Episode 11: Security Training for Remote Teams
In this episode, we're looking at a challenge that's become increasingly critical: security training for remote teams. We'll explore how to build and maintain a strong security culture when your team is distributed across different locations, time zones, and even continents.
Season 2: Training & Awareness
Episode 10: Cloud Security Awareness
In this episode, we'll be talking about cloud security awareness and exploring why traditional security thinking falls apart in the cloud, and how to build a new security mindset for the cloud era.
Season 2: Training & Awareness
Episode 9: Secure Development Lifecycle Training
In this episode, we’ll look into Secure Development Lifecycle training, or SDL. We're going to explore how to build security into every phase of your development process—from initial planning through deployment and beyond.
Season 2: Training & Awareness
Episode 8: The Human Factor - Social Engineering Defense
In this episode, we'll be diving deep into what many consider the most persistent security threat: social engineering. We'll explore why humans are often called the weakest link in security – and more importantly, what we can do about it.
Season 2: Training & Awareness
Episode 7: Crisis Response Training: Preparing for the Inevitable
In this episode we're diving deep into crisis response training. Because in security, it's not if a crisis will happen, but when. Every organization will face security incidents—that's simply the reality of our digital landscape today.
Season 2: Training & Awareness
Episode 6: Executive Security Awareness - Speaking the Board's Language
In this episode, we learn from special guest and seasoned CISO Mangaraja Saut Martua on how to communicate security risks to executives, board-level security awareness program and how to translate technical risks into business impact.
Season 2: Training & Awareness
Episode 5: Secure Coding Bootcamps - From Theory to Practice
Last episode, we discussed building a security culture. Today, we're getting hands-on with one of the most effective ways to improve security: secure coding bootcamps
Season 2: Training & Awareness
Episode 4: Security Culture by Design
In our previous episode, we dove into measuring security awareness. Today, we're tackling something more fundamental: how to build security into your organization's DNA. We're talking about creating a security culture by design.
Season 2: Training & Awareness
Episode 3: Measuring Security Awareness - Metrics That Matter
In our previous episodes, we explored building Security Champions programs and effective developer training. Today, we're tackling a challenge that keeps many CISOs up at night: How do you actually measure if your security awareness programs are working?
Season 2: Training & Awareness
Episode 2: Developer Security Training - Beyond Annual Compliance
In our last episode, we talked about building an effective Security Champions program. Today, we're tackling something even bigger: How to make security training actually work for developers.
Season 2: Training & Awareness
Episode 1: Building a Security Champions Program That Actually Works
In this episode we'll talk about the most important security program you're not running correctly: The Security Champions program.
Intro to Season 2 of AppSec Unlocked
Welcome to Season 2 where we're diving into something critical that often gets overlooked in the world of cybersecurity: Training and Awareness.
Season 1: Open Source Security
Episode 11: Help! There’s too many Vulnerabilities! A Practical Guide to Tackling Open-Source Security
Season 1: Open Source Security
Episode 10: A FAIR Approach to Vulnerability Patch Prioritization
In this episode of AppSec Unlocked, we dive into the fascinating topic of using a FAIR approach to Vulnerability Patch prioritization, where we explore how organizations can better prioritize vulnerabilities in their open-source software using the FAIR model and EPSS. And we have Denny Wan, an expert on FAIR analysis sharing his insights on this innovative approach.
Season 1: Open Source Security Episode 9: Open-Source Vulnerability Management Policy: A Balanced Approach
In today's rapidly evolving cybersecurity landscape, managing vulnerabilities in open-source components has become increasingly complex. While traditional approaches relying solely on CVSS scores have their merits, they may not be sufficient to address the exponential growth in discovered vulnerabilities. A more nuanced and scalable approach is needed, one that considers not only severity but also exploitability and potential impact.
Season 1: Open Source Security Episode 8: A Cautionary Tale on Supply Chain Attacks: My Recent Encounter with a Compromised NPM Library
This is a rebroadcast from the CyberBites podcast as it is related to application security and open source supply chain.
Season 1: Open Source Security Episode 7: Introduction to StakeholderSpecific Vulnerability Categorization (SSVC)
Introduction to a transformative risk-based approach to vulnerability management
Season 1: Open Source Security
Episode 6: Software Composition Analysis Selection Criteria
Season 1: Open Source Security
Episode 5: Embarking on the Open Source Security Journey.