Some production issues caused this one to slip to December so the intro is a bit off but this is still a great episode. So, learn some lessons on creating secure code from one of my favorite guests: Tanya Janca. It was hard to keep this one to its current length as Tanya is such a great person to talk to for any reason. Enjoy and happy holidays!
Show Links:
Get your copy of Alice and Bob Learn Secure Coding! (and more):
https://shehackspurple.ca/books/
Also the newsletter so that you can join the free online streams:
https://newsletter.shehackspurple.ca/
All content for The OWASP Podcast Series is the property of The OWASP Podcast Series and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Some production issues caused this one to slip to December so the intro is a bit off but this is still a great episode. So, learn some lessons on creating secure code from one of my favorite guests: Tanya Janca. It was hard to keep this one to its current length as Tanya is such a great person to talk to for any reason. Enjoy and happy holidays!
Show Links:
Get your copy of Alice and Bob Learn Secure Coding! (and more):
https://shehackspurple.ca/books/
Also the newsletter so that you can join the free online streams:
https://newsletter.shehackspurple.ca/
In this episode, I go solo and review the last year of podcasts but with a twist. I do my best to compare the topics covered to the OWASP Flagship projects. The goal is to see if the episodes I recorded this year match up with the projects strategically important to OWASP. Plus, the holiday listeners get gifts all around as I cover (and link) the OWASP Flagship projects.
Show Links:
- (January) New Ideas, New Voices, New Hosts: https://soundcloud.com/owasp-podcast/new-ideas-new-voices-new-hosts
- (February) Tanya Janca - She Hack Purple: https://soundcloud.com/owasp-podcast/tanya-janca
- SAMM (Software Assurance Maturity Model): https://owaspsamm.org/
- (March) Fast Times at SBOM High: https://soundcloud.com/owasp-podcast/fast-times-at-sbom-high-with-wendy-nather-and-matt-tesauro
- CycloneDX: https://cyclonedx.org/
- Dependency-Track: https://dependencytrack.org/
- Dependency-Check: https://jeremylong.github.io/DependencyCheck/
- (April) The VOID: Verica Open Incident Database: https://soundcloud.com/owasp-podcast/the-void-verica-open-incident-database
- Web Security Testing Guide: https://owasp.org/www-project-web-security-testing-guide/
- Mobile Application Security Guide: https://mas.owasp.org/
- (May) Threat Modeling using the Force: https://soundcloud.com/owasp-podcast/threat-modeling-using-the-force-with-adam-shostack-owasp-podcast-e001
- ASVS (Application Security Verification Standard): https://owasp.org/www-project-application-security-verification-standard/
- AMASS: https://owasp.org/www-project-amass/
- (June) Giving a jot about JWTs: JWT Patterns and Anti-Patterns: https://soundcloud.com/owasp-podcast/owasp-podcast-giving-a-jot-about-jwts-jwt-patterns-and-anti-patterns
- Cheat Sheet Series: https://cheatsheetseries.owasp.org/
- API Top 10: https://owasp.org/www-project-api-security/
- (July) Getting Lean and Mean with DefectDojo: https://soundcloud.com/owasp-podcast/getting-lean-and-mean-in-the-defectdojo
- DefectDojo: https://www.defectdojo.org/
- (August) Going Way Beyond 2FA: https://soundcloud.com/owasp-podcast/going-way-beyond-2fa
- ModSecurity Core Rule Set: https://coreruleset.org/
- (September) Breaching the wirefall with community: https://soundcloud.com/owasp-podcast/breaching-the-wirefall-with-community
- Security Shepherd: https://owasp.org/www-project-security-shepherd/
- Juice Shop: https://owasp.org/www-project-juice-shop/
- Security Knowledge: https://owasp.org/www-project-security-knowledge-framework/
- (October) Little Zap of Horrors: https://soundcloud.com/owasp-podcast/little-zap-of-horrors
- Zed Attack Proxy (ZAP): https://www.zaproxy.org/
- OWTF (Offensive Web Testing Framework): https://owtf.github.io/
- (November) You've got some Kubernetes in my AppSec: https://soundcloud.com/owasp-podcast/youve-got-some-kubernetes-in-my-appsec
- OWASP Top 10: https://owasp.org/www-project-top-ten/
- CSRFGuard: https://owasp.org/www-project-csrfguard/
The OWASP Podcast Series
Some production issues caused this one to slip to December so the intro is a bit off but this is still a great episode. So, learn some lessons on creating secure code from one of my favorite guests: Tanya Janca. It was hard to keep this one to its current length as Tanya is such a great person to talk to for any reason. Enjoy and happy holidays!
Show Links:
Get your copy of Alice and Bob Learn Secure Coding! (and more):
https://shehackspurple.ca/books/
Also the newsletter so that you can join the free online streams:
https://newsletter.shehackspurple.ca/
