People Process Technology Podcast สาธารณะ
[search 0]
เพิ่มเติม

ดาวน์โหลดแอปเลย!

show episodes
 
Loading …
show series
 
In this episode of the People | Process | Technology podcast, I speak with Seba Deleersnyder from the Software Assurance Maturity Model, Carlos Holguera and Sven Schleier from the Mobile Security Testing Guide, and Bjoern Kimminich from the Juice Shop Project. This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that …
 
In this episode of the People | Process | Technology podcast, I speak with Simon Bennetts from the Zap Project, Christian Folini from the ModSecurity Core Rule Set Project, and Steve Springett from the Dependency Track Project. This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that will be featured at the OWASP 20t…
 
In 2020, Security Magazine listed Sounil Yu as one of the most Influential People in Security in 2020, in part because of his work on the Cyber Defense Matrix, a framework for understanding and navigating your cybersecurity environments. The Cyber Defense Matrix started as a project when Sounil was the Chief Security Scientist at Bank of America. T…
 
The Top 10 is considered one of the most important community contributions to come out OWASP. In 2003, just two years after organization was started, the OWASP Top 10 was created. The purpose of the project was to create an awareness document, highlighting the top ten exploits security professionals should be aware of. Since that time, innumerable …
 
When Shannon Lietz and the team at DevSecOps.org published the DevSecOps Manifesto six years ago, security was uppermost in their minds. The manifesto starts with a call to arms…“Through Security as Code, we have and will learn that there is simply a better way for security practitioners, like us, to operate and contribute value with less friction.…
 
This is Mark Miller, Executive Producer. Over the years as I’ve produced the show, the topics of focus have followed the trends in the industry. What was originally called “The OWASP Podcast” became “OWASP 24/7” and then “The DevSecOps Podcast”. Each change brought with it a new audience, extending our community from exclusively OWASP practitioners…
 
OWASP is in a state of discord. Over the past few years, there have been fractures in the community. Recently, there have been arguments on the leader email list that have clearly breached the lines of etiquette. Personal attacks, distribution of funds, and complaints of lack of diversity are creating tension among the members.If we, as an organiza…
 
In this episode of the DevSecOps Podcast, we’re going to go off script and explore the LinkedIn algorithm. I could tie this back to DevSecOps, and how all of us need visibility for our work, or how important it is to build a community around our ideas, but the real reason is… I find this fascinating.One of the largest community engagement platforms…
 
When I read Richard Stiennon's latest article in Forbes, The Demise of Symantec, I thought it was absolutely fascinating. Richard walks through the process of what happened at Symantec, how it was an acquisition engine for so many years, and now how it's started to decline. I got in touch with Richard and told him I'd like to have him read his arti…
 
Equifax is trying... I mean REALLY trying... to regain your trust. The Equifax CTO and CISO delivered the keynote at DevSecOps Days during 2020 RSAC. They contributed to multiple sessions and panels during the conference. The message was consistant: "Yes, we had a major problem. Here's what we're doing about it. Here's what you can learn from us." …
 
If you like what you hear, you can download the entire book at sonatype.com/epicfailuresAs we were putting the finishing touches, getting ready to publish the latest version of Epic Failures in DevSecOps, I reread Jaclyn Damiano's chapter and was struck by how unique her message is.This is a personal story, one that will resonate with many people i…
 
When Derek Weeks and I started All Day DevOps in 2016, we were unsure as to whether anyone would be interested.It's now four years later. Last week we had close to 37,000 people register for the event. We're still trying to wrap our head around the scale of something that generates a world wide audience in the tens of thousands for a 24 hour confer…
 
Shortly after watching the documentary, Code Rush, I met with Tara Hernandez, the hockey stick carrying lead of the Netscape project that was being documented. We sat down at the Jenkins World Conference in San Francisco to talk about the effect that project had on her career, what she has been doing since with her position at google, and what she …
 
Edwards Deming went to post-war Japan in the late 1940s to help with the census. While there, he built relationships with some of the main manufacturers in the region, helping them understand the value of building quality into a product as part of the production process, thus lowering time to market, eliminating rework and saving company resources.…
 
Once a year, Sacha Labourey and I sit down to discuss the past year and what the coming year looks like for DevOps and Jenkins. As CEO of CloudBees, Sacha has broad visibility into the progress of the DevOps/DevSecOps communities. We started our talk this year, commenting on the growth of the Jenkins World conference, with over 2000 attendees... wh…
 
I was affected by it. You were affected by it. We were all affected by the Equifax breach in September 2017. The truly interesting thing about it is, Equifax wasn't the only company hit by the struts 2 vulnerability that day. Many other companies were hit by it within that time period, but Equifax became the poster child for the main stream media. …
 
OWASP supports a global conference in North America each year, bringing together the projects, teams and chapters who make this one of the largest security tribes in the world. In this episode of the DevSecOps Podcast Series, I speak with Ben Pick one of the organizers of the conference about what's important about this type of gathering and what y…
 
The 2019 State of the Software Supply Chain Report was released on June 25th. The report is an analysis of the answers from over 5500 participants, allowing data researchers the ability to extrapolate what the most productive enterprises are doing when it comes to managing the software supply chain, and how that compares to less efficient developme…
 
Let's not talk around the subject here... women are under represented when it comes to speaking or participating in tech conferences. It's a male dominated culture.When I saw Lani Rosales had published, "The Ultimate list of Austin women who can speak at your tech event" in response to the complaint that there are no women speakers available in the…
 
I produced my first concert at the San Anselmo Playhouse in 1979. It was the first in a series of events that has lasted 40 years. I have produced more than 300 events and participated in many hundreds more as a speaker and participant. As the producer of this many events, I have an internal map of what to do to make an event successful, the steps …
 
In April 2019, I was invited to host a panel at the International Conference on Cyber Engagement in Washington DC, to discuss "Securing the Software Supply Chain". On the panel were four of the top voices in software supply chain management: - Edna Conway, Chief Security Officer, Global Value Chain, at CISCO- Joyce Corell, Assistant Director, Suppl…
 
When I think of Tel Aviv, I imagine a robust, young culture, living a good, fun life. Not only is the culture conducive to a young life style, its tech industry continues to gain traction. As Wired Magazine said last August, "Israeli startups have always been high on Silicon Valley shopping lists, but Tel Aviv is beginning to shake off its reputati…
 
If you've read the Phoenix Project, you'll remember Brent, the indispensable cog on the operations team. Brent was a good guy, he wanted to do the right things, all of the right things, but was pulled in all directions because of the lack of a unified plan for the company's project workflow. But what if Brent didn't want to do the "right" thing? Wh…
 
Three years ago there was an idea floating around OWASP... a core community was looking for a way to have an isolated week, where security project working groups could get together, with no distractions, and work on projects they felt were important. From this idea, the Open Security Summit was founded. Now in it's third year, the summit takes plac…
 
Open-source components and their use within the software supply chain has become ubiquitous within the past few years. Current estimates are that 80-90% of new software applications consist of open-source components and frameworks. Section A9 of the OWASP Top 10 places components with known vulnerabilities as one of the most prevalent and abused pa…
 
Loading …

คู่มืออ้างอิงด่วน

Google login Twitter login Classic login