1k
200
3k938
))
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on September 16, 2025 09:34 (
What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Maintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Schneider talks about the engineering considerations of refactoring and rewriting code, why code maintenance is important to appsec, and how to build confidence that adding automation to a migration results in code that has the same workflows as before.
Resources
Then, instead of our usual news segment, we do a deep dive on some recent vulns NVIDIA's Triton Inference Server disclosed by Trail of Bits' Will Vandevanter. Will talks about the thought process and tools that go into identify potential vulns, the analysis in determining whether they're exploitable, and the disclosure process with vendors. He makes the important point that even if something doesn't turn out to be a vuln, there's still benefit to the learning process and gaining experience in seeing the different ways that devs design software. Of course, it's also more fun when you find an exploitable vuln -- which Will did here!
Resources
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-342
362 ตอน
Hmmm there seems to be a problem fetching this series right now.
Last successful fetch was on September 16, 2025 09:34 (
What now? This series will be checked again in the next day. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.
Maintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Schneider talks about the engineering considerations of refactoring and rewriting code, why code maintenance is important to appsec, and how to build confidence that adding automation to a migration results in code that has the same workflows as before.
Resources
Then, instead of our usual news segment, we do a deep dive on some recent vulns NVIDIA's Triton Inference Server disclosed by Trail of Bits' Will Vandevanter. Will talks about the thought process and tools that go into identify potential vulns, the analysis in determining whether they're exploitable, and the disclosure process with vendors. He makes the important point that even if something doesn't turn out to be a vuln, there's still benefit to the learning process and gaining experience in seeing the different ways that devs design software. Of course, it's also more fun when you find an exploitable vuln -- which Will did here!
Resources
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-342
362 ตอน
Player FM กำลังหาเว็บ
1k200
3k938
แบ่งปัน
