Should you build or buy your software?

I touched on this subject during the Tech Pro Unicorn episode (#114), but had a lot more notes than could be covered - thus in this episode, I take a deeper dive.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/115

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Back in October I had the pleasure of appearing on the Tech Pro Unicorn podcast - the first time that I appears as a guest.

The host, Michael Grace, and I covered a number of topics - such as build vs buy, low-code/ no-code and generally tried to put the world to rights'.

And with Michael's kind permission, I am re-playing the interview in in full.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/114

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

The OWASP Top 10 is the most critical security concerns for web application security as defined by the Open Web Application Security Project®

In the last two episode, I introduce OWASP, their Top 10, why it matters and who it affects - as well as introducing the first seven on the list.

In this episode, I talk about eight to ten of the list.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/113

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

The OWASP Top 10 is the most critical security concerns for web application security as defined by the Open Web Application Security Project®

In the last episode, I introduce OWASP, their Top 10, why it matters and who it affects - as well as introducing the first three on the list.

In this episode, I talk about four to seven of the list.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/112

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

The OWASP Top 10 is the most critical security concerns for web application security as defined by the Open Web Application Security Project®

In this episode, I introduce OWASP, their Top 10, why it matters and who it affects - as well as introducing the first three on the list.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/111

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Continuing my mini-series on security, I discuss Supply Chain Attacks.

No conversation on cyber-security in 2021 would be complete without talking about Supply Chain Attacks.  They are on the increase, with many high profile examples - such as SolarWinds.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/110

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Continuing my mini-series on security, I discuss why you would paid to be hacked.

When you are spending so much time and money putting security in place, it seem counter-intuitive to then pay someone to try and break it.  But without that, how will you know if your defenses work?

I also introduce three ways of validating those defenses - penetration testing, bug bounties and red team/ blue team exercises.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/109

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Continuing my mini-series on security, I introduce Social Engineering.

Social Engineering is a direct attempt to manipulate us into doing something that we otherwise would not.  Its not a new technique, but the modern connected world gives social engineers more tools to work with.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/108

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Continuing my mini-series on security, I introduce Zero Trust.

The traditional approach of security at the border is not longer enough in the modern IT world.  Unlike the good citizens of Troy, you should "never trust, always verify" - you should have Zero Trust.

-----

Find this episodes show notes at: https://red-folder.com/podcasts/107

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap

Continuing my mini-series on security, I want to follow on from last week's episode, taking a look beyond passwords.

We are rapidly moving to additional forms of proving our identity - be it something we KNOW, something we HAVE or something we ARE - and, possible more importantly, using multiple when doing so (MFA/ 2FA).

-----

Find this episodes show notes at: https://red-folder.com/podcasts/106

Have an idea for an episode topic, or want to see what is coming up: https://red-folder.com/podcasts/roadmap