Sign up to save your podcasts
Or
Share CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321
Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality.
Segment Resources:
- https://www.cisa.gov/securebydesign
- https://www.cisa.gov/securebydesign/pledge
- https://www.cisa.gov/resources-tools/resources/product-security-bad-practices
- https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design
- https://corridor.dev
Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-321
View all episodes
By Security Weekly Productions
4.9
1111 ratings
Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality.
Segment Resources:
- https://www.cisa.gov/securebydesign
- https://www.cisa.gov/securebydesign/pledge
- https://www.cisa.gov/resources-tools/resources/product-security-bad-practices
- https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design
- https://corridor.dev
Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-321
More shows like Application Security Weekly (Audio)
View all
Marketplace Tech
1,275 Listeners
Security Now (Audio)
1,965 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
CyberWire Daily
1,012 Listeners
Enterprise Security Weekly (Audio)
14 Listeners
AWS Podcast
201 Listeners
Business Security Weekly (Audio)
3 Listeners
Paul's Security Weekly (Audio)
14 Listeners
The Application Security Podcast
36 Listeners
Darknet Diaries
7,842 Listeners
Hacking Humans
311 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners