This episode of Man vs Web App Podcast marks a significant transition as we introduce two new hosts of the podcast: David Howe and Garrett Gross.  We discuss the transition itself, the current state of application security and get an onsite interview from a DEF CON attendee regarding their experience with appsec.

The post Man vs WebApp Podcast – Episode 05 – New Hosts and BlackHat 2018 first appeared on Man Vs WebApp.

This week on the Man vs Web App Podcast we delve into the fundamentals of Inputs and Injection. Inputs cross all layers of the entire system, and its important to understand the basics to be able to build on top more advanced or specialized attacking methods.

find out more about our site

Listen to learn the basics about inputs and injections.

The post Man vs WebApp Podcast – Episode 04 – Input and injection fundamentals first appeared on Man Vs WebApp.

This week on the Man vs Web App Podcast we delve into the topic of Out of band attacks. These go by various names, such as Out of Order, second order, blind, external service interactions, etc. In this episode Scott Davis takes the lead to discuss the latest research he has been doing in this area.

Listen to learn about these newer category of attacks and learn more about these cutting edge attacking techniques and how you have to build apps that can defend against them.

The post Man vs WebApp Podcast – Episode 03 – Out of band attacks first appeared on Man Vs WebApp.

This week on the Man vs Web App Podcast we delve into the topic of Web Services. This includes SOAP, REST API’s or just Web API’s… whatever you want to call them.

Learn about the history of Web Services, how each is different and learn about cutting edge solutions which allow them to become more manageable from a security perspective, and the new search optimization techniques with SEO Long Beach.

The post Man vs WebApp Podcast – Episode 02 – All about web services first appeared on Man Vs WebApp.

Welcome to the Man vs WebApp Podcast!

In this intro episode we do introductions and give a preview of the topics to come.

The Man vs WebApp Podcast is not another “newscast” covering the latest topics in the industry. Instead, in each episode we will focus on a specific Application Security topic and dig into the details with enough description to educate those newer to AppSec, but then we will go deep enough to add new ideas for AppSec pros.

The post Man vs WebApp Podcast – Episode 01 – Welcome To The Show first appeared on Man Vs WebApp.

Jim, Dan, and Michael have a lot of catching up to do. We talk about a lot of stuff because a lot of stuff has been happening. From RSA, NSA, QSAs… security is busy! Show notes below!

EMPHATIC POINT OF THE PODCAST!! Complacent with Compliance … again PCI!= security

Special Thanks to the guys at RivetHead for use of their tracks“ http://www.rivetheadonline.com/

The post An Information Security Place Podcast – 01-22-14 first appeared on Man Vs WebApp.

The podcasting returns! This is the first new episode of InfoSec Place and in a few days will be the return of my web security podcast here on Man Vs Webapp (formerly Mightyseek).

Music Notes: Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

The post An Information Security Place Podcast – 8-20-13 first appeared on Man Vs WebApp.

Hmmm Lets see if I even remember how to enter this stuff anymore… Yeap you guessed it, we finally recorded another episode – WOOT!

Discussion Topic –

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks –http://www.rivetheadonline.com/

Tour Dates:

Intro – RivetHead – “The 13th Step”

The post An Information Security Place Podcast – Episode 04 for 2012 first appeared on Man Vs WebApp.

Today’s show is Michael interviewing Kevin Riggins. Kevin is an Enterprise Security Architect for a Fortune 500 financial services company. Kevin and Michael have some great conversation about Kevin’s job, what he is doing at RSA, where he blogs, the book he coauthored, etc. (look below in the show notes for links to everything).

Then a fun discussion starts about cloud, risk, mobility, risk in the cloud, risk in mobility, risk of mobility integrated with the cloud, and so on. Good stuff all around.

Here’s some links to stuff about Kevin and other stuff we talked about in the show.

The post An Information Security Place Podcast – Episode 03 for 2012 first appeared on Man Vs WebApp.

Thanks go to Jeremiah Grossman for sitting down with Michael for some great discussion. Jeremiah is the CTO at Whitehat Security and a very well known figure in the InfoSec industry. Jeremiah and Michael talk about Hawaii, sharks, security philosophy, RSA, stage fright, Jeremiah’s TED talk (not published as of the posting of this entry), and the age of the InfoSec industry and whether young folks are coming into the fold.

You can find Jeremiah at Whitehat (link above) and his blog, and you can follow him and on Twitter as well. Jeremiah will be giving a talk and participating on panel at RSA as well, so be sure to attend those if you are going to the RSA Conference 2012.

The post An Information Security Place Podcast – Episode 02 for 2012 first appeared on Man Vs WebApp.