February 11, 2025

Episode 275 - OpenGrep Summary, Secure By Design, Confusion Attacks

Listen Later

1 hour 6 minutes

Ken and Seth are back for another episode that starts with a summary of the Semgrep and OpenGrep break. This is followed by Google's recent article titled Secure By Design: Google's Blueprint for a High-Assurance Web Framework. Google is focused on protections within the browser, given their products and business, but the controls and overall process are relevant to most application security programs. Finally, a discussion of Orange Tsai's research on Confusion Attacks within Apache that was number one in Portswigger's Top 10 Web Hacking Techniques of 2024.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Absolute AppSec

By Ken Johnson and Seth Law

4.9

1717 ratings

February 11, 2025

Episode 275 - OpenGrep Summary, Secure By Design, Confusion Attacks

Listen Later

1 hour 6 minutes

Ken and Seth are back for another episode that starts with a summary of the Semgrep and OpenGrep break. This is followed by Google's recent article titled Secure By Design: Google's Blueprint for a High-Assurance Web Framework. Google is focused on protections within the browser, given their products and business, but the controls and overall process are relevant to most application security programs. Finally, a discussion of Orange Tsai's research on Confusion Attacks within Apache that was number one in Portswigger's Top 10 Web Hacking Techniques of 2024.

...more

More shows like Absolute AppSec

Risky Business by Patrick Gray

Risky Business

363 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

634 Listeners

The Scathing Atheist by Puzzle in a Thunderstorm, LLC

The Scathing Atheist

3,190 Listeners

The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch by Harry Stebbings

The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch

512 Listeners

The Skepticrat by Puzzle in a Thunderstorm, LLC

The Skepticrat

1,979 Listeners

The Application Security Podcast by Chris Romeo and Robert Hurlbut

The Application Security Podcast

36 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,836 Listeners

Techmeme Ride Home by Ride Home Media

Techmeme Ride Home

945 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

72 Listeners

My First Million by Hubspot Media

My First Million

2,602 Listeners

Cautionary Tales with Tim Harford by Pushkin Industries

Cautionary Tales with Tim Harford

5,090 Listeners

People I (Mostly) Admire by Freakonomics Radio + Stitcher

People I (Mostly) Admire

2,111 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners

Critical Thinking - Bug Bounty Podcast by Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)

Critical Thinking - Bug Bounty Podcast

47 Listeners