Sign up to save your podcasts
Or
Share Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
View all episodes
By Security Weekly Productions
4.4
206206 ratings
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
More shows like Security Weekly Podcast Network (Audio)
View all
Security Now (Audio)
1,986 Listeners
Risky Business
364 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Hacked
180 Listeners
CyberWire Daily
1,012 Listeners
Smashing Security
316 Listeners
Click Here
405 Listeners
Darknet Diaries
7,962 Listeners
Cybersecurity Today
174 Listeners
CISO Series Podcast
190 Listeners
Hacking Humans
316 Listeners
Defense in Depth
77 Listeners
Cyber Security Headlines
128 Listeners
Risky Bulletin
43 Listeners