Sign up to save your podcasts
Or
Share Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
View all episodes
By Security Weekly Productions
4.9
1111 ratings
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
More shows like Application Security Weekly (Audio)
View all
Marketplace Tech
1,272 Listeners
Security Now (Audio)
1,982 Listeners
Marketplace
8,659 Listeners
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
636 Listeners
Motley Fool Money
3,195 Listeners
AWS Podcast
202 Listeners
Business Security Weekly (Audio)
3 Listeners
Paul's Security Weekly (Audio)
16 Listeners
Click Here
414 Listeners
Darknet Diaries
7,909 Listeners
Defense in Depth
74 Listeners
Think Fast Talk Smart: Communication Techniques
794 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,207 Listeners
Risky Bulletin
43 Listeners