Sign up to save your podcasts
Or
Share Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
View all episodes
By Mike Shema
4.9
1212 ratings
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
More shows like Application Security Weekly (Audio)
View all
Security Now (Audio)
2,007 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Risky Business
376 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,026 Listeners
The Application Security Podcast
36 Listeners
Business Security Weekly (Audio)
3 Listeners
Click Here
420 Listeners
Darknet Diaries
8,051 Listeners
Cybersecurity Today
179 Listeners
CISO Series Podcast
192 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
136 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
167 Listeners