Sign up to save your podcasts
Or
Share Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
View all episodes
By Security Weekly Productions
4.9
1212 ratings
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users.
The better question is, "What do you want to secure?"
We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties.
Resources:
- https://cybersecurityframework.io
- https://owasp.org/www-project-cheat-sheets/
- https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
- https://aflplus.plus/
- https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-339
More shows like Application Security Weekly (Audio)
View all
Security Now (Audio)
2,007 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
650 Listeners
CyberWire Daily
1,031 Listeners
The Application Security Podcast
36 Listeners
Business Security Weekly (Audio)
3 Listeners
Click Here
420 Listeners
Darknet Diaries
8,116 Listeners
Cybersecurity Today
176 Listeners
CISO Series Podcast
191 Listeners
Defense in Depth
74 Listeners
Cybersecurity Headlines
138 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
168 Listeners