Sign up to save your podcasts
Or
Share Helping Secure OSS Software - Alvaro Munoz - ASW #189
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Helping Secure OSS Software - Alvaro Munoz - ASW #189
Past research such as JNDI Injection, Unsafe deserialization, Struts RCEs - OSS security: CodeQL, Dependabot, collaboration between researchers and developers, OWASP Top Ten Proactive Controls, CVD for OSS
Segment Resources:
- [Write more secure code with the OWASP Top 10 Proactive Controls] https://github.blog/2021-12-06-write-more-secure-code-owasp-top-10-proactive-controls/
- [An analysis on developer-security researcher interactions in the vulnerability disclosure process] https://github.blog/2021-09-09-analysis-developer-security-researcher-interactions-vulnerability-disclosure/
- [Building security researcher and developer collaboration] https://www.securitymagazine.com/articles/97066-how-to-build-security-researcher-and-software-developer-collaboration
- [Coordinated vulnerability disclosure (CVD) for open source projects] https://github.blog/2022-02-09-coordinated-vulnerability-disclosure-cvd-open-source-projects/
- [GitHub Advisory Database now open to community contributions] https://github.blog/2022-02-22-github-advisory-database-now-open-to-community-contributions/
- [Blue-teaming for Exiv2: creating a security advisory process] https://github.blog/2021-11-02-blue-teaming-create-security-advisory-process/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw189
View all episodes
By Security Weekly
4.8
44 ratings
Past research such as JNDI Injection, Unsafe deserialization, Struts RCEs - OSS security: CodeQL, Dependabot, collaboration between researchers and developers, OWASP Top Ten Proactive Controls, CVD for OSS
Segment Resources:
- [Write more secure code with the OWASP Top 10 Proactive Controls] https://github.blog/2021-12-06-write-more-secure-code-owasp-top-10-proactive-controls/
- [An analysis on developer-security researcher interactions in the vulnerability disclosure process] https://github.blog/2021-09-09-analysis-developer-security-researcher-interactions-vulnerability-disclosure/
- [Building security researcher and developer collaboration] https://www.securitymagazine.com/articles/97066-how-to-build-security-researcher-and-software-developer-collaboration
- [Coordinated vulnerability disclosure (CVD) for open source projects] https://github.blog/2022-02-09-coordinated-vulnerability-disclosure-cvd-open-source-projects/
- [GitHub Advisory Database now open to community contributions] https://github.blog/2022-02-22-github-advisory-database-now-open-to-community-contributions/
- [Blue-teaming for Exiv2: creating a security advisory process] https://github.blog/2021-11-02-blue-teaming-create-security-advisory-process/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw189
More shows like Application Security Weekly (Video)
View all
Security Now (Audio)
1,965 Listeners
Security Weekly Podcast Network (Audio)
206 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
The Changelog: Software Development, Open Source
285 Listeners
Freakonomics Radio
31,928 Listeners
The Lawfare Podcast
6,279 Listeners
Accidental Tech Podcast
2,093 Listeners
CyberWire Daily
1,012 Listeners
The Application Security Podcast
36 Listeners
Darknet Diaries
7,842 Listeners
Kubernetes Podcast from Google
180 Listeners
Hacking Humans
311 Listeners
Self-Hosted
135 Listeners
Cloud Security Podcast
55 Listeners