Sign up to save your podcasts
Or
Share In Search of Secure Design - ASW #325
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
In Search of Secure Design - ASW #325
We have a top ten list entry for Insecure Design, pledges to CISA's Secure by Design principles, and tons of CVEs that fall into familiar categories of flaws. But what does it mean to have a secure design and how do we get there? There are plenty of secure practices that orgs should implement are supply chains, authentication, and the SDLC. Those practices address important areas of risk, but only indirectly influence a secure design. We look at tactics from coding styles to design councils as we search for guidance that makes software more secure.
Segment resources
- https://owasp.org/Top10/A042021-InsecureDesign/
- https://www.cisa.gov/securebydesign/pledge
- https://www.cisa.gov/securebydesign
- https://kccnceu2025.sched.com/event/1xBJR/keynote-rust-in-the-linux-kernel-a-new-era-for-cloud-native-performance-and-security-greg-kroah-hartman-linux-kernel-maintainer-fellow-the-linux-foundation
- https://newsletter.pragmaticengineer.com/p/how-linux-is-built-with-greg-kroah
- https://daniel.haxx.se/blog/2025/04/07/writing-c-for-curl/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-325
View all episodes
By Security Weekly Productions
4.9
1212 ratings
We have a top ten list entry for Insecure Design, pledges to CISA's Secure by Design principles, and tons of CVEs that fall into familiar categories of flaws. But what does it mean to have a secure design and how do we get there? There are plenty of secure practices that orgs should implement are supply chains, authentication, and the SDLC. Those practices address important areas of risk, but only indirectly influence a secure design. We look at tactics from coding styles to design councils as we search for guidance that makes software more secure.
Segment resources
- https://owasp.org/Top10/A042021-InsecureDesign/
- https://www.cisa.gov/securebydesign/pledge
- https://www.cisa.gov/securebydesign
- https://kccnceu2025.sched.com/event/1xBJR/keynote-rust-in-the-linux-kernel-a-new-era-for-cloud-native-performance-and-security-greg-kroah-hartman-linux-kernel-maintainer-fellow-the-linux-foundation
- https://newsletter.pragmaticengineer.com/p/how-linux-is-built-with-greg-kroah
- https://daniel.haxx.se/blog/2025/04/07/writing-c-for-curl/
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-325
More shows like Application Security Weekly (Audio)
View all
Security Now (Audio)
1,998 Listeners
Risky Business
369 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
CyberWire Daily
1,017 Listeners
Business Security Weekly (Audio)
3 Listeners
The Application Security Podcast
36 Listeners
Click Here
416 Listeners
Darknet Diaries
7,958 Listeners
Cybersecurity Today
174 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
169 Listeners