Phillip Wylie Show

Introducing Amass v4.0 and the OAM: A Conversation with Jeff Foley


Listen Later

About The Guest

Jeff Foley is a security researcher and the Vice President of Research for ZeroFOX. He is also the project leader for OWASP Amass, a project focused on external cybersecurity. Jeff has a strong background in computer science and has been involved in the information security industry for many years.

Summary

In this episode, Jeff Foley discusses the evolution of OWASP Amass, a project he leads that focuses on external cybersecurity. He explains how he got started in information security and coding, and how his passion for automation led him to create Amass. Jeff also introduces the Open Asset Model (OAM), a new data model that allows users to represent and analyze the data collected by Amass. He highlights the importance of having visibility on one's attack surface and the need for a unified format to communicate about exposed assets on the internet. Jeff shares his plans for the future of Amass, including expanding the taxonomy and collection capabilities, and involving the community in the development process.


Key Takeaway

  • OWASP Amass is a project focused on external cybersecurity and provides visibility on exposed assets on the internet.
  • The Open Asset Model (OAM) is a new data model introduced in Amass version 4.0, which allows users to represent and analyze the collected data in a unified format.
  • The OAM aims to create a standard and unified way of communicating about attack surfaces and to make it easier for users to understand and analyze the data.
  • Amass is evolving to include more asset types and relationships, and the team is developing a collection engine to keep up with the expanding taxonomy.
  • The project welcomes contributions from the community and encourages users to get involved and provide feedback.

  • Quotes

    • "You can't be protecting things if you don't know they're there." - Jeff Foley
    • "The Open Asset Model is about creating a standard and unified way of communicating about exposed assets on the internet." - Jeff Foley


    • Socials and resources

      - Twitter: @jeff_foley

      - Amass Twitter: @owaspamass

      - GitHub: https://github.com/caffix

      - Amass GitHub: https://github.com/owasp-amass

      - Mastodon: @[email protected]

      - Amass Mastodon: @[email protected]

      - LinkedIn: https://www.linkedin.com/in/caffix/

      - OWASP Amass: https://owasp.org/www-project-amass/

      - Amass Discord: https://discord.gg/HNePVyX3cp



      ...more
      View all episodesView all episodes
      Download on the App Store

      Phillip Wylie ShowBy Phillip Wylie

      • 4.9
      • 4.9
      • 4.9
      • 4.9
      • 4.9

      4.9

      17 ratings


      More shows like Phillip Wylie Show

      View all
      SpyCast by SpyCast

      SpyCast

      1,511 Listeners

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      366 Listeners

      Hacked by Hacked

      Hacked

      183 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,009 Listeners

      Smashing Security by Graham Cluley

      Smashing Security

      312 Listeners

      Click Here by Recorded Future News

      Click Here

      415 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,913 Listeners

      Modern Wisdom by Chris Williamson

      Modern Wisdom

      3,815 Listeners

      CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

      CISO Series Podcast

      189 Listeners

      My First Million by Hubspot Media

      My First Million

      2,624 Listeners

      All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

      All-In with Chamath, Jason, Sacks & Friedberg

      9,236 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      127 Listeners

      Risky Bulletin by risky.biz

      Risky Bulletin

      43 Listeners

      Hacker And The Fed by Chris Tarbell & Hector Monsegur

      Hacker And The Fed

      167 Listeners

      The Peter Zeihan Podcast Series by Peter Zeihan

      The Peter Zeihan Podcast Series

      401 Listeners