Sign up to save your podcasts
Or
Share Mark Curphey and John Viega -- Chalk
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Mark Curphey and John Viega -- Chalk
Mark Curphey and John Viega join Chris and Robert to explain the details of Chalk, Crash Override's new tool. Mark also talks about why ZAP departed from OWASP and joined the Software Security Project, highlighting some of the value and differences of both organizations. Open Source Software is important to the industry, but Mark calls on companies to contribute to the development and support of the projects they use.
The conversation explores the challenges faced by companies, especially large tech firms, in managing their software engineering processes. Many organizations grapple with identifying code ownership, determining code versions during incidents, and prioritizing alerts from static analysis tools. Chalk emerges as a solution to these challenges, providing clarity and reducing friction in the software development and maintenance process.
Toward the end, both speakers emphasize the importance of understanding the entire software engineering process to make informed decisions. They advocate for an "outside-in" perspective, urging listeners to step into the shoes of others and view challenges from a broader perspective. This holistic approach, they suggest, can lead to more effective decision-making in the realm of software development.
Listen until the end for book recommendations on cybersecurity, business, and personal growth.
Links:
- Crash Override: https://crashoverride.com/about/
- Chalk: https://crashoverride.com/docs/chalk/overview/
- The Software Security Project: https://softwaresecurityproject.org/
- The Open Worldwide Application Security Project (OWASP): https://owasp.org/
Books:
- Cybersecurity Myths and Misconceptions... by Eugene H. Spafford, Leigh Metcalf, and Josiah Dykstra: https://www.pearson.com/en-us/subject-catalog/p/cybersecurity-myths-and-misconceptions-avoiding-the-hazards-and-pitfalls-that-derail/P200000007269/9780137929238
- Crossing the Chasm by Geoffrey A. Moore: https://www.harpercollins.com/products/crossing-the-chasm-3rd-edition-geoffrey-a-moore?variant=32130444066850
- The Pragmatic Framework: https://www.pragmaticinstitute.com/product/framework/
- Atomic Habits by James Clear: https://jamesclear.com/atomic-habits
- Start with Why by Simon Sinek: https://simonsinek.com/books/start-with-why/
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
View all episodes
By Chris Romeo and Robert Hurlbut
5
3636 ratings
Mark Curphey and John Viega join Chris and Robert to explain the details of Chalk, Crash Override's new tool. Mark also talks about why ZAP departed from OWASP and joined the Software Security Project, highlighting some of the value and differences of both organizations. Open Source Software is important to the industry, but Mark calls on companies to contribute to the development and support of the projects they use.
The conversation explores the challenges faced by companies, especially large tech firms, in managing their software engineering processes. Many organizations grapple with identifying code ownership, determining code versions during incidents, and prioritizing alerts from static analysis tools. Chalk emerges as a solution to these challenges, providing clarity and reducing friction in the software development and maintenance process.
Toward the end, both speakers emphasize the importance of understanding the entire software engineering process to make informed decisions. They advocate for an "outside-in" perspective, urging listeners to step into the shoes of others and view challenges from a broader perspective. This holistic approach, they suggest, can lead to more effective decision-making in the realm of software development.
Listen until the end for book recommendations on cybersecurity, business, and personal growth.
Links:
- Crash Override: https://crashoverride.com/about/
- Chalk: https://crashoverride.com/docs/chalk/overview/
- The Software Security Project: https://softwaresecurityproject.org/
- The Open Worldwide Application Security Project (OWASP): https://owasp.org/
Books:
- Cybersecurity Myths and Misconceptions... by Eugene H. Spafford, Leigh Metcalf, and Josiah Dykstra: https://www.pearson.com/en-us/subject-catalog/p/cybersecurity-myths-and-misconceptions-avoiding-the-hazards-and-pitfalls-that-derail/P200000007269/9780137929238
- Crossing the Chasm by Geoffrey A. Moore: https://www.harpercollins.com/products/crossing-the-chasm-3rd-edition-geoffrey-a-moore?variant=32130444066850
- The Pragmatic Framework: https://www.pragmaticinstitute.com/product/framework/
- Atomic Habits by James Clear: https://jamesclear.com/atomic-habits
- Start with Why by Simon Sinek: https://simonsinek.com/books/start-with-why/
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More shows like The Application Security Podcast
View all
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,020 Listeners
Thoughtworks Technology Podcast
43 Listeners
Darknet Diaries
8,064 Listeners
Application Security Weekly (Audio)
13 Listeners
Application Security Weekly (Video)
4 Listeners
Cybersecurity Today
179 Listeners
CISO Series Podcast
189 Listeners
The Peter Attia Drive
8,506 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
139 Listeners
Risky Bulletin
44 Listeners
The Rundown
413 Listeners
The Security Table
2 Listeners