Sign up to save your podcasts
Or
Share Node.js Secure Coding - Oliver Tavakoli, Chris Thomas, Liran Tal - ASW #286
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Node.js Secure Coding - Oliver Tavakoli, Chris Thomas, Liran Tal - ASW #286
Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.
Segment resources:
- https://github.com/lirantal
- https://cheatsheetseries.owasp.org/cheatsheets/NPMSecurityCheat_Sheet.html
- https://lirantal.com/blog/poor-express-authentication-patterns-nodejs
The challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design principles of our XDR platform deal with this challenge and how GenAI impacts this perspective.
Segment Resources:
-
Vectra AI Platform Video: https://vimeo.com/916801622
-
Blog: https://www.vectra.ai/blog/what-is-xdr-the-promise-of-xdr-capabilities-explained
-
Blog: https://www.vectra.ai/blog/xdr-explored-the-evolution-and-impact-of-extended-detection-and-response
-
MXDR Calculator: https://www.vectra.ai/calculators/mxdr-value-calculator
This segment is sponsored by Vectra AI. Visit https://securityweekly.com/vectrarsac to learn more about them!
In this interview, we will discuss the network security challenges of business applications and how they can also be the solution. AlgoSec has spent over two decades tackling tough security issues in some of the world’s most complex networks. Now, they’re applying their expertise to hybrid networks—where customers are combining their on-premise resources along with multiple cloud providers.
Segment Resources: https://www.algosec.com/resources/
This segment is sponsored by AlgoSec. Visit https://securityweekly.com/algosecrsac to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-286
View all episodes
By Security Weekly Productions
4.9
1212 ratings
Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.
Segment resources:
- https://github.com/lirantal
- https://cheatsheetseries.owasp.org/cheatsheets/NPMSecurityCheat_Sheet.html
- https://lirantal.com/blog/poor-express-authentication-patterns-nodejs
The challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design principles of our XDR platform deal with this challenge and how GenAI impacts this perspective.
Segment Resources:
-
Vectra AI Platform Video: https://vimeo.com/916801622
-
Blog: https://www.vectra.ai/blog/what-is-xdr-the-promise-of-xdr-capabilities-explained
-
Blog: https://www.vectra.ai/blog/xdr-explored-the-evolution-and-impact-of-extended-detection-and-response
-
MXDR Calculator: https://www.vectra.ai/calculators/mxdr-value-calculator
This segment is sponsored by Vectra AI. Visit https://securityweekly.com/vectrarsac to learn more about them!
In this interview, we will discuss the network security challenges of business applications and how they can also be the solution. AlgoSec has spent over two decades tackling tough security issues in some of the world’s most complex networks. Now, they’re applying their expertise to hybrid networks—where customers are combining their on-premise resources along with multiple cloud providers.
Segment Resources: https://www.algosec.com/resources/
This segment is sponsored by AlgoSec. Visit https://securityweekly.com/algosecrsac to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-286
More shows like Application Security Weekly (Audio)
View all
Security Now (Audio)
2,001 Listeners
Risky Business
369 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
CyberWire Daily
1,017 Listeners
Business Security Weekly (Audio)
4 Listeners
The Application Security Podcast
36 Listeners
Click Here
414 Listeners
Darknet Diaries
7,971 Listeners
Cybersecurity Today
176 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
168 Listeners