November’s ASW turned into Adrian Sanabria Weekly!

SW logo

Episode 306

The month kicked off with Grant McCracken discussing bug bounties and a modern approach to pentesting. While I would still love to see the costs of fixing flaws, seeing the costs of security flaws quantified through bounties is always eye-opening. Plus, it’s always good to see other approaches to security testing that carry a more predictable budget. Now if only those bugs didn’t make it to production in the first place…

Episode 307

Melinda Marks returned to the show to talk about what modern appsec practices look like and why appsec needs to catch up to how modern apps are created. Unsurprisingly, “cloud native” comes up in the conversation, but there are important nods to orgs stuck with figuring out how to keep their legacy apps alive.

This also had a fun news segment with John Kinsella that covered everything from a very-minimum-max-critical bug to infotainment vulns to demastering pop punk like it was meant to be. (Special shout out to Adrian for keeping a music-related theme going for the show.)

Episode 308

The month wrapped up with the biometric frontiers of security, resiliency, and privacy. Adrian spoke with Andras Cser and Enza Iannopollo on the benefits of biometrics and steps to keeping them secure.

This episode also had a news segment with a ton of articles that I would have had strong reactions to, from LLMs doing everything! (lol, no) to safer C++ (positive performance, but pessimistic prospects for the language overall).

Subscribe to ASW to find these episodes and more! Also check out the October 2024 recap.

ASW on Apple Podcasts