Friday, June 5, 2020
OWASP Podcast

Exploring the LinkedIn Algorithm

In this episode of the DevSecOps Podcast, we’re going to go off script and explore the LinkedIn algorithm. I could tie this back to DevSecOps, and how all of us need visibility for our work, or how important it...
OWASP Podcast

The Demise of Symantec by Richard Stiennon

When I read Richard Stiennon's latest article in Forbes, The Demise of Symantec, I thought it was absolutely fascinating. Richard walks through the process of what happened at Symantec, how it was an acquisition engine for so many years,...
OWASP Podcast

Equifax and the Road Ahead w/ Bryson Koehler

Equifax is trying... I mean REALLY trying... to regain your trust. The Equifax CTO and CISO delivered the keynote at DevSecOps Days during 2020 RSAC. They contributed to multiple sessions and panels during the conference. The message was consistant:...
OWASP Podcast

Making Everyone Visible in Tech – Jaclyn Damiano

If you like what you hear, you can download the entire book at sonatype.com/epicfailures As we were putting the finishing touches, getting ready to publish the latest version of Epic Failures in DevSecOps, I reread Jaclyn Damiano's chapter and was...
OWASP Podcast

How to Engage 4000 Developers in One Day

When Derek Weeks and I started All Day DevOps in 2016, we were unsure as to whether anyone would be interested.It's now four years later. Last week we had close to 37,000 people register for the event. We're still...
OWASP Podcast

Code Rush, DevOps and Google: Software in the Fast Lane

Shortly after watching the documentary, Code Rush, I met with Tara Hernandez, the hockey stick carrying lead of the Netscape project that was being documented. We sat down at the Jenkins World Conference in San Francisco to talk about...
OWASP Podcast

The Unicorn Project w/ Gene Kim

Edwards Deming went to post-war Japan in the late 1940s to help with the census. While there, he built relationships with some of the main manufacturers in the region, helping them understand the value of building quality into a...
OWASP Podcast

DevOps, DevSecOps and the Year Ahead w/ Sacha Labourey

Once a year, Sacha Labourey and I sit down to discuss the past year and what the coming year looks like for DevOps and Jenkins. As CEO of CloudBees, Sacha has broad visibility into the progress of the DevOps/DevSecOps...
OWASP Podcast

Is it time to trust Equifax again? You decide.

I was affected by it. You were affected by it. We were all affected by the Equifax breach in September 2017. The truly interesting thing about it is, Equifax wasn't the only company hit by the struts 2 vulnerability...
OWASP Podcast

2019 Global AppSec Conference DC w/ Ben Pick

OWASP supports a global conference in North America each year, bringing together the projects, teams and chapters who make this one of the largest security tribes in the world. In this episode of the DevSecOps Podcast Series, I speak...
OWASP Podcast

2019 State of the Software Supply Chain Report

The 2019 State of the Software Supply Chain Report was released on June 25th. The report is an analysis of the answers from over 5500 participants, allowing data researchers the ability to extrapolate what the most productive enterprises are...

FTC Slams Children’s App Developer for COPPA Violations

Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.
SecurityWeek

Business Services Provider Conduent Hit by Ransomware

Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators. Formed in 2017 as a divestiture from Xerox and headquartered in New Jersey, the company offers digital platforms...
SC Magazine

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a...

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
The Register

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…