James discusses how implementation matters with security controls and how it changes priorities. This came about after reading the following story: https://www.theverge.com/2018/12/31/18162541/vein-authentication-wax-hand-hack-starbug For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. … [Read more...] about Ep. 110: Implementation Matters
application security program
Ep. 109: 2018 Reflection
I talk about some of what happened in 2018 and what I am looking to do in 2019. I also ask you to think about your previous year and goals. I also talk about some new training I am providing. For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. … [Read more...] about Ep. 109: 2018 Reflection
Ep. 108: Dunkin Donuts Breach, Maybe?
In this episode James talk about the Dunkin Donuts Perks breach. This is an interesting situation as the accounts were access using the victim's username and password found from another data breach. The issue: Password Reuse. Could D&D have prevented this? Listen in to hear my thoughts. Please feel free to share your thoughts as well. Article from Today: https://www.today.com/food/dunkin-reveals-security-breach-here-s-what-it-may-mean-t144139 Dunkin Donuts … [Read more...] about Ep. 108: Dunkin Donuts Breach, Maybe?
Ep. 107: Credential Stuffing
In this episode James talks about what credential stuffing is, how if affects your apps, and how you can look to defend against it. For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. … [Read more...] about Ep. 107: Credential Stuffing
Ep. 106: Facebook Breach Take-aways and Insights
James talks about the Facebook breach and shares some insights into how you can take steps to prevent this type of incident in your applications. For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. … [Read more...] about Ep. 106: Facebook Breach Take-aways and Insights
Ep. 105: Interview with Eric Johnson
I sit down with Eric Johnson to talk about security in the IDE and other fun topics. A bit longer than usual, but full of great information. You can reach out to Eric on twitter @emjohn20 or check out his site at https://www.pumascan.com. For more info go to https://www.developsec.com or follow us on twitter (@developsec). DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help. … [Read more...] about Ep. 105: Interview with Eric Johnson