This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Το περιεχόμενο παρέχεται από το no dogma podcast and Bryan Hogan. Όλο το περιεχόμενο podcast, συμπεριλαμβανομένων των επεισοδίων, των γραφικών και των περιγραφών podcast, μεταφορτώνεται και παρέχεται απευθείας από τον no dogma podcast and Bryan Hogan ή τον συνεργάτη της πλατφόρμας podcast. Εάν πιστεύετε ότι κάποιος χρησιμοποιεί το έργο σας που προστατεύεται από πνευματικά δικαιώματα χωρίς την άδειά σας, μπορείτε να ακολουθήσετε τη διαδικασία που περιγράφεται εδώ https://el.player.fm/legal.
Παρόμοιες με no dogma podcast
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Εφαρμογή podcast
Πηγαίνετε εκτός σύνδεσης με την εφαρμογή Player FM !
Πηγαίνετε εκτός σύνδεσης με την εφαρμογή Player FM !
))
#170 Tanya Janca, Building Security Into Software
Manage episode 354076635 series 2414914
Το περιεχόμενο παρέχεται από το no dogma podcast and Bryan Hogan. Όλο το περιεχόμενο podcast, συμπεριλαμβανομένων των επεισοδίων, των γραφικών και των περιγραφών podcast, μεταφορτώνεται και παρέχεται απευθείας από τον no dogma podcast and Bryan Hogan ή τον συνεργάτη της πλατφόρμας podcast. Εάν πιστεύετε ότι κάποιος χρησιμοποιεί το έργο σας που προστατεύεται από πνευματικά δικαιώματα χωρίς την άδειά σας, μπορείτε να ακολουθήσετε τη διαδικασία που περιγράφεται εδώ https://el.player.fm/legal.
Summary
Tanya Janca talks about fixing your developer process so that security is part of the life cycle.
Details
Who she is, what she does. Becoming a penetration tester. Being a developer advocated. Adding security at the end of the software development life cycle; people wish there was a silver bullet for security. "We're secure, we don't need to test our security". Security should start at the project kickoff. Who owns security, the devs or the security team; getting authority and responsibility. Choosing what to fix; likelihood, potential losses, cost. Security stories during development iterations. Security gets in the way. Feature switches to turn off security in dev environments. Negotiating about what to fix; working around the process. Should security programming be a specialty. Don't build a tool if you can buy it. Copy pasting your way into trouble; Stack Overflow has a security section now; team to build core security tools. Buying services for authentication/authorization. Communicating with other applications. Why no HTTPS. Why encryption at rest when data is in the cloud. Security testing - static analysis, dependencies vulnerabilities, dynamic analysis. Security tools.
Full show notes
@SheHacksPurple
SheHacksPurple
Tanya's music
We Hack Purple
Why No HTTPS
Other Security Podcast Episodes
173 επεισόδια
Μοίρασέ το
Manage episode 354076635 series 2414914
Το περιεχόμενο παρέχεται από το no dogma podcast and Bryan Hogan. Όλο το περιεχόμενο podcast, συμπεριλαμβανομένων των επεισοδίων, των γραφικών και των περιγραφών podcast, μεταφορτώνεται και παρέχεται απευθείας από τον no dogma podcast and Bryan Hogan ή τον συνεργάτη της πλατφόρμας podcast. Εάν πιστεύετε ότι κάποιος χρησιμοποιεί το έργο σας που προστατεύεται από πνευματικά δικαιώματα χωρίς την άδειά σας, μπορείτε να ακολουθήσετε τη διαδικασία που περιγράφεται εδώ https://el.player.fm/legal.
Summary
Tanya Janca talks about fixing your developer process so that security is part of the life cycle.
Details
Who she is, what she does. Becoming a penetration tester. Being a developer advocated. Adding security at the end of the software development life cycle; people wish there was a silver bullet for security. "We're secure, we don't need to test our security". Security should start at the project kickoff. Who owns security, the devs or the security team; getting authority and responsibility. Choosing what to fix; likelihood, potential losses, cost. Security stories during development iterations. Security gets in the way. Feature switches to turn off security in dev environments. Negotiating about what to fix; working around the process. Should security programming be a specialty. Don't build a tool if you can buy it. Copy pasting your way into trouble; Stack Overflow has a security section now; team to build core security tools. Buying services for authentication/authorization. Communicating with other applications. Why no HTTPS. Why encryption at rest when data is in the cloud. Security testing - static analysis, dependencies vulnerabilities, dynamic analysis. Security tools.
Full show notes
@SheHacksPurple
SheHacksPurple
Tanya's music
We Hack Purple
Why No HTTPS
Other Security Podcast Episodes
173 επεισόδια
Όλα τα επεισόδια
×
Καλώς ήλθατε στο Player FM!
Το FM Player σαρώνει τον ιστό για podcasts υψηλής ποιότητας για να απολαύσετε αυτή τη στιγμή. Είναι η καλύτερη εφαρμογή podcast και λειτουργεί σε Android, iPhone και στον ιστό. Εγγραφή για συγχρονισμό συνδρομών σε όλες τις συσκευές.
Παρόμοιες με no dogma podcast
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Εφαρμογή podcast
Πηγαίνετε εκτός σύνδεσης με την εφαρμογή Player FM !
Πηγαίνετε εκτός σύνδεσης με την εφαρμογή Player FM !
