Episode 47 - Application Security Special
In this AWS TechChat - Application Security Edition, Shane chats with Gabe about all things application security, providing a crash course for the builder in all of us. They start the show with some level setting to set the scene, introducing the Top 10 OWASP (Open Web Application Security Project) before moving on to CVE's (Common Vulnerabilities and Exposures). They then move up the stack to Layer 7 and speak about AWS WAF, which is our web application firewall that helps protect your web applications from common web exploits and how you can use AWS WAF to mitigate against OWASP Top 10 risks as well as how you can leverage managed rule sets for common COTS (Commercial off-the-shelf) applications. Lastly, introducing Amazon Inspector - an automated security assessment service that helps shine a light on the security and compliance of applications deployed on Amazon EC2 by detecting CVE's and instance drift again CIS standards.