ASW #229 - Nick Selby

Organizations spend hundreds of work hours to build applications and services that will benefit customers and employees alike. Whether the application/service is externally facing or for internal use only, it is mandatory to identify and understand the scope of potential cyber risks and threats it poses to the organization. But where and how do you start with an accurate threat model? Nick can discuss how to approach this and create a model that's useful to security and developers alike. Segment Resources https://github.com/trailofbits/publications/blob/master/reviews/2022-12-curl-threatmodel.pdf   Reddit's breach disclosure, simple vulns in Toyota's web portals, OpenSSL vulns, voting results for Portswigger's top 10 web hacking techniques of 2022, tiny IoT cryptography implementations, real world migration of a million lines of code    Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/asw229

Om Podcasten

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!