Episode 168 - Secure Code Review, Package Confusion, Privacy Acts

What's that sound?! Could it be the Absolute AppSec train coming 'round the bend, set to deliver
@cktricky and @sethlaw's timely takes on Application Security news?! This episode starts with an in-depth discussion about secure code review techniques based on a recent twitter thread. Further topics include more software supply chain attacks based on package confusion, the proliferation of state privacy acts, handling of bug bounty issues, and a review of the recently-patched GitLab critical security flaw.