DevelopSec: Developing Security Awareness

James sits down with Julien Vehent to discuss his new book "Securing DevOps" and talk about security in a devOps world. 

Julien (@jvehent) is a security architect and engineering manager with over 15 …

 The headlines are filled with credential breaches. One way to avoid being those headlines is to not store credentials. Instead, use a 3rd party to authenticate your users. While this cuts a lot of w…

In this episode James introduces us to the idea of web security policies stored in a security.txt file. We have talked about vulnerability disclosure before and this ties directly into that conversat…

In this episode, James shares a story of learning from a mistake and how we can't be right every time. Hear what he learned and how you can learn too.

 For more info go to https://www.developsec.com o…

In this episode we talk about choosing the right security tools for your environment. There are lots of vendors offering solutions to help identify security issues within our applications. The trick …

In this episode, James talks about what it means to shift left in the SDLC. 

 For more info go to https://www.developsec.com or follow us on twitter (@developsec).

 Join the conversations.. join our sl…

In this episode we talk about efail and the HYPE around security news. 

 For more info go to https://www.developsec.com or follow us on twitter (@developsec).

 Join the conversations.. join our sla…

** Check out our new Live Fundamentals of Application Security training starting on May 1, 2018. Don't wait to sign up. For schedules and information check out https://www.jardinesoftware.com/fundame…

In this episode we talk about treating security flaws as defects and embedded vs. built-in security. Do you treat security flaws differently? What barriers does that create?

 For more info go to htt…

In this episode we talk about the MyFitnessPal breach and some of the key points that we as developers, security, and users can take away from it.

 Tweet with Graph of Largest Breaches mentioned: ht…

In this episode we talk about penetration testing and what you need to know to get the most out of the activity. Tune in to hear some of our thoughts on the topic.

To take the training course survey…

In this episode we talk about secure code review with a mention of static analysis. Do you know the difference? What is the issue of doing one over the other, or just outright replacing actual code r…

In this episode James talks about 2-factor authentication, why we use it, and maybe why we don't. Is your 2-factor implementation getting in your way?

 The DevelopSec YouTube Channel - https://www.you…

The new OWASP Top 10 2017 is out. We look at some of the changes and how you can effectively use the list to better your security program.

We are also launching a new DevelopSec Live broadcast. To ch…

 James sits down with Perry Krug, from Couchbase to discuss some important steps to take to secure your database.

 Perry Krug - https://twitter.com/perrykrug

 Couchbase - https://twitter.com/couchbas…

 Welcome to 2018! Another year down and time for many of us to start making promises to ourselves of things we will start doing in this new year. In this episode James talks about some lessons we sho…

In this episode, James talks with Tim Medin regarding Meteor and security. If you develop with Meteor or have to test it, there is a lot of information packed in.

More about Tim Medin (@timmedin):

Red …

You have heard about the Apple Sign-in Bug on High Sierra. Now lets talk about how we can use this example to better our current development processes to protect ourselves.

Link to mentioned article: …

In this episode, James talks the use of 3rd party components and how to handle determining if they are vulnerable or not.

Links:
 OWASP Dependancy Check - https://www.owasp.org/index.php/OWASP_Dependen…

In this episode, James talks about open redirect and why it matters from a security perspective. He also shows how this information can be used in your personal technology use, not just in developmen…