DevelopSec: Developing Security Awareness

In this episode, James Jardine talks about what penetration testing, "pen testing", is and how it really has a lot of meanings to different people.  A pen test isn't something that should be consider…

In this episode James covers some thoughts on how business analysts and project managers are crucial to the security role for applications.  It doesn't take a huge change in the way work is done and …

QA plays a crucial role in testing for security flaws within applications.  They have the Proximity, Knowledge of the Application and it is an extension to the role they currently fill.  James Jardin…

Static analysis is an important part of the secure development lifecycle.  There are some things to think about when you are considering a static analysis option.  James discusses the questions in th…

Understanding baselines of our networks, applications, traffice, etc is important to identifying security issues.  James Jardine shares some thoughts on the need for these baselines and why they are …

CMS platforms are an easy way to get content to the internet, but we still have to consider security.   James talks about some of the concerns and things to think about when thinking about these secu…

I came across an interesting tweet https://twitter.com/suffert/status/567486188383379456  depicting a good example of a black list that didn't quite cover everything I think they wanted too.    This …

James talks about the need for developers, QA, business analysts and project managers to understand the type of application they are creating and the requirements around sensitive data. 

Reference Li…

I discuss the lessons learned from the recent Moonpig security disclosure.  This is full of information for a developer or QA tester.   For more information, visit https://www.developsec.com

Send us a…

Are you looking to test our your security skills?  There are lots of targets that are freely available to you that can be quite helpful.  The good news is you won't be getting in trouble for hacking …

No matter what size company you are, sooner or later you will be subject to some form of security assessment.  Whether that is a penetration test, architecture review, code review or some other asses…

Are you sure you are performing proper authorization checks everyplace?  What does Authorization even mean?  James Jardine talks about Authorization and how QA, Dev and others can reinforce its imple…

In this episode, James Jardine talks about the recent breaches regarding cloud services and whether or not we should be running for the hills.  Lets focus on the real issue, not the hype of nude phot…

In this episode, James talks about security testing... scratch that, testing.  There really is no difference between security testing and regular testing.  The app is functioning in a way it was not …

The debate is out there, which is more important.  I discuss what they are and how they both play a key role in securing an application.

Send us a text

For more info go to https://www.developsec.com or…

This episode gives a high level overview of what XSS is and why it is of concern.  Future episodes will dig deeper into the vulnerability.

Send us a text

For more info go to https://www.developsec.com …

We discuss a little about eBay and their unfortunate hack, how sourceforge has upgraded their password storage and a lot about cookies.   What are cookies, how are they used, how do we secure them.  …

In this episode, we talk about phishing.  Mass email and spear phishing.  What you should know about the topic and how to protect yourself.

Send us a text

For more info go to https://www.developsec.com…

This episode introduces the new Microsoft Threat Modeling Tool 2014.  No more requirement for Visio..  woohoo.   Lots of talk about threat modeling and its benefits.

Threat Modeling Tool 2014: http:/…

In this episode we take a look at the two hottest topics.. Windows XP End of Life and Heartbleed.  If you haven't heard of either of these, your under a rock (and you should listen).   This is not an…