securecode

Vandana Verma, Security Leader at Snyk and vice-chairperson of the OWASP Global Board of directors, discusses the "OWASP top 10" with host Priyanka Raghavan. The discussion explores various subtopics such as the history behind OWASP, the OWASP top 10 security risks, example of common vulnerabilities and ends with information on top projects in OWASP and how can contribute to it.

Today we are going to be talking about - OWASP Threat Dragon - and our guests are Mike Goodwin, the founder, and Jon Gadsden, a major contributor to the project. 

Threat Dragon is a popular, free tool used for threat modeling, including diagramming, threat identification, mitigation and report generation. 

Mike is the VP of Product Security and Architecture and Technical Fellow at Sage Software - a FTSE100 company providing accounting, payroll and HR software to businesses in 23 countries worldwide. After short careers as an academic and then as a nuclear engineer, Mike settled into software development about 20 years ago working for a startup, a government corporation and now the UKs largest tech company. After developing an interest in security during a large cloud migration project, Mike moved to a full-time security role six years ago to help build Sage's AppSec program.

Jon is a software engineer with ForgeRock in Bristol, a company that provides Identity and Access Management services. Jon splits his time between security engineering and embedded C/C++ development - he says that he likes it this way because it reminds him that developers are under time pressure and that security engineers require a whole load of tact. Jon has been involved with the open source software community since Linux 2.0.28, and his latest project is helping with Cupcake's OWASP Threat Modeling project.

OWASP Threat Dragon Project Page

• https://owasp.org/www-project-threat-dragon/

Mike's Medium Article

• https://medium.com/sagefuturemakers/real-world-threat-modelling-fb14ef767c49

Mike and Jon are interviewed by Shayne Morgan and John L. Whiteman

Follow us, join us, be us:

• https://owasp.org/www-chapter-portland/
• https://twitter.com/portlandowasp?lang=en
• https://www.meetup.com/OWASP-Portland-Chapter
• https://www.linkedin.com/groups/4223013/
• https://www.youtube.com/channel/UCYDkARIRTaeiP-o19tSWZfw

Due to Covid-19 many consumers have fled to online marketplaces, so how do you manage fraud in a Post-Covid online world?
 
Frontline workers can no longer wait two to four weeks for their pay period, so what are ISVs doing to help meet the needs of everyday employees?

Our expert guest Jim Battista, Founder of MAPP Advisors, gives us insight on how portfolio optimization is more critical now than ever.

Welcome back to the OWASP PDX Podcast 

Today, we're talking with none other than Mark Curphey, the founder of OWASP. 

Mark is also founder and CEO of SourceClear. And, as we just learned this week, cofounder of his new venture Open Raven. 

Mark moved to the U.S. in 2000 to join Internet Security Systems (now a part of IBM), and later held roles. including director of application security at Charles Schwab, VP of Professional Services at Foundstone McAfee and lead the security tools team at Microsoft. Mark holds a Masters of Information Security at Royal Holloway University. He's an avid cyclist and currently resides with his family in the San Francisco Bay Area. 

Check out his other podcast interview this week with the fine folks at security voices:

https://www.securityvoices.org/

Mark is interviewed by John L. Whiteman  


Follow us, join us:

• https://twitter.com/portlandowasp?lang=en
• https://www.meetup.com/OWASP-Portland-Chapter
• https://www.linkedin.com/groups/4223013/

Today we'll be talking with Aaron and Ray.  

Aaron is an Application Security Engineer with almost 10 years of experience. His unorthodox career path has led to many unique insights in the security industry.

Ray is a life coach and conspiracy theorist. He does AppSec in his non-spare time for money.

Both are insightful and brutally honest appsec bloggers for their website:

hella-secure.com

We're going to be talking about Application Security. It's Really About the Code! 

Aaron and Ray are interviewed by John L. Whiteman

Follow us, join us:

• https://twitter.com/portlandowasp?lang=en
• https://www.meetup.com/OWASP-Portland-Chapter
• https://www.linkedin.com/groups/4223013/

Matias Madou is the CTO of Secure Code Warrior where he is responsible for leading the company’s technology vision and overseeing the engineering team. He joins Keith this week for the feature interview!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode03 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly

Matias Madou is the CTO of Secure Code Warrior where he is responsible for leading the company’s technology vision and overseeing the engineering team. He joins Keith this week for the feature interview!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode03 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly

Visit our website: http://securityweekly.com

Follow us on Twitter: https://www.twitter.comsecurityweekly