Welcome to the 15th episode of our Security Culture Campaign! On today’s show Matt Konda discusses Zoom Security.We wrote a longread blog post about Zoom security earlier this week; but given the attention around Zoom and all the questions we

#SecurityCulture: OWASP Juice Shop

Apr 9th, 2020 1m 18s

Welcome to the 14th episode of our Security Culture Campaign! On today’s show Matt Konda discusses OWASP Juice Shop.The OWASP Juice Shop is an amazing resource for both developers and folks working in application security(or those interested

#SecurityCulture: Least Privilege

Apr 3rd, 2020 2m 5s

Welcome to the 13th episode of our Security Culture Campaign! On today’s show Matt Konda discusses least privilege.Least Privilege is at first glance obvious and self defining. It means only giving users the access they actually need to perfo

#SecurityCulture: Adversaries

Mar 26th, 2020 2m 19s

Welcome to the 12th episode of our Security Culture Campaign! On today’s show Matt Konda discusses adversaries and some of the things they might be thinking about as they come at you in the real world.For example, adversaries are engaging in

#SecurityCulture: Security and Working Remotely

Mar 19th, 2020 2m 34s

Welcome to the 11th episode of our Security Culture Campaign! On today’s show Matt Konda discusses remote work and security.We put together a checklist for securing your remote work environment that you can download and use across your teams.

#SecurityCulture: Vulnerable Dependencies

Mar 12th, 2020 1m 48s

Welcome to the 10th episode of our Security Culture Campaign! On today’s show Matt Konda talks vulnerable dependencies.When we build software, we use lots of libraries that we didn’t write. They could be open source, they could be commercial,

#SecurityCulture: Passwords and Password Managers

Mar 5th, 2020 1m 35s

Welcome to the 9th episode of our Security Culture Campaign! On today’s show Matt Konda talks passwords and password managers.The first thing to know is that weak passwords are often the easiest way to get access to information.People:Choo

#SecurityCulture: Authorization Testing

Feb 27th, 2020 1m 37s

Welcome to the 8th episode of our Security Culture Campaign! On today’s show Matt Konda talks testing for Authorization.Authorization is the idea that a user can only do what they should be able to based on their role. It is synonymous with a

#SecurityCulture: Secrets

Feb 20th, 2020 1m 20s

Welcome to the 7th episode of our Security Culture Campaign! On today’s show Matt Konda talks Secrets.A secret is anything that is used in a running system as a way to prove that you are who you say you are.A secret could be:Database Pass

#SecurityCulture: Static Analysis

Feb 13th, 2020 1m 52s

Welcome to the 6th episode of our Security Culture Campaign! On today’s show Matt Konda talks Static Analysis.There are a lot of static analysis tools out there. The simplest might be eslint , for which there are even security rulesets - the

#SecurityCulture: Patching

Feb 6th, 2020 1m 23s

Welcome to the 5th episode of our Security Culture Campaign! On today’s show Matt Konda talks Patching. Patching is the process of updating software.The takeaway is: we need to patch our systems even though we think it is a pain. This is a

#SecurityCulture: Gift Card Scams

Jan 30th, 2020 1m 40s

Welcome to the 4th episode of our Security Culture Campaign! On today’s show Matt Konda talks Gift Card Scams. This topic is less technical and more social engineering focused, but it is relevant to developers and general audiences alike.Clic

#SecurityCulture: Injection

Jan 23rd, 2020 1m 32s

Welcome to the third episode of our Security Culture Campaign! On today’s show Matt Konda talks Injection, which is a serious class of vulnerability that can happen in any language.Click here for the associated YouTube video.Injection happe

#SecurityCulture: OWASP

Jan 16th, 2020 1m 44s

Welcome to the second episode of our Security Culture Campaign! On today’s show Matt Konda introduces OWASP.Click here for the associated YouTube video.OWASP resources include:The Top 10ASVSTesting GuidesProactive ControlsGlue

#SecurityCulture: Intro

Jan 13th, 2020 50s

Welcome to the first episode of our Security Culture Campaign! On today’s show Matt Konda introduces the campaign and why we’re doing it.Click here for the associated YouTube video.The Jemurai Security Culture Campaign Series will be a stre

Cybersecurity for SMBs and Startups

Jul 30th, 2019 56m 29s

Welcome to the third episode of Not Insecure! On today’s show Matt Konda, Joe Kerby and Keely Caldwell discuss cybersecurity for small to medium sized companies and startups.Topics:Most small companies are not doing anything for security. W

Pushing Left

Jul 19th, 2019 43m 41s

Welcome to the second episode of Not Insecure! On today’s show Matt Konda, Joe Kerby and Keely Caldwell discuss “pushing left”.Quick kudos to:Josh Corman / James Wickett for Rugged and Rugged DevOpsMark Miller / Shannon Leitz / Matt Tesa

The Ins and Outs of Building a Security Product

Jun 11th, 2019 33m 45s

Welcome to the first episode of Not Insecure! On today’s show Matt Konda, Joe Kerby and Keely Caldwell discuss being a developer and product manager in the cybersecurity field, what we’ve learned building security tools, what small businesses s

Rate