Good podcast? Give it some love!
Contrast Security
Inside AppSecEpisodes
Episodes of Inside AppSec
Mark All
Search Episodes...
CISA recently introduced binding order 22-01 to remediate known vulnerabilities. The order requires federal agencies to remediate vulnerabilities that are actively exploited, or potentially lose their authority to operate.We talk with former go
Forrester predicts that 25% of developers will be using serverless technologies by the end of next year. There are a lot of benefits from serverless applications: faster release cycles, lower infrastructure costs, and improved efficiencies. Yet
Software development is a core component of digital transformation, and the use of serverless technologies is helping to accelerate release cycles to new heights. A panel of serverless application security experts discuss key findings and insig
Contrast Labs was a fledgling organization just a few years ago when Contrast’s CISO David Lindner took on the mantle of leadership. Today, Contrast Labs is a pivotal linchpin—threat modeling to protect Contrast’s network, applications, users,
Cybersecurity adheres to the belief that the more results you can generate, the better your security model. This is certainly true in the application security space, where the more alerts that are generated, the better an organization's securit
The 2021 OWASP Top Ten was a huge research and analytical undertaking involving over 500,000 applications and 200 CWEs. The amount of data analyzed was upwards of 4x greater than what was used for the 2017 OWASP Top Ten release. OWASP Top Ten C
The 2021 OWASP Top Ten contains some significant changes, including several additions. Understanding what changed and why they changed is important for application security professionals. This Inside AppSec Podcast features Contrast Security's
The number of vulnerabilities per application in the May-June Bimonthly Application Security Intelligence Report from Contrast Labs remained flat, but the number of serious vulnerabilities jumped. This Inside AppSec Podcast conversation discuss
The more application security debt an organization carries, the greater the risk and operational inefficiencies. Contrast Security's CTO and Co-founder Jeff Williams and CISO David Lindner reflect on security debt findings in Contrast's 2021 Ap
The percentage of applications with serious vulnerabilities increased significantly over the past year. However, vulnerability prevalence varied across vulnerability type. Knowing which ones are the most prevalent and with the greatest likeliho
If anything, the recent software supply chain attacks demonstrate the interconnectivity of modern software and the exponential risk one successful exploit poses to thousands of organizations worldwide. Contrast Security's annual 2021 Applicatio
The March–April 2021 Bimonthly AppSec Intelligence Report from Contrast Labs pegs the overall RiskScore Index at 5.06, the lowest since July 2020. This should be good news, especially with the percentage of applications with a serious vulnerabi
Contrast Labs’ Director of Security Research Matt Austin discovered a Remote Code Execution (RCE) vulnerability in Microsoft Teams that could have exposed the Microsoft Teams software supply chain to a malicious exploit that could have impacted
Incumbent legacy static analysis approaches employ large rule sets to look for code quality issues that require lengthy scan processes and generate large piles of findings—many of which are false positives. Contrast Security's Chief Strategy Of
Contrast Security’s 2021 State of Application Security in Financial Services Report canvasses a number of topics related to application security in financial services such as how the rapid adoption of DevOps/Agile in financial services is outpa
The recent Contrast Security 2021 Open-source Security Report reveals real-world (and previously undiscovered) aspects about open-source library usage and the risks associated with it. Legacy approaches to open-source security generate alert no
Use of open-source frameworks and libraries offers organizations added scale—the ability to achieve the speed and efficiency demanded by the modern software development life cycle (SDLC). Yet, there are various differences in open-source librar
2021 is the year of the software supply chain when it comes to cyber risks. Thousands of organizations have been repeatedly hit from multiple points across the software factory attack surface. The January-February 2021 Contrast Labs Bimonthly A
Go is an open-source programming language that makes it easy to build simple, reliable, and efficient software across various operating systems. But until now, developers and application security specialists were stuck using legacy application
The metrics many organizations use today to measure the success of their application security programs fail to capture risks that matter to the business and incentivize the wrong outcomes. A comprehensive approach to DevSecOps that uses metrics
Traditional perimeter-defense solutions sit outside of applications in production and lack deep insights about applications to more precisely identify potential attacks. The resulting "guessing game" produces high numbers of alerts. Contrast Se
Breaking Down Findings & Insights From Contrast Security's 2021 State of Open-source Security Report
Much attention has been given to the software supply chain over the past several months due to the SolarWinds hack. Open-source libraries are a critical part of the software supply chain, and they can pose serious risk if they are not monitored
Kenna Security explores detailed data trends for vulnerabilities in the wild, including those found in applications, in its Prioritization to Prediction research series. The company's research includes attack data that is overlaid on top of the
The list of organizations with applications that contain the recently discovered dependency confusion vulnerability continues to grow. Contrast Labs added another one to the list when it identified the vulnerability in an open-source library us
Newly discovered dependency confusion vulnerability found in 35 enterprises—and counting—and threatens software supply chain. Bad actors could inject malicious code without any victim action by redirecting open-source updates to compromised ope
Join Podchaser to...
- Rate podcasts and episodes
- Follow podcasts and creators
- Create podcast and episode lists
- & much more
Unlock more with Podchaser Pro
- Audience Insights
- Contact Information
- Demographics
- Charts
- Sponsor History
- and More!
- Account
- Register
- Log In
- Find Friends
- Resources
- Help Center
- Blog
- API
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More
- © 2024 Podchaser, Inc.
- Privacy Policy
- Terms of Service
- Contact Us