Manage episode 294107582 series 2892732
1. The AppSec Manifesto
The AppSec Manifesto has some good advice contained within, but we think a Manifesto should be the work of multiple people to ensure that the opinions are vetted.
2. Security Chaos Engineering
Security chaos engineering is providing a methodology to prepare your system for the unexpected happenings that could adversely impact security and privacy.
3. Linux bans University of Minnesota for committing malicious code
Open-source is built upon a trust model of the people that contribute towards it. The community only trusts after verifying. The UMN team violated that trust, and the outcome is fair.
4. Looking for Greater Security Culture? Ask an 8-Bit Plumber
There are lessons about security culture to be found in many places – perhaps even in an 8-bit Mario World.
5. “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks
Application security professionals must understand new threats and new manifestations of threats – this is a new approach to an old problem.