Guest: Bar Hofesh
Guest Title: Co-Founder
Application security is among the hardest things to get right. In this episode we are talking with Bar Hofesh from Neurolegion about the world of automated security testing - what are the challenges, what are the different stages of integration and delivery and how to perform each stage correctly.
0:50 - introducing our guest
2:58 - the need to automate security testing - the challenge of developing faster
7:15 - so what is testing automation - describing the process - the code integration stage
13:50 - security testing the packing and delivery stage
18:50 - testing live application stage
20:20 - appsec finding strategy - what do when found an alert
22:20 - Static analysis vs. dynamic analysis
24:58 - emerging technologies - RASP, IAST
30:50 - Is there still room for manual penetration testing?
34:05 - summary and last words
Guest: Eran Leib (vp product), Maor Goldberg (CEO) Guest Title: Founders at Apolicy (a sysdig company) Abstract: Infrastructure and policy as code is one of the hottest topics in security today. In this episode we spoke with Eran & Maor, founders at aPolicy (acquired by Sysdig shortly after the recording) , about cloud native security and how organizations should use automated policy templates for security CI/CD pipelines. ...
Attendees Guest: Ofer Maor Guest title: Co-Founder & CTO Company: Mitiga Abstract The recent increase of cloud based attacks gives us an opportunity to examine new attack vectors and how attackers exploit new services. In this episode we talked with Ofer Maor, Co-Founder at Mitiga, about new attack vectors in cloud computing and how attackers exploit new services such as marketplaces, community repos and other examples. Timing: 0:00 Introducing our guest and Mitiga 3:32 Preparing for cloud incident response 7:15 Cloud attack vector - malicious AMI 11:00 More attack vectors on marketplaces 13:18 Github attack vectors 18:15 attack vector - Business email compromise on 365 25:44 how to mitigate cloud incidents 27:58 Summary and last words ...
Attendees Guest: Menny Barzilay Guest title: Partner @ Herzog Strategic, CTO, ICRC, Tel Aviv University Abstract For our 20’ish episode we spoke with a very special guest, the one and only - Menny Barzilay. Menny is one of the most interesting speakers in the cyber landscape, he is an expert in simplifying complex concepts, integrating interesting stories and great examples into stimulating review of technology challenges we are facing as a community. In this episode we talk with Menny about Privacy - why it is so hard to define what exactly is privacy in the modern age, what people miss about the concepts of privacy and how this affects our everyday lives. This talk will make you laugh, will make you sad and definitely will make you think. We hope you will enjoy listening to it as much as we enjoyed recording it. Comment: since this is more of a lecture and not a regular podcast, we didn't add our regular podcast timing. Enjoy! Timing: 0:00 introducing our guest 5:25 Privacy ...