CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321 - podcast episode cover

CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321

Application Security Weekly (Audio)
Mar 11, 20251 hr 14 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality.

Segment Resources:

Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-321

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321 | Application Security Weekly (Audio) podcast - Listen or read transcript on Metacast