Ever wonder what it takes to become an ethical hacker? In this episode, Dale Meredith author of the Pluralsight course Ethical Hacking: Understanding Ethical Hacking shares some key takes aways from his course. Discover why Ethical Hacking is becoming a popular skill for security, what you need to know how to pass the Certified Ethical Hacker (CEH) certification, and much much more.
How do you define DevSecOps? Despite what some will lead you to believe, DevOps is not just a set of tools. In this episode Hasan Yasar Technical Director of Continuous Deployment of Capability group in Software Engineering Institute, CMU shares his thought on DevSecOps. Listen in to discover the common misconceptions and roadblocks, and how you can use DevSecOps to help your organization reach new heights of efficiency and productivity without getting frustrated....
Hackers are getting access to your sensitive data by exploiting web application vulnerabilities. Are you ready? In this episode, Prasad Salvi, author of the Pluralsight course Penetration Testing of Identity, Authentication and Authorization Mechanism, shares what you need to gain the ability to perform web application pen-testing. Listen in to discover what is identity management, penetration testing of identity, authentication, and authorization mechanism....
Want to learn how to get started with Info Security, Application Security, and more? In this episode , Tanya Janca, Founder of SheHacksPurple, will share her thoughts on multiple security topics you need to know about. Discover some tips and resources to help jump-start your AppSec efforts. You’ll also hear about some cool initiatives like WoSec and CyberMentoringMonday. Listen up!
Compliance, best practices, and regulation drive security programs. These programs pass audit and compliance checks, have robust patch management, and even conduct vulnerability and penetration testing assessments. How do you know if these programs can protect against real threats? In this episode , Joe Vest co-author of the book Red Team Development and Operations shares his thoughts and real-world guidance. Discover how professional red teaming can bridge the gap between security program desig...
How necessary are certifications to your security testing career? In this episode, Nancy Gariché, Co-Founder at Secure That Cert shares her thoughts around certification, DevOps, DevSlop, and more. Discover a learning hack that will help you get a new job or stay up to speed in your current position. Listen up.
Do you need to make sure your android applications are secure? In this episode , we'll be talking with Marko Belzetski all about Android Application Security Testing. Discover what it means to be a penetration tester of Web and Android applications, the differences between Android and iOS, and why the OWASP ASVS and MASVS are some of the most useful resources for both penetration testers and developers alike.
Are you struggling to get your developers on board with your security testing efforts? In this episode, we talk with Adhiran Thirmal all about how to win over that elusive developer. Discover the key to implementing a successful application security testing program to buy-in from your developers, DevOps, and architects.
In this episode we'll be talking with James Rabon, a Senior Product Manager at Micro Focus, all about tips to incorporate static analysis tools in your CI/CD pipelines. Discover best practices for successful SAST integration and about how machine learning can help us predict the future based on our past.
Is your website vulnerable to cross-site scripting vulnerabilities? In this episode , Gavin Johnson-Lynn talks all about his new Pluralsight course on getting started with BeEF. BeEF is a tool that allows cross-site scripting vulnerabilities to be investigated and exploited with minimal technical understanding. Discover how to use BeEF to exploit XSS and highlight just how critical this vulnerability can be to a website. Listen up
Are you looking for an approach to continuous security? In this episode, we’ll talk with Julien Vehent about his book Securing DevOps: Security in the cloud. Discover why security is an integral component of your product development efforts, and how to use some best practices to help your teams implement security in your SDLC. Listen up!
I recently wrote a blog post on the 9 Top Automation Testing Trends for 2020. One quickly-growing trend I listed was security. Since then, I’ve been frequently asked for some useful resources to help folks get started learning about security. That’s why I was excited to learn about HackEdu, an online training platform designed to help software developers to develop code more securely. Unlike other training you may have taken, HackEdu has a unique, hands-on training approach that will keep you en...
There are so many awesome tools for hackers out there. They work great if you're a pentester, but trying to use these tools in a way that makes sense for development and testing teams can be challenging. In this episode, Jahmel Harris, co-founder of Digital Interruption, shares his favorite security testing tools and the skills needed for developers and testers.
In this episode , Keith Watson, author of the Introduction to Penetration Testing Using Metasploit Pluralsight course will give us a high-level overview of how to get started with Metasploit, as well as some best practices for penetration testing.
Want to discover how to get security more integrated into your DevOps pipelines? In this episode , Tanya Janca, an Application Security and Cloud Security Consultant, shares her thought around security testing and how to shift your efforts left like a boss.
Not sure what security standards are out there or which ones you need to follow? In this episode , Arthur Hicken Chief Evangelist at Parasoft shares some of the most common standards in use today. Listen up and discover what standards you need to know for your security testing efforts and how to get started.
Very often, people are afraid of web application firewalls (WAF) because they can potentially block an application's legitimate traffic. No worries! In this episode, Franziska Buehler will share how you can avoid this problem and more. Discover how WAFs are a useful, additional layer of defense when it comes to fending off attacks such as those described by the "OWASP Top Ten." Don’t miss it!
Happy New Year! In this episode we’ll be going back in time to one of my most popular automation podcast episodes: How to Security Test Your APIs with Troy Hunt. Discover what you need to know about the basics of API security testing, including the tools and techniques you’ll need to get started quickly in 2020.
As we enter the New Year, I thought it would be a great idea to go over the state of application security (AppSec), especially how developers are getting more and more involved with their team's security testing efforts. So in this episode , Jeffrey Martin, a Director of Product at WhiteSource, we'll go over some of the reasons why application security will become a top priority for most companies in 2020. He'll also reveal critical insight found in his companies recent report on Why Developers ...
So much that can be traced back to security breaches and issues are the result of poorly designed and developed software. In this episode, Kevin E. Greene shares how to shift-left your security testing efforts in your software development lifecycle and evolve your mindset beyond security as an afterthought. So listen up and discover how to avoid becoming the Achilles heel of software security.
Why another podcast on security and security testing? Listen in to discover what the TestGuild Security Podcast is all about. Our goal is to help you succeed with all your security testing efforts.
