In this presentation, James Jardine focuses on educating application teams on what a penetration test is and how to extract the most value from it. Application teams learn how to participate in the engagement and better understand the report. You can watch the recorded session at any time at: https://youtu.be/I1PukF8Glh0 https://youtu.be/I1PukF8Glh0 … [Read more...] about Introduction to Penetration Testing for Application Teams
AppSec
Application Registry: Knowing Your Assets
If an auditor asked you what applications exist on your network, how accurate do you think your answer would be? Do you have a repository or registry of the applications your company maintains? A good application security program starts with knowing what you have. Without this knowledge it is very difficult to understand the risk the applications bring to the company. Depending on the maturity of your application security program, the way that applications are registered can be very … [Read more...] about Application Registry: Knowing Your Assets
Ep. 1: Introduction to the Podcast
Hey everyone, I have spent a lot of time working in application security and prior to that, development. Over the years, I have had a chance to reflect a bit on some of the security issues I saw as a developer and as a security practitioner. In an effort to help share some of this knowledge and experience, I am starting a podcast series focused on secure development. The goal is for shorter, 10-20 minute, episodes. I hope you take a moment to take a listen. Transcript: Hi, and welcome to … [Read more...] about Ep. 1: Introduction to the Podcast