logo
episode-header-image
Oct 2023
1 h

SE Radio 584: Charles Weir on Ruthless S...

se-radio@computer.org
About this episode

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Up next
Aug 20
SE Radio 682: Duncan McGregor and Nat Pryce on Refactoring from Java to Kotlin
Duncan McGregor and Nat Pryce, co-authors of Java to Kotlin: Refactoring Guidebook, speak with host Giovanni Asproni about their hands-on experiences migrating Java codebases. The episode starts by highlighting Kotlin’s seamless interoperability with Java, allowing teams to incre ... Show More
57m 23s
Aug 12
SE Radio 681: Qian Li on DBOS Durable Execution/Serverless Computing Platform
Qian Li of DBOS, a durable execution platform born from research by the creators of Postgres and Spark, speaks with host Kanchan Shringi about building durable, observable, and scalable software systems, and why that matters for modern applications. They discuss database-backed p ... Show More
52m 17s
Aug 6
SE Radio 680: Luke Hinds on Privacy and Security of AI Coding Assistants
Luke Hinds, CTO of Stacklok and creator of Sigstore, speaks with SE Radio's Brijesh Ammanath about the privacy and security concerns of using AI coding agents. They discuss how the increased use of AI coding assistants has improved programmer productivity but has also introduced ... Show More
45m 37s
Recommended Episodes
Feb 2023
Knocking down the legs of the industrial security triad. [Research Saturday]
Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the indu ... Show More
19m 45s
Oct 2023
AI Threats & Opportunities in Cyber Security With Material Security Co-Founder Ryan Noon
Cyber Security is going to change significantly in the era of AI, according to Ryan Noon, cofounder of Material Security, a security company that makes cloud-based Google and Microsoft email a safe place for sensitive data. Elad Gil and Ryan talk about how Material Security start ... Show More
36m 22s
Jul 2021
Analyzing the Impact of A.I. and Technology on Society and Cybersecurity
Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's to figure ... Show More
49m 58s
Mar 2024
2820: The Cyber Insurance Equation: Risk, Responsibility, and Readiness
In today's digital landscape, the role of cybersecurity within organizations is more critical than ever. As businesses navigate the complexities of protecting their data and infrastructure, the Chief Information Security Officer (CISO) stands at the forefront of this evolving bat ... Show More
36m 29s
Aug 2023
2465: Imperva: Navigating the Data Breach Landscape
In today's digitized world, the security of our data is paramount. Understanding the complexity of data breaches and developing robust security strategies can often be a challenging task for businesses. To shed light on this critical issue, I'm thrilled to have Terry Ray from Imp ... Show More
40m 46s
Feb 2023
Fighting software vulnerabilities with software bill of materials
Earn additional income by sharing your opinion on userinterviews.com!Episode Resources:Executive Order on Improving the Nation’s CybersecurityAlpha-Omega ProjectsCybersecurity & Infrastructure Security Agency (Cisa)Tools to create SBOM About Barak BrudoBarak Brudo helps organizat ... Show More
38m 35s
Feb 2023
Implementing and achieving security resilience. [Research Saturday]
Wendy Nather from Cisco sits down with Dave to discuss their work on "Cracking the Code to Security Resilience: Lessons from the Latest Cisco Security Outcomes Report." The report describes what security resilience is, while also going over how companies can achieve this resilien ... Show More
20m 14s
May 2024
AI Is a Cybersecurity Tool and Threat
When it comes to cybersecurity, artificial intelligence is proving to be both a formidable defensive tool and a potential threat. Today, Patrick Hevesi, VP Analyst with Gartner for Technical Professionals, discusses the concept and implications of “dark AI.” He also highlights pr ... Show More
26m 19s
Nov 2023
Cybersecurity
Dr. Eric Cole's latest episode of "Life of a CISO" delves into the importance of reflection and gratitude in a cybersecurity professional's journey. He highlights the tendency to focus on the next challenge without acknowledging past achievements. Dr. Cole emphasizes the value of ... Show More
24m 34s