logo
episode-header-image
Oct 2023
1 h

SE Radio 584: Charles Weir on Ruthless S...

se-radio@computer.org
About this episode

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Up next
Today
SE Radio 676: Samuel Colvin on the Pydantic Ecosystem
Samuel Colvin, the CEO and founder of Pydantic, speaks with host Gregory M. Kapfhammer about the ecosystem of Pydantic’s Python frameworks, including Pydantic, Pydantic AI, and Pydantic Logfire. Along with discussing the design, implementation, and use of these frameworks, they d ... Show More
1h 2m
Jul 1
SE Radio 675: Brian Demers on Observability into the Toolchain
Brian Demers, Developer Advocate at Gradle, speaks with host Giovanni Asproni about the importance of having observability in the toolchain. Such information about build times, compiler warnings, test executions, and any other system used to build the production code can help to ... Show More
47m 41s
Jun 25
SE Radio 674: Vilhelm von Ehrenheim on Autonomous Testing
Vilhelm von Ehrenheim, co-founder and chief AI officer of QA.tech, speaks with SE Radio's Brijesh Ammanath about autonomous testing. The discussion starts by covering the fundamentals, and how testing has evolved from manual to automated to now autonomous. Vilhelm then deep dives ... Show More
49m 49s
Recommended Episodes
Feb 2023
Knocking down the legs of the industrial security triad. [Research Saturday]
Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the indu ... Show More
19m 45s
Oct 2023
AI Threats & Opportunities in Cyber Security With Material Security Co-Founder Ryan Noon
Cyber Security is going to change significantly in the era of AI, according to Ryan Noon, cofounder of Material Security, a security company that makes cloud-based Google and Microsoft email a safe place for sensitive data. Elad Gil and Ryan talk about how Material Security start ... Show More
36m 22s
Jul 2021
Analyzing the Impact of A.I. and Technology on Society and Cybersecurity
Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's to figure ... Show More
49m 58s
Mar 2024
2820: The Cyber Insurance Equation: Risk, Responsibility, and Readiness
In today's digital landscape, the role of cybersecurity within organizations is more critical than ever. As businesses navigate the complexities of protecting their data and infrastructure, the Chief Information Security Officer (CISO) stands at the forefront of this evolving bat ... Show More
36m 29s
Aug 2023
2465: Imperva: Navigating the Data Breach Landscape
In today's digitized world, the security of our data is paramount. Understanding the complexity of data breaches and developing robust security strategies can often be a challenging task for businesses. To shed light on this critical issue, I'm thrilled to have Terry Ray from Imp ... Show More
40m 46s
Feb 2023
Fighting software vulnerabilities with software bill of materials
Earn additional income by sharing your opinion on userinterviews.com!Episode Resources: Executive Order on Improving the Nation’s Cybersecurity Alpha-Omega Projects Cybersecurity & Infrastructure Security Agency (Cisa) Tools to create SBOM  About Barak Brudo Barak Brudo helps org ... Show More
38m 35s
Feb 2023
Implementing and achieving security resilience. [Research Saturday]
Wendy Nather from Cisco sits down with Dave to discuss their work on "Cracking the Code to Security Resilience: Lessons from the Latest Cisco Security Outcomes Report." The report describes what security resilience is, while also going over how companies can achieve this resilien ... Show More
20m 14s
May 2024
AI Is a Cybersecurity Tool and Threat
When it comes to cybersecurity, artificial intelligence is proving to be both a formidable defensive tool and a potential threat. Today, Patrick Hevesi, VP Analyst with Gartner for Technical Professionals, discusses the concept and implications of “dark AI.” He also highlights pr ... Show More
26m 19s
Nov 2023
Cybersecurity
Dr. Eric Cole's latest episode of "Life of a CISO" delves into the importance of reflection and gratitude in a cybersecurity professional's journey. He highlights the tendency to focus on the next challenge without acknowledging past achievements. Dr. Cole emphasizes the value of ... Show More
24m 34s
Listen to millions of songs and podcasts on Anghami