logo
episode-header-image
Oct 2023
1 h

SE Radio 584: Charles Weir on Ruthless S...

se-radio@computer.org
About this episode

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Up next
Nov 19
SE Radio 695: Dave Thomas on Building eBooks Infrastructure
<p><strong data-renderer-mark="true">Dave Thomas</strong>, author of <em>The Pragmatic Programmer</em>, <em>The Manifesto for Agile Software Development</em>, <em>Programming Ruby</em>, <em>Agile Web Development with Rails</em>, <em>Programming Elixir</em>, <em>Simplicity</em>, a ... Show More
1h 2m
Nov 12
SE Radio 694: Jennings Anderson and Amy Rose on Overture Maps
Jennings Anderson, a Software Engineer with Meta Platforms, and Amy Rose, the Chief Technology Officer at Overture Maps Foundation, speak with host Gregory M. Kapfhammer about the Overture Maps project, which creates reliable, easy-to-use, and interoperable open map data. After e ... Show More
1h 3m
Nov 6
SE Radio 693: Mark Williamson on AI-Assisted Debugging
Mark Williamson, CTO of Undo, joins host Priyanka Raghavan to discuss AI-assisted debugging. The conversation is structured around three main objectives: understanding how AI can serve as a debugging assistant; examining AI-powered debugging tools; exploring whether AI debuggers ... Show More
54m 12s
Recommended Episodes
Feb 2023
Knocking down the legs of the industrial security triad. [Research Saturday]
Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the indu ... Show More
19m 45s
Oct 2023
AI Threats & Opportunities in Cyber Security With Material Security Co-Founder Ryan Noon
Cyber Security is going to change significantly in the era of AI, according to Ryan Noon, cofounder of Material Security, a security company that makes cloud-based Google and Microsoft email a safe place for sensitive data. Elad Gil and Ryan talk about how Material Security start ... Show More
36m 22s
Jul 2021
Analyzing the Impact of A.I. and Technology on Society and Cybersecurity
<p>Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. </p><p>Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's ... Show More
49m 58s
Mar 2024
2820: The Cyber Insurance Equation: Risk, Responsibility, and Readiness
In today's digital landscape, the role of cybersecurity within organizations is more critical than ever. As businesses navigate the complexities of protecting their data and infrastructure, the Chief Information Security Officer (CISO) stands at the forefront of this evolving bat ... Show More
36m 29s
May 2023
S4 E5: Talking Offensive Security with Lurene Grenier
When it comes to battling cybersecurity attackers, Lurene Grenier is all about offense. As Director of Security Architecture at Cisco Talos, she has spent her career analyzing state-sponsored actor trends, writing detection to block those threat actors, and in general, educating ... Show More
24m 33s
Aug 2023
2465: Imperva: Navigating the Data Breach Landscape
<p><span data-preserver-spaces="true">In today's digitized world, the security of our data is paramount. Understanding the complexity of data breaches and developing robust security strategies can often be a challenging task for businesses. To shed light on this critical issue, I ... Show More
40m 46s
Feb 2023
Fighting software vulnerabilities with software bill of materials
Earn additional income by sharing your opinion on userinterviews.com!Episode Resources:Executive Order on Improving the Nation’s CybersecurityAlpha-Omega ProjectsCybersecurity & Infrastructure Security Agency (Cisa)Tools to create SBOM About Barak BrudoBarak Brudo helps organizat ... Show More
38m 35s
Feb 2023
Implementing and achieving security resilience. [Research Saturday]
Wendy Nather from Cisco sits down with Dave to discuss their work on "Cracking the Code to Security Resilience: Lessons from the Latest Cisco Security Outcomes Report." The report describes what security resilience is, while also going over how companies can achieve this resilien ... Show More
20m 14s
May 2024
AI Is a Cybersecurity Tool and Threat
<p dir="ltr">When it comes to cybersecurity, artificial intelligence is proving to be both a formidable defensive tool and a potential threat. </p> <p><strong> </strong></p> <p dir="ltr">Today, Patrick Hevesi, VP Analyst with Gartner for Technical Professionals, discusses the con ... Show More
26m 19s
Listen to millions of songs and podcasts on Anghami