2022 Year in Review
The OWASP Podcast Series
00:00
OWASP S-Bombs Fast Times Talk With Tanya
OWASP has been doing S-Bombs for quite some time. The Void was a way to capture incident information around outages of generally large providers. Adam Showstack's new book combining threat modeling and Star Wars is coming in 2023.
Play episode from 02:23
Transcript
Transcript
Episode notes
In this episode, I go solo and review the last year of podcasts but with a twist. I do my best to compare the topics covered to the OWASP Flagship projects. The goal is to see if the episodes I recorded this year match up with the projects strategically important to OWASP. Plus, the holiday listeners get gifts all around as I cover (and link) the OWASP Flagship projects.
Show Links:
- (January) New Ideas, New Voices, New Hosts: https://soundcloud.com/owasp-podcast/new-ideas-new-voices-new-hosts
- (February) Tanya Janca - She Hack Purple: https://soundcloud.com/owasp-podcast/tanya-janca
- SAMM (Software Assurance Maturity Model): https://owaspsamm.org/
- (March) Fast Times at SBOM High: https://soundcloud.com/owasp-podcast/fast-times-at-sbom-high-with-wendy-nather-and-matt-tesauro
- CycloneDX: https://cyclonedx.org/
- Dependency-Track: https://dependencytrack.org/
- Dependency-Check: https://jeremylong.github.io/DependencyCheck/
- (April) The VOID: Verica Open Incident Database: https://soundcloud.com/owasp-podcast/the-void-verica-open-incident-database
- Web Security Testing Guide: https://owasp.org/www-project-web-security-testing-guide/
- Mobile Application Security Guide: https://mas.owasp.org/
- (May) Threat Modeling using the Force: https://soundcloud.com/owasp-podcast/threat-modeling-using-the-force-with-adam-shostack-owasp-podcast-e001
- ASVS (Application Security Verification Standard): https://owasp.org/www-project-application-security-verification-standard/
- AMASS: https://owasp.org/www-project-amass/
- (June) Giving a jot about JWTs: JWT Patterns and Anti-Patterns: https://soundcloud.com/owasp-podcast/owasp-podcast-giving-a-jot-about-jwts-jwt-patterns-and-anti-patterns
- Cheat Sheet Series: https://cheatsheetseries.owasp.org/
- API Top 10: https://owasp.org/www-project-api-security/
- (July) Getting Lean and Mean with DefectDojo: https://soundcloud.com/owasp-podcast/getting-lean-and-mean-in-the-defectdojo
- DefectDojo: https://www.defectdojo.org/
- (August) Going Way Beyond 2FA: https://soundcloud.com/owasp-podcast/going-way-beyond-2fa
- ModSecurity Core Rule Set: https://coreruleset.org/
- (September) Breaching the wirefall with community: https://soundcloud.com/owasp-podcast/breaching-the-wirefall-with-community
- Security Shepherd: https://owasp.org/www-project-security-shepherd/
- Juice Shop: https://owasp.org/www-project-juice-shop/
- Security Knowledge: https://owasp.org/www-project-security-knowledge-framework/
- (October) Little Zap of Horrors: https://soundcloud.com/owasp-podcast/little-zap-of-horrors
- Zed Attack Proxy (ZAP): https://www.zaproxy.org/
- OWTF (Offensive Web Testing Framework): https://owtf.github.io/
- (November) You've got some Kubernetes in my AppSec: https://soundcloud.com/owasp-podcast/youve-got-some-kubernetes-in-my-appsec
- OWASP Top 10: https://owasp.org/www-project-top-ten/
- CSRFGuard: https://owasp.org/www-project-csrfguard/
The AI-powered Podcast Player
Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
