The Application Security Podcast

Jeff Williams -- Application Detection & Response (ADR)

Sep 24, 2024

In this conversation with Jeff Williams, a co-founder of OWASP and a trailblazer in application security, listeners dive into the transformative power of Application Detection and Response (ADR). Jeff emphasizes ADR's role in real-time monitoring and response to vulnerabilities, contrasting it with traditional security techniques. He shares insights on the evolution of security testing and the importance of community building. The discussion also explores the intersection of AI and AppSec, addressing both its potential benefits and challenges in enhancing security.

51:28

Episode guests

Jeff Williams

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Application Detection and Response (ADR) revolutionizes application security by shifting from perimeter defenses to real-time monitoring within applications.

A focus on security assurance, rather than just risk management, is essential for developing secure applications and effective controls.

Deep dives

The Evolution of Application Detection and Response (ADR)

Application Detection and Response (ADR) represents a significant evolution in application security, focusing on the protection of applications in production environments. Unlike traditional methods that rely heavily on perimeter defenses, ADR operates from within the application itself, allowing for real-time monitoring and intervention. This inside-out approach enhances the accuracy of attack detection by assessing data flow and behaviors directly from the application, which contrasts with older tools like Web Application Firewalls (WAFs) that often produce high false-positive rates. By allowing security teams to intervene only when real attacks are detected, ADR minimizes disruption and focuses resources on genuine threats.

Shift Left: A Concept Misunderstood

01:20

Intro

3min

Masters Basketball: A Journey Beyond Competition

5min

Revolutionizing Security Observability

13min

Enhancing Application Security with ADR

21min

Navigating the Shifts in Security Testing

5min

Elevating Application Security Engagement

5min

Jeff Williams, a renowned pioneer in the field of application security is with us to discuss Application Detection and Response (ADR), detailing its potential to revolutionize security in production environments. Jeff shares stories from his career, including the founding of OWASP, and his take on security assurance. We cover many topics including; security assurance, life, basketball and plenty of AppSec as well.

Where to find Jeff:
LinkedIn: https://www.linkedin.com/in/planetlevel/

Previous Episodes:
Jeff Williams – The Tech of Runtime Security

Jeff Williams – The History of OWASP

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~