Application Security Weekly (Audio)

Avoiding Appsec's Worst Practices - ASW #324

Apr 1, 2025

01:11:19

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

We take advantage of April Fools to look at some of appsec's myths, mistakes, and behaviors that lead to bad practices. It's easy to get trapped in a status quo of chasing CVEs or discussing which direction to shift security. But scrutinizing decimal points in CVSS scores or rearranging tools misses the opportunity for more strategic thinking. We satirize some worst practices in order to have a more serious discussion about a future where more software is based on secure designs.

Segment resources:

https://bsidessf2025.sched.com/event/1x8ST/secure-designs-ux-dragons-vuln-dungeons-application-security-weekly
https://bsidessf2025.sched.com/event/1x8TU/preparing-for-dragons-dont-sharpen-swords-set-traps-gather-supplies
https://www.rfc-editor.org/rfc/rfc3514.html
https://www.rfc-editor.org/rfc/rfc1149.html

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-324

Home Top podcasts Popular guests