Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355 Image

Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355

Podcast Series Security Weekly Podcast Network (Audio)

Pull requests are a core part of collaboration, whether in open or closed source. GitHub has documented some of the security consequences of misconfiguring how PRs can trigger actions. But what happens when repo owners don't read the docs? Bar Kaduri and Roi Nisimi walk through their experience in reading docs, finding vulns, demonstrating exploits, and working with repo owners to improve their security. Their work highlights the challenges in maintaining good security guidance, figuring out secure defaults, and how so many orgs still struggle with triaging external security reports -- something that's becoming even more challenging when orgs are being flooded with low-quality reports from L...

1 hour 8 mins

Series Episodes

Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535

Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535

33 mins

5 December Finished

Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903

Holiday Hack Challenge, AI, Internet of Trash - Ed Skoudis - PSW #903

2 hours 10 mins

4 December Finished

Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424

Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424

1 hour 6 mins

3 December Finished

AI semantics, Calendly, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland... - SWN #534

AI semantics, Calendly, Teams, Schmaltz, India, Antigravity, Scada, Aaran Leyland... - SWN #534

36 mins

2 December Finished

Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359

Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359

59 mins

2 December Finished

Recommended

View more

Your Vote Matters - A Beat News Referendum Special

Your Vote Matters - A Beat News Referendum Special

Podcast Series

Voice of the Future

Voice of the Future

Podcast Series

The Road To Who Knows Where

The Road To Who Knows Where

Podcast Series

The Afters

Podcast Series

Medicinal or Hurtful? A Beat News Documentary on Drug Regulation in Ireland

Medicinal or Hurtful? A Beat News Documentary on Drug Regulation in Ireland

Podcast Series

Living Your Best Life

Living Your Best Life

Podcast Series

From Conflict to Safety: Ukrainian Refugees Living in Wexford

From Conflict to Safety: Ukrainian Refugees Living in Wexford

Podcast Series

Fees Degrees but No Keys

Fees Degrees but No Keys

Podcast Series

On The Run: The Inside Story

On The Run: The Inside Story

Podcast Series

Cillian chats to Protein Bor Papi on The Takeover

Cillian chats to Protein Bor Papi on The Takeover

Podcast Series

Do You Remember?

Do You Remember?

Podcast Series

The Weekly Show with Jon Stewart

The Weekly Show with Jon Stewart

Podcast Series

Brothers In Arms

Brothers In Arms

Podcast Series

Home or Away - Living the Irish Australian Dream with Aisling Moloney

Home or Away - Living the Irish Australian Dream with Aisling Moloney

Podcast Series

Eoin Sheahan's Diverted

Eoin Sheahan's Diverted

Podcast Series

Wexford Soccer: The Heart Of The Community

Wexford Soccer: The Heart Of The Community

Podcast Series

On The Move

Podcast Series

Nobody Told Me

Podcast Series

Now Playing
Queue

Now Playing

The Pat Kenny Show

Live Now: 9AM - 12PM

9AM

12AM

Now Playing

The Pat Kenny Show

The Pat Kenny Show

Of The Ball

1 hour left

Today Finished

Next Up

Search

Find a show, podcast or music playlists

No Account

Subscriptions to podcast series are only available to users with an account. Sign in or register to subscribe and access your subscriptions.

Register Sign in

Woops!

Error text.