![Starting with Appsec -- Is It More of a Position or a Process? - ASW #264 Image](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcLzBcXFwvNlxcXC9iXFxcL2JcXFwvMDZiYmNmNjIxYTI5NjU5MTg4YzRhNjhjM2RkYmM0ZjJcXFwvQVNXXzI2NF9zZWdfMS5qcGdcIixcIndpZHRoXCI6MjgwLFwiaGVpZ2h0XCI6MjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiYTdlZmI1ZDkzODdlZDc0ZTkwYjM3ZmRjNTNlYTVlNDk2NGM5NjkwNSJ9/starting-with-appsec-is-it-more-of-a-position-or-a-process-asw-264.jpg)
Starting with Appsec -- Is It More of a Position or a Process? - ASW #264
30 November 2023 - 1 hour 13 minsThis year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it turned into specializations for areas like cloud security and bug bounty programs? We'll cover careers and coding, with an eye towards figuring out what modern software development looks like and where application (or product!) security fits in that model.
Segment resources
https://owaspsamm.org https://www.microsoft.com/en-us/security/blog/2023/11/02/announcing-microsoft-secure-future-initiative-to-advance-secu...
![Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcLzBcXFwvMlxcXC8zXFxcLzZcXFwvMDIzNjNhOGI3NTBmZDZmYzI3YTIzMjI4MTNiMzkzZWVcXFwvRVNXXzM2OV9QT0RfVEhVTUJOQUlMX1RFTVBMQVRFX2NvcHlfM2JjYjQ3ZTEtMTZkMS00ZTJkLWI3ZTUtYWZiMDY3YjI3YWU5LmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiMjAxZTVmOGQ4NWM5YzE4NGI4MWEwMDE4YWU5NTQzNzFhNjFhNzVjNCJ9/generative-ai-as-used-by-defenders-and-attackers-will-drive-soc-evolution-greg-notch-edward-wu-esw-369.jpg)
Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369
1 hour 58 mins
26 July Finished
![Twitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland... - SWN #401](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcL2VcXFwvYVxcXC9hXFxcLzdcXFwvZWFhN2U1M2IxMzQ3OTQ4ZjI3YTIzMjI4MTNiMzkzZWVcXFwvU1dOXzQwMV9wb2RfNDgwYzU1MzMtZTE4YS00ZTM3LWE0NWYtMWU2N2UwYzY0NzVkLmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiM2RjNzY5NTU0ZjUwNjJiYmM0Y2YyMzQ1MTZjOTVhNTE3YTg5NTA5YiJ9/twitter-the-doj-darkseoul-fake-employees-plugx-stargazer-ghost-aaran-leyland-swn-401.jpg)
Twitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland... - SWN #401
31 mins
26 July Finished
![MS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing. - Douglas McKee - PSW #836](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcL2FcXFwvZlxcXC9jXFxcL2ZcXFwvYWZjZjE3YmIxY2RhYjU3NjI3YTIzMjI4MTNiMzkzZWVcXFwvUFNXXzgzNl9zZWdfMV9QT0RfYWI2MTljNWEtYTEzMC00ODE5LTgwZjItOTBmZGNkOGJhYmMyLmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiODUyZWQ2ZWMzMzQyNWEwM2NiNzI1NWE2MWVmZWQ5M2ExZDViMWNiNSJ9/ms-patch-tuesday-which-vulnerabilities-really-need-prioritizing-douglas-mckee-psw-836.jpg)
MS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing. - Douglas McKee - PSW #836
3 hours 4 mins
25 July Finished
![Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcL2NcXFwvY1xcXC8xXFxcLzBcXFwvY2MxMDQ1YTMwZTVhOGVhMjI3YTIzMjI4MTNiMzkzZWVcXFwvU1dOXzQwMF9QT0RfMDdiNTUzNzAtMjk0Yy00MzliLWE3MWEtNWU3NzIzOTQ1MzA5LmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiMWExYjU1MTJjNjJmNDA5YTAzM2ZhNjJjMDFiZjY1YzQ4ZDg5YjYyOCJ9/killer-robots-crowdstrike-southwest-play-frostygoop-josh-marpet-and-more-swn-400.jpg)
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400
34 mins
23 July Finished
![Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcL2JcXFwvNFxcXC9kXFxcLzZcXFwvYjRkNmI1Yzc1MWE0ZjBhNmU1NWUzYzEwMGRjZTc2MDVcXFwvQVNXXzI5Ml9zZWdfMV9QT0RfYjA5YWY4ZjQtMzVmNi00M2JkLThiYWMtM2U4OGYwNDVkYjQ5LmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiNTI1MTYwZWJjOTk0OWQ5MDhjMmUyZTVhMjM0NzdlNzViNjIwMWQ3YSJ9/where-generative-ai-can-actually-help-security-and-where-it-doesn-t-farshad-abasi-allie-mellen-asw-292.jpg)
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292
1 hour 5 mins
23 July Finished
![Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar, Jeff Recor - BSW #357](https://img.resized.co/shuffle/eyJkYXRhIjoie1widXJsXCI6XCJodHRwczpcXFwvXFxcL3N0YXRpYy5saWJzeW4uY29tXFxcL3BcXFwvYXNzZXRzXFxcLzlcXFwvN1xcXC8wXFxcLzVcXFwvOTcwNTBkYzc2YmYzN2RmMGU1NWUzYzEwMGRjZTc2MDVcXFwvQlNXXzM1Ny4yX1BPRF9USFVNQk5BSUxfVEVNUExBVEVfMzkzZDhiMjktNjIwNy00ZDUyLTkwODQtNzM3YzA4MTZlNjBhLmpwZ1wiLFwid2lkdGhcIjo4MCxcImhlaWdodFwiOjgwLFwiZGVmYXVsdFwiOlwiaHR0cHM6XFxcL1xcXC93d3cuZ29sb3Vkbm93LmNvbVxcXC9pbWFnZXNcXFwvbG9nby5zdmdcIixcIm9wdGlvbnNcIjpbXX0iLCJoYXNoIjoiNTE0MWE1ZWZkOTJkYTk1ZjMxY2VmYTk1ZWI0M2I3OTA4N2IyMzI1ZSJ9/closing-ciso-ceo-communication-gap-requires-a-common-business-language-sumedh-thakar-jeff-recor-bsw-357.jpg)
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar, Jeff Recor - BSW #357
1 hour 11 mins
23 July Finished