Man Vs WebApp » Podcasts (AppSec): Episodes
Today’s show is Michael interviewing Kevin Riggins. Kevin is an Enterprise Security Architect for a Fortune 500 financial services company. Kevin and Michael have some great conversation about Kevin’s job, what he is doing at RSA, where he blogs, the book he coauthored, etc. (look below in the show ...
Thanks go to Jeremiah Grossman for sitting down with Michael for some great discussion. Jeremiah is the CTO at Whitehat Security and a very well known figure in the InfoSec industry. Jeremiah and Michael talk about Hawaii, sharks, security philosophy, RSA, stage fright, Jeremiah’s TED talk (not published ...
Wow! Six Months…and two job changes later, we are finally back to recording! YEAH!….Here the latest show from our intrepid hosts. Show Notes: InfoSec News Update – The Hacker News Hacking Awards: Best of Year 2011 Japan’s Anti-Virus Virus Nginx (pronunciation: “engine-ex”) becomes #2 web ...
Today we have an interview for you. Michael had a great time sitting down with four gentlemen (they might not all agree with that term) from SpiderLabs over at Trustwave. The aforementioned SpiderLabs folks were Nicholas Percoco (@c7five), Steve Ocepek (@nosteve), Matt Jakubowski (@jaku), and Zack Fasel ...
A lot of discussion in this episode. And what is more funny is Dan actually cuts Jim off on a subject. Yes, you heard it right. The famous “Web Security Minute Turned to 20 Minutes” Dan makes Jim stop talking. I guess the end of the world IS here! Oh, and Dan leads us into [...]
I am tired of making excuses about us being late, so here is friggin’ episode #05-2011. Have fun! Show Notes: InfoSec News Update - HouSecCon 2011 update – Registration is open – Link Here Michaels Breached due to Card Skimmers – Link Here Dropbox saga continues (and heads to the feds) – Link1 ...
Hey, all three of us are here, and on schedule…. somebody check the temp outside Show Notes: InfoSec News Update - TexSecConTriangle.com coming soon – HouSecCon, BSidesDFW, and LasCon Gonzales Update – Link Here Dropbox Pwnage -Link Here TX exposes … <a href="http://www.manvswebapp.com/an-information-security-place-podcast-%e2%80%93-episode-04-2011">Continue ...
So it took a bit longer this time due to scheduling, and bodily harm on Michael’s part… but we finally got another episode recorded. Enjoy. Show Notes: InfoSec News Update - HouSecCon 2011 – Call for Papers is still On … <a href="http://www.manvswebapp.com/an-information-security-place-podcast-%e2%80%93-episode-03-2011">Continue ...
We have a little bit of innuendo humor on this episode, and we all break into some hysterics (it’s all in the geek toys section, so fast forward if you want to hear all that). Around that is some information … <a href="http://www.manvswebapp.com/an-information-security-place-podcast-%e2%80%93-episode-02-2011">Continue ...
We have started recording the Info Sec Place Podcast again! Show Notes: InfoSec News Update - Study shows non-compliance more expensive than compliance (study was sponsored by Tripwire) – Article Link / Report Link Security Fail – When Trusted IT … <a href="http://www.manvswebapp.com/an-information-security-place-podcast-%e2%80%93-episode-01-2011">Continue ...
This was a wacky episode and I only was able to turn up toward the end due to some scheduling conflicts, but I think it turned out pretty good in the end.
I returned as a guest host… looks like I may become a regular part of the cast. I promise I wont keep cross posting these forever, but doing it again since we talked about a blog post I had written … <a href="http://www.manvswebapp.com/an-information-security-place-podcast-%e2%80%93-episode-23">Continue ...
The MightySeek Podcast is returning.
I am starting an effort to have a show posted every 2 weeks, with hopes for a Hands On Series every 2 months.
I will also be joining the An Information Security Place podcast as well. They do a podcast about general information security and I will be the resident ...
I am starting an effort to have a show posted every 2 weeks, with hopes for a Hands On Series every 2 months.
I will also be joining the An Information Security Place podcast as well. They do a podcast about general information security and I will be the resident ...
The MightySeek Podcast is returning.
I am starting an effort to have a show posted every 2 weeks, with hopes for a Hands On Series every 2 months.
I will also be joining the An Information Security Place podcast as well. They do a podcast about general information security and I will be the resident ...
I am starting an effort to have a show posted every 2 weeks, with hopes for a Hands On Series every 2 months.
I will also be joining the An Information Security Place podcast as well. They do a podcast about general information security and I will be the resident ...
Today I had the pleasure of meeting up with a celeb of the web app sec world…. rsnake of the ha.ckers.org website. I hope you enjoy the interview, but I made a huge mistake with the recording. Here I was with my first interview, I hook up my mic and load up the recording software [...]
In this episode is discuss PHP security. Up till this point I have talked about web app sec in general, but I break from this in honor of the Month Of PHP Bugs that is going on through March.
PHP has frequently been blamed for security problems in applications written in PHP which really is no [...]
PHP has frequently been blamed for security problems in applications written in PHP which really is no [...]
The “Hands on Series” continues!
In this episode we start dealing with Cross Site Scripting (XSS) attacks.
CSS = Cascading Style Sheets
XSS = Cross Site Scripting
Cross Site Scripting is a technique used to add script to a trusted site that will be executed on other users browsers.
A key element ...
In this episode we start dealing with Cross Site Scripting (XSS) attacks.
CSS = Cascading Style Sheets
XSS = Cross Site Scripting
Cross Site Scripting is a technique used to add script to a trusted site that will be executed on other users browsers.
A key element ...
A quick in between to the Hands On Series, I chat about some news and issues of the day.
Turkish Hacker defaces 38,000 websites hosted on GoDaddy
Flawed USC admissions site allowed access to applicant data
Breach case could curtail Web flaw finders
Man charged with accessing USC student data
Tsunami ...
Turkish Hacker defaces 38,000 websites hosted on GoDaddy
Flawed USC admissions site allowed access to applicant data
Breach case could curtail Web flaw finders
Man charged with accessing USC student data
Tsunami ...
The start of the “Hands on Series”, which means that there are actual
hands on excersises to go along with these shows.
I feel that its time to go beyond the concepts, the chatter about what bad guys can do,
and actually show you directly. Let you see for yourself the saying goes.
I recommend that ...
hands on excersises to go along with these shows.
I feel that its time to go beyond the concepts, the chatter about what bad guys can do,
and actually show you directly. Let you see for yourself the saying goes.
I recommend that ...
In this podcast I discuss a type of attack that allows users to basicly do things they are not supposed to do, without ever having to hack the admin type of accounts. So without having to figure out the admin password it is often possible to do administrative functions by simply attempting them.
The ...
The ...