Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs

Update: 2024-09-03

Description

Seth (@sethlaw) and Ken (@cktricky) are back this week with some hot takes on the recent cancellation of OWASP's San Francisco Developer Days that were running alongside Global AppSec San Francisco. OWASP has struggled to engage the development community over the years and this is no surprise for anyone in AppSec/ProdSec. This is followed by review of the ALBeast (why do all vulnerabilities have to be branded?) and how our past selves were correct in identifying dangerous TLDs as being exploitable.

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Episode 267 - w/ Kinnaird McQuade - Building a Security Product

2024-11-19--:--

Episode 266 - Scope of Penetration Testing, Attack Modeling

2024-11-05--:--

Episode 265 - w/ Scott Norberg - Static Analysis

2024-10-29--:--

Episode 264 - w/ Jeremy Long - Software Composition Analysis

2024-10-1701:00:55

Episode 263 - WebApp Fuzzing, Mobile Testing, Secrets Management

2024-10-0801:05:23

Episode 262 - w/ Ariel Shin - Building a Security Program

2024-09-30--:--

Episode 261 - Security Economy, Password Resets, Vendor Consolidation

2024-09-24--:--

Episode 260 w/ Darren Meyer of Endor Labs - Dependency Management

2024-09-1901:00:24

Episode 259 - Special Melbourne Australia Edition w/Paul McCarty and Daniel Ting

2024-09-12--:--

Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs

2024-09-03--:--

Episode 257 - In-Person vs. Virtual Training, Compliance Violations

2024-08-27--:--

Episode 256 w/ John Poulin - Token Security, Staying Technical as a Manager

2024-08-2101:03:57

Episode 255 (0xFF) - HackerSummerCamp Recap

2024-08-13--:--

Episode 254 - Pre-Hacker Summer Camp

2024-08-0153:50

Episode 253 w/ Justin Collins - Managing Security, ProdSec vs. AppSec

2024-07-23--:--

Episode 252 w/ Rami McCarthy - Security Startups, Jobs

2024-07-16--:--

Episode 251 - Passive Scanning, Chrome Extensions, CocoaPods, NVD

2024-07-0901:08:03

Episode 250 - Security Startups, Polyfill Takeover

2024-07-0201:06:01

Episode 249 w/ Tanya Janca - Secure Guardrails

2024-06-25--:--

Episode 248 w/ Rahil Parikh - Building AppSec Programs

2024-06-1858:19

00:00

Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs

#box-pro-ellipsis-173235057146437{-webkit-line-clamp:2;}Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs

Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs

Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs