CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321

Application Security Weekly (Video)
11/03/2025 40 min
CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321

Listen "CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321"

Descargar episodio Ver en sitio original

Episode Synopsis

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality. Segment Resources: https://www.cisa.gov/securebydesign https://www.cisa.gov/securebydesign/pledge https://www.cisa.gov/resources-tools/resources/product-security-bad-practices https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design https://corridor.dev Show Notes: https://securityweekly.com/asw-321

More episodes of the podcast Application Security Weekly (Video)

Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365 13/01/2026
The Upsides and Downsides of LLM-Generated Code - Chris Wysopal - ASW #364 06/01/2026
AI-Era AppSec: Transparency, Trust, and Risk Beyond the Firewall - Felipe Zipitria, Steve Springett, Aruneesh Salhotra, Ken Huang - ASW #363 30/12/2025
Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, James Manico, Adam Shostack, Dustin Lehr - ASW #362 23/12/2025
Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361 16/12/2025
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360 09/12/2025
Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359 02/12/2025
Figuring Out Where to Start with Secure Code - ASW #358 25/11/2025
Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357 18/11/2025
Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356 11/11/2025
© 2003-2026 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA