Helping Secure OSS Software - Alvaro Munoz - ASW #189

Application Security Weekly (Video)
21/03/2022 36 min
Helping Secure OSS Software - Alvaro Munoz - ASW #189

Listen "Helping Secure OSS Software - Alvaro Munoz - ASW #189"

Descargar episodio Ver en sitio original

Episode Synopsis

Past research such as JNDI Injection, Unsafe deserialization, Struts RCEs - OSS security: CodeQL, Dependabot, collaboration between researchers and developers, OWASP Top Ten Proactive Controls, CVD for OSS   Segment Resources: - [Write more secure code with the OWASP Top 10 Proactive Controls] https://github.blog/2021-12-06-write-more-secure-code-owasp-top-10-proactive-controls/ - [An analysis on developer-security researcher interactions in the vulnerability disclosure process] https://github.blog/2021-09-09-analysis-developer-security-researcher-interactions-vulnerability-disclosure/ - [Building security researcher and developer collaboration] https://www.securitymagazine.com/articles/97066-how-to-build-security-researcher-and-software-developer-collaboration - [Coordinated vulnerability disclosure (CVD) for open source projects] https://github.blog/2022-02-09-coordinated-vulnerability-disclosure-cvd-open-source-projects/ - [GitHub Advisory Database now open to community contributions] https://github.blog/2022-02-22-github-advisory-database-now-open-to-community-contributions/ - [Blue-teaming for Exiv2: creating a security advisory process] https://github.blog/2021-11-02-blue-teaming-create-security-advisory-process/     Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw189

More episodes of the podcast Application Security Weekly (Video)

Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365 13/01/2026
The Upsides and Downsides of LLM-Generated Code - Chris Wysopal - ASW #364 06/01/2026
AI-Era AppSec: Transparency, Trust, and Risk Beyond the Firewall - Felipe Zipitria, Steve Springett, Aruneesh Salhotra, Ken Huang - ASW #363 30/12/2025
Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, James Manico, Adam Shostack, Dustin Lehr - ASW #362 23/12/2025
Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361 16/12/2025
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360 09/12/2025
Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359 02/12/2025
Figuring Out Where to Start with Secure Code - ASW #358 25/11/2025
Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357 18/11/2025
Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356 11/11/2025
© 2003-2026 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA