John Andersen - The Easiest Way to Use Machine Learning for AppSec (DFFML)

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

Player FM - Internet Radio Done Right

25 subscribers

הוסף לפני five שנים
Looks like the publisher may have taken this series offline or changed its URL. Please contact support if you believe it should be working, the feed URL is invalid, or you have any other concerns about it.

תוכן מסופק על ידי OWASP PDX. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי OWASP PDX או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Biscuits & Jam

1
Wyatt Flores’s Red Dirt Roots 43:43

לפני 23 ימים43:43

הפעל מאוחר יותר

רשימות

לייק

אהבתי

43:43

Wyatt Flores is a 23-year-old singer-songwriter from Stillwater, Oklahoma, who’s making a name for himself in the Red Dirt music scene, building on the musical legacy of his home state. He grew up on a ranch in a working-class family where he was surrounded by musicians, often hearing them play cowboy songs around a campfire. His father, a drummer, built him a stage in the backyard when he recognized his talent, and his Uncle Bobby taught him how to play guitar. Now Wyatt is playing in front of thousands of fans, singing at the Grand Ole Opry, and writing songs that are winning audiences with their honesty, heart, and vulnerability. His debut album, Welcome to the Plains, explores the rough—and sometimes violent—side of growing up in rural Oklahoma, but it also shows a talent for storytelling and a wry sense of humor. Sid talks to Wyatt about why he’s so happy to be back in Stillwater after a couple of years in Nashville, the mental health struggles he’s openly shared with his fans, the family member he wants to have on his podcast, and why his favorite food is a breakfast burrito. Learn more about your ad choices. Visit podcastchoices.com/adchoices…

לפני 5 שנים 16:40

MP3•בית הפרקים

סדרה בארכיון ("עדכון לא פעיל" status)

When? This feed was archived on September 17, 2024 07:05 (9M ago). Last successful fetch was on July 22, 2024 18:41 (11M ago)

Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

John Andersen is our distinguished guest today. He is a software security engineer with a passion for open source. He works for a really big Fortune 500 company here in Oregon doing product security and runs an open source project called Data Flow Facilitator for Machine Learning or DFFML. He's also done product level pentesting, secure design lifecycle consulting, and is currently trying his hand at Linux kernel hardening.
John is a native Portlander, does Brazilian Jiu-Jitsu and loves spending time in the great outdoors when there isn't a pandemic.
John's Link

https://pypi.org/project/dffml/
https://intel.github.io/dffml/
https://www.youtube.com/watch?v=D9puJiKKKS8 (Bsides PDX 2019 Talk)

John is interviewed by John L. Whiteman
Audio production and introduction by Shayne Morgan
Follow us, join us, be us:

Support the Show.

47 פרקים

#Tech #Podcasting Education #News #Tech News #OWASP PDX #OWASP #Cybersecurity #Security #InfoSec #AppSec #Whitehat #Pentest #Hacking #Vulnerable #Exploitation #Owasp Top 10

John Andersen - The Easiest Way to Use Machine Learning for AppSec (DFFML)

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

25 subscribers

published לפני 5 שנים

שתפו

MP3•בית הפרקים

סדרה בארכיון ("עדכון לא פעיל" status)

When? This feed was archived on September 17, 2024 07:05 (9M ago). Last successful fetch was on July 22, 2024 18:41 (11M ago)

Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.

https://pypi.org/project/dffml/
https://intel.github.io/dffml/
https://www.youtube.com/watch?v=D9puJiKKKS8 (Bsides PDX 2019 Talk)

John is interviewed by John L. Whiteman
Audio production and introduction by Shayne Morgan
Follow us, join us, be us:

Support the Show.

47 פרקים

#Tech #Podcasting Education #News #Tech News #OWASP PDX #OWASP #Cybersecurity #Security #InfoSec #AppSec #Whitehat #Pentest #Hacking #Vulnerable #Exploitation #Owasp Top 10

כל הפרקים

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
AppSec Days PNW 2023 Portland: A conversation with Jeevan Singh and Chelsea Willis 26:43

לפני 2 years26:43

26:43

AppSec Days PNW leaders Jeevan Singh and Chelsea Willis join us to talk about the upcoming OWASP collaborative event from the OWASP chapters of Vancouver, Victoria, Seattle, and Portland happening this year in Portland on June 10th. AppSec Days PNW has been running for three years now and this is the first in person event. You can learn more and register at appsecpnw.org . Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
OWASP Portland Training Day Sponsor Highlight - Summit Security Group 14:43

לפני 4 years14:43

14:43

Summit Security Group is a long time partner of Portland OWASP Training Day and this year's CTF sponsor. David Quisenberry interviews Summit Security Group Managing Director and Founder Dan Briley to talk about their services, trends they are seeing in their security consulting practice, and ways they encourage a learning lifestyle at Summit. Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
OWASP Portland Training Day Sponsor Highlight - Cambia Health 13:02

לפני 4 years13:02

13:02

Support the Show.

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Michael Allen Lake - From the JEDI Initiative to the New U.S. Digital Corps 43:02

לפני 4 years43:02

43:02

Our special guest today is Michael Allen Lake who is a digital transformation consultant focused on innovation and change adoption within the Federal government. He has worked on projects at nine different Federal agencies. His experience ranges from helping organizations leverage data as a strategic asset to the adoption and promotion of enterprise-wide cloud computing and artificial intelligence initiatives. In addition, Michael researches and publishes articles on the diplomatic history of the United States and Mongolia. He is also a volunteer with the Medical Reserve Corps, and co-hosts a YouTube channel on Star Wars called Never Tell Us the Odds . You can find more about Michael and his thoughts at YaksOnTheRunway.com . Links from the show: Michael's Twitter Michael's Instagram Michael's LinkedIn U.S. Digital Corps Yaks on the Runway Never Tell Us the Odds Michael Allen Lake was interviewed by David Quisenberry. Post production work by John L. Whiteman. Introduction and closing by Shayne Morgan. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Sarba Roy - The Security World Is Your Oyster and You Are the Pearl 37:51

לפני 4 years37:51

37:51

Our special guest today is Sarba Roy. Sarba is currently a Product Security Consultant at Umpqua Bank where she is collaborating and acting as a security advisor to the product teams when new digital technologies and/or business needs are identified. She is also the Oregon Affiliate Membership Chair for Women In CyberSecurity (WiCyS), and she also the Oregon Chapter Lead for Infosec Girls and a founding member of WomenH2H, a global community for women leaders and changemakers. She is also a passionate volunteer and advocate for women’s empowerment and education equity while being an artist, writer and mentor at heart, dedicated to helping individuals and organizations to become more compassionate, curious and cybersmart. Check out her recent presentation on our OWASP PDX YouTube channel called "My Journey to Becoming a CISSP - Life Lessons and Study Tips." Other links mentioned during our interview with Sarba can be found in this podcast's RSS feed. Show Links: Women in CyberSecurity Infosec Girls WomenH2H My Journey to Becoming a CISSP LinkedIn Sarba Roy was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Aarti Gadhia - Doing Real Work in Bridging the Diversity Gap in Cybersecurity Leadership 21:18

לפני 4 years21:18

21:18

Our special guest today is Aarti Gadhia. She is a highly successful cybersecurity professional who has worked in various leadership roles in sales and marking for well-known companies such as Bugcrowd, Carbon Black, Trend Micro and Sophos. Aarti is also the founder of Standout to Lead and SHE (Sharing Her Empowerment). Aarti is passionate about bridging the diversity gap in STEM and in leadership. She recently presented at our OWASP AppSec Pacific Northwest Conference on the topic of Women in Appsec: Advice to Differentiate Your Skills. As a podcast bonus, you will learn about how a childhood lesson in making roti with her mother helped shape Aarti to become the strong leader she is today. We want to say thank you to Bugcrowd for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Show Links: LinkedIn Bugcrowd BSides Vancouver The Diana Initiative The Rise of the Cyber Women: Volume 2: Inspirational stories from the women who are taking the cyber security industry by storm PNWSEC https://pnwcon.com Twitter: @pnwseccon pnwseccon@gmail.com (contact) Aarti Gadhia was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Jeff Williams - We Are in the Stone Age for Application Security 44:16

לפני 4 years44:16

44:16

Our special guest today is Jeff Williams, Co-Founder and CTO of Contrast Security. Jeff was one of the pioneering members who formed the Open Web Application Security Project® (OWASP). Not only did he chair it, he also contributed to many successful open source projects, including WebGoat, the OWASP Application Security Verification Standard (ASVS), the OWASP Top Ten and much more. Without him and others we would not be doing this podcast today. Besides founding Contrast Security in 2014, he started Aspect Security in 2002. Jeff got his law degree at Georgetown University Law Center along with a computer science and psychology degree at the University of Virginia. In the early 1990's, he built high assurance systems for the U.S. Navy and taught the INFOSEC curriculum for the NSA during the good old days of the Orange Book - a trusted computer system evaluation criteria for the U.S. Department of Defense. We want to say thank you to Contrast Security for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Jeff's Links Contrast Security LinkedIn Twitter Security Maganize Article - New NIST Standards on IAST and RASP Deliver State-of-the-Art AppSec WebGoat ASVS BlackHat USA - Enterprise Java Rootkits - "Hardly anyone watches the developers" PNWSEC https://pnwcon.com Twitter: @pnwseccon pnwseccon@gmail.com (contact) Jeff Williams was interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Frank Heidt - CEO and Co-Founder of Leviathan Security Group 43:59

לפני 4 years43:59

43:59

Our special guest today is Frank Heidt who is the CEO and Co-Founder at Leviathan Security Group. Frank is a recognized expert in the fields of information assurance, network security and systems penetration. Prior to starting Leviathan, Frank was a managing security architect for @stake. He also engaged in various computer and networking security projects for the U.S. Department of Defense and the U.S. Department of the Navy. You can watch Frank speak at various TEDx conferences online. Frank is also a master at the living art of bonsai. Check out his delightful Jigsaw Bonsai Workshop on YouTube. We want to say thank you to Leviathan Security Group for being one of our sponsors for the inaugural OWASP Pacific Northwest Application Security Conference 2021. Show Links Leviathan Security Group LinkedIn TEDx - State Sanctioned Hacking - The Elephant in the Room TEDx - Hacking 101 Jigsaw Bonsai Workshop PNWSEC https://pnwcon.com https://www.eventbrite.ca/e/first-annual-pacific-northwest-appsec-conference-tickets-155757566073 (buy tickets) @pnwseccon pnwseccon@gmail.com (contact) Frank Heidt was interviewed by David Quisenberry. Post-production by John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Rebekah Brown and Scott J. Roberts - Intelligence-Driven Incident Response 52:50

לפני 4 years52:50

52:50

Our guests today are Rebekah Brown and Scott J. Roberts. They wrote a seminal book together called Intelligence-Driven Incident Response: Outwitting the Adversary . Both have extensive backgrounds in information security. Rebekah started her work as an intelligence and network warfare analyst while honorably serving in the United States Marine Corps, and Scott comes from a more traditional yet impressive background in defensive network security. Both are SANS instructors. To understand its enemy, an organization must first understand its threats by analyzing the data it collects. How to do this effectively is what we will discuss today. Definitely check out their book and listen to this podcast for a surprise announcement. Book: Intelligence-Driven Incident Response: Outwitting the Adversary Twitter: Rebekah Brown Twitter: Scott J. Roberts Rebekah Brown and Scott J. Roberts are interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Farshad Abasi and Roberto Salgado - Our New Pacific Northwest Application Security Conference (PNWSEC) 54:12

לפני 4 years54:12

54:12

On Saturday, June 19, 2021 something very special is going to happen. For the first time, a perfect trifecta of OWASP chapters in the Pacific Northwest are getting together to host a virtual conference focused on serious application security. It's called the Pacific Northwest Application Security Conference (PNWSEC) . The chapters hosting this fine event are from the beautiful, breathtaking Canadian cities of Vancouver and Victoria B.C. and to the south in the States, Portland, Oregon. Our guests today are Farshad Abasi and Roberto Salgado along with our host David Quisenberry, each a leader of the same OWASP chapters respectively. Tickets are going fast so hurry. Also if you want give a talk, including those short lighting ones, or even volunteer, it's still not too late. Go to pnwcon.com for details also check out this podcast's RSS feed for additional information regarding the conference and our guests. PNWSEC https://pnwcon.com https://www.eventbrite.ca/e/first-annual-pacific-northwest-appsec-conference-tickets-155757566073 (buy tickets) @pnwseccon pnwseccon@gmail.com (contact) Vancouver, B.C. OWASP Chapter https://owasp.org/www-chapter-vancouver/ https://twitter.com/owaspvancouver Victoria, B.C. OWASP Chapter https://owasp.org/www-chapter-victoria/ https://twitter.com/owaspvictoria Farshad Abasi (Vancouver, B.C.) https://www.linkedin.com/in/farshadabasi/ Forward Security Inc. @farshadabasi Roberto Salgado (Victoria, B.C.) https://www.linkedin.com/in/roberto-salgado/ Websec Canada @lightos David Quisenberry (Portland, Oregon) https://www.linkedin.com/in/davidmquisenberry/ https://zapproved.com/ @QuizSec Farshad Abasi and Roberto Salgado are interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Jonathan Badeen - Tinder Co-Founder - Flirting With Fire: A Conversation about Start-ups, Evolving App Sec, and His Path of Creation 46:19

לפני 4 years46:19

46:19

Our special guest today is Jonathan Badeen, He is one of the co-founders of Tinder and has been its Chief Strategy Officer since March 2016. He is a programmer, designer and inventor, including Tinder's famous #SwipeRight feature. His other work experiences include Cardify, Chegg Flashcards, Casting Networks' FastCapture & Match Made. He is also an actor with credits in Zombie Wars (2007), The Proposal (2008) and Swiped: Hooking Up in the Digital Age (2018). And if that ain't enough … Jonathan is also lifelong friends with our very own OWASP PDX Chapter President, David Quisenberry. This podcast is sponsored by the We Hack Purple Academy . Links from the show: Homepage Twitter IMDB LinkedIn Tinder Security Jobs Jonathan Badeen is interviewed by David Quisenberry and John L. Whiteman. Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Nabil Hannan - I Can Teach Someone to Be Smart, but I Can't Teach Someone to Be Clever When It Comes to Training a Pentester; A Pentester Must Be the Latter 38:03

לפני 4 years38:03

38:03

Our guest today is Nabil Hannan, who is a Managing Director at NetSPI. He leads the company’s consulting practice, focusing on helping clients solve their cyber security assessment, and threat & vulnerability management needs. He has over 13 years of experience in cyber security consulting from his tenure at Cigital/Synopsys Software Integrity Group. Nabil has also worked as a Product Manager at Research In Motion (now, of course, BlackBerry) and has managed several flagship initiatives and projects through the full software development life cycle. You must also check out Nabil's podcast - Agent of Influence. This podcast is sponsored by the We Hack Purple Academy . Links from the show: NetSPI Agent of Influence Podcast Nabil's Twitter Account Nabil's LinkedIn Account DarkReading Posts by Nabil Nabil Hannan is interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
John Strand - Running a Security Company Is to Do Illegal Things With Permissions 39:41

לפני 4 years39:41

39:41

John Strand is our special guest today. He is the owner of Black Hills Information Security - a company that specializes in penetration testing and security architecture services. He is also cofounder of Active Countermeasures. He created the popular Backdoors and Breaches incident response card game. He wrote a book called Offensive Countermeasures (The Art of Active Defense). He can watch him along with other great guests on the Black Hills Information Security Podcast on YouTube. This podcast is sponsored by the We Hack Purple Academy . Links from the show: John's Twitter Page John's LinkedIn Page Offensive Countermeasures: The Art of Active Defense (book) Black Hills Information Security Black Hills Information Security Podcast Active Countermeasures Backdoors and Breaches Game DaftHack's Twitter Page N0BANDW1DTH's Twitter Page John Strand is interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Lewis Ardern and PwnFunction - Discovering Clever Ways to Exploit the Vue.js JavaScript Framework 47:42

לפני 4 years47:42

47:42

Our special guests today are Lewis Ardern and PwnFunction. Lewis is an Associate Principal Consultant at Synopsys where he focuses on web application security. He is also an organizer for the OWASP Bay Area Chapter. Check out his new SecuriTEA and Crumpets videos on YouTube. PwnFunction is an independent security consultant. He makes popular hacking videos on YouTube. He also created a popular online cross-site scripting (XSS) game where you can learn offensive techniques from basic to advance skill sets. This podcast is sponsored by the We Hack Purple Academy . Links from the show: PwnFunction's Twitter PwnFunction's YouTube PwnFunction's XSS Game PwnFunction's HackerCamp Lewis Ardern's Twitter Lewis Ardern's SecuriTEA & Crumpets (New) Day of Shecurity Day of Shecurity Twitter Evading Defences Using VueJS Script Gadgets (PortSwigger Blog) Code Golf Stack Exchange Parsing Techniques - A Practical Guide (Grune, Dick, Jacobs, Ceriel J.H.) Lewis Arden and PwnFunction are interviewed by David Quisenberry and John L. Whiteman Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our OWASP PDX chapter Support the Show.…

Open Web Application Security Project (OWASP) - Portland, Oregon Chapter

1
Volko Ruhnke, Adam Shostack and Hadas Cassorla - Building Games to Teach Real-World Security 1:08:59

לפני 4 years1:08:59

1:08:59

We have three very special guests today. All come from different backgrounds but share a common interest in gaming - the kind that can be used to teach you things, like how to become better at handling security incidents or winning a historical insurrection. This podcast is sponsored by the We Hack Purple Academy . Volko Ruhnke is a renowned wargame designer and educator. He retired as a career analyst with the CIA and as an instructor for the Sherman Kent School for Intelligence Analysis which is responsible for training people in the intelligence community. While working there he became an acclaimed designer of commercial board games - best known for the COIN Series published by GMT Games . Adam Shostack is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack & Associates , and helps startups become great businesses as an advisor and mentor. While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the "Elevation of Privilege" game. Adam is the author of Threat Modeling: Designing for Security , and the co-author of The New School of Information Security . Hadas Cassorla is a security leader in the Portland area. She is the manager of security engineering and platform engineering at Simple Finance in Portland. She also does work with Hackback Gaming as an Incident Master (IM) running teams through dynamic role playing in tabletop incident response scenarios. Hadas is a recovering attorney too who took up improv after finishing law school. Volko Ruhnke, Adam Shostack and Hadas Cassorla are interviewed by David Quisenberry and John L. Whiteman Links from the Show: Zenobia Award (Board Game Design Contest for Underrepresented Groups) HackBack Gaming Adam Shostack's Home Page Elevation of Privilege Philip Sabin - Simulating War: Studying Conflict through Simulation Games Jeremy Holcomb - The White Box Follow us: Homepage Twitter Meetup LinkedIn YouTube - Become an OWASP member - Donate to our Support the Show.…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.