Security Justice Episode 25 – Interview with Rafal Los, THOTCON, AppSec Security Fail, Cyber what?

June 9th, 2010 Tom Posted in Podcast Episodes | No Comments »

This is the 25th episode of the Security Justice podcast recorded May 19th, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guest Rafal Los (speaker, blogger, appsec ninja).  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We have our very first out of town guest!  Rafal Los from HP joins us for some *very* lively conversation.  You should really read his blogs.
• Rafal gives an update on THOTCON.  Yes, we want to podcast LIVE from THOTCON next year! It’s in Chicago.  We like Chicago.
• Rafal also did 30 disasters in 30 days (this is the first one). Awesome read!
• Check out Rafal’s talk from Source Boston: Into the Rabbit Hole: Execution Flow-Based Web Application Testing. We have some great discussion about this on why we are failing at web app testing.  Can QA do security?  Should developers be licensed like other industries?
• We end with a discussion on security certifications, degrees, red team vs. blue team and the word “Cyber”….oh my.
• Stay tuned after the podcast for some exclusive LIVE dualCORE and an interesting collection of bumpers.  Enjoy!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 25 [ 1:25:15 ] Play Now | Play in Popup | Download (5028)