Risky Business and OWASP Podcast Interviews with Ron Gula
Recently, I had the chance to be interviewed for two different podcasts.
In Risky Business #138, I had the opportunity to chat with show host Patrick Gray about the recent Google hack, why they may have been using IE6 and what this means for information security in general. This episode also features an interview with Dan Geer on the future of computing which I highly recommend.
In OWASP #58, I was interviewed by the show's producer, Jim Manico. Jim received several questions from the Internet and Twitter about the similarities between web application firewalls and intrusion detection systems which we covered in depth. We also spoke at great length about web application penetration testing, how web application security can be managed and leveraging technologies such as file integrity checking and process accounting for detecting and responding to incidents.
Related Articles
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.