Preview Mode Links will not work in preview mode

DevelopSec: Developing Security Awareness

Jul 7, 2017

In this episode, James talks about Interactive Application Security Testing, or IAST. It is a sort of hybrid approach that is similar to both dynamic and static analysis. Listen in to learn more about it.

The video version of this can be found at https://youtu.be/KHSlDletm9I

For more info go to


Jun 19, 2017

Are you thinking about client vs. server-side input validation?  Curious why each is important and when to use them?  James talks about the basic concepts and how to apply them to create more secure applications.

A video version of this podcast is now available at: https://youtu.be/irO1TOC6-i8

For more info go to


Jun 5, 2017

In this episode I sit down with Geurt van Wijk from IDdriven to discuss IAM and IDaaS. Geurt has many years of experience around Identity and shares some great insights into considerations when working with it. If you typically think of Identity as just a user with credentials and some typical roles, you will want to...


May 24, 2017

It was recently reported that an audio driver on HP systems was logging key strokes to a local file.  Accidental?  Malicious?  Instead, we talk about how to try and avoid this from happening in the future.  

Original Article: https://www.cnet.com/news/keylogger-discovered-on-some-hp-laptops-conexant/

For more info go to...


May 17, 2017

I sat down with Vittorio Bertocci from Microsoft at the Microsoft Build 2017 conference in Seattle Washington.  Vittorio shared some great insights into Identity and some new things around Azure AD and Azure AD B2C.  Listen in to learn more about some of the interesting things going on.  

You can watch Vittorio's...