DevelopSec: Developing Security Awareness
Jardine Software Inc.
Outreach Signals
Publishing Details
Contact & Outreach
About This Podcast
Curious about application security? Want to learn how to detect security vulnerabilities and protect your application. We discuss different topics and provide valuable insights into the world of application security.
Podcasting 2.0 Features
Social Media
Explore Statistics
Recent Episodes
S1E129 Ep. 129: When Security Recommendations Miss The Point
Ever read a security advisory that told you to “use a VPN” to protect a Bluetooth device? In this episode we talk about how bad or inaccurate recommendations can be a problem with security findings. …
S1E128 Ep. 128: OWASP Top 10 2025
In this episode James gives an overview of the new OWASP Top 10 2025. He shares some insights into the history, changes, and additional thoughts on the top 10. Do you have any thoughts on the OWASP…
S1E127 Ep. 127: Importance of Terminology
In this episode, James talks about the difference between end-to-end encryption and the standard encryption in transit most web applications implement. There is an interesting story (referenced…
S1E126 Ep. 126: Avoiding Panic and Misunderstandings with Proper Authentication Failure Reporting
Have you ever felt that feeling of thinking your account has been compromised? It can be a scary feeling. But what about when it didn't really happen? Instead it was just confusing messaging. That…
S1E125 Ep. 125: From Flat Tires to AppSec: The Power of Tools and Process
In this episode, James shares a story about fixing a flat tire on an E-Scooter and how it relates to security. He shows how the combination of tools, process, and knowledge can lead to a successful…
S1E124 Ep. 124: Double-ClickJacking
In this episode, I go over what Double-ClickJacking is and what you can potentially do about it to reduce the risk to your applications. Will this be the new finding on everyone's pen tests this…
S1E123 Ep. 123: Goals of Security Culture - Sort of?
In this episode, I talk about how security is a part of everyone's role and the labeling of "Security Culture". I share some ideas on how to improve on role based security awareness and building…
S1E122 Ep. 122: Integrating Security Responsibilities into Development
In this episode I talk about assigning responsibility for secure development and how the dev and security teams should be working together to accomplish a common goal. I also discuss the importance…
S1E121 Ep. 121 - Evolving Ransomware: Unique Tactics for Payment
In this episode I talk about the evolving world of ransomware. I discuss a few examples of unique tactics the malicious actors are using to put pressure on organizations to pay the…
S1E120 Ep. 120: Addressing Root Cause - Vulnerable Components
In this episode we talk about addressing the root cause of an issue versus the symptoms. How can the process of keeping application components updated be improved? For more info go to…
S1E119 Ep. 119: Risks of SpellCheck
In this episode we talk about the spell check feature of the browser and how it could present a risk to sensitive data. Link to article referenced:…
S1E118 Ep. 118: Log4J Sparking Thought on Vulnerable Components
Log4J has been the talk of the town recently and everyone is focused on the technical details of the specific vulnerabilities found. In this episode, James talks about the overarching ideas around…
S1E117 Ep. 117: How Browsers are Helping with Security
Chrome has announced a few changes that we need to watch out for in the near future. We previously talked about the default value for samesite that is coming up fast. I wrote about this here:…
S1E116 Ep. 116: Chrome Retires XSS Auditor
It was recently announced that Chrome was dropping the XSS Auditor in Chrome 78. What does that mean and how does that change things for you as a developer?…
S1E115 Ep. 115: Is CSRF Really Dead?
In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead?For more info go to https://www.developsec.com or follow us on…
S1E114 Ep. 114: Investing in People for Better Application Security
In this episode, James talks about investing in the development teams to increase application security priorities.For more info go to https://www.developsec.com or follow us on twitter…
S1E113 Ep. 113: What is your mother's maiden name?
In this episode, James talks about some of the risks and recommendations around security questions and their implementation. For more info go to https://www.developsec.com or follow us on twitter…
S1E112 Ep. 112: Application Fingerprinting
Does your application give away details about it server, framework, or other components? How is this information used by an attacker? Check out this episode to learn more.For more info go to…
S1E111 Ep. 111: Authentication Alerts
Would you know if someone authenticated to your account? With the breaches we see in the news, and attacks like credential stuffing, there must be a way to be alerted to account access. James talks…
S1E110 Ep. 110: Implementation Matters
James discusses how implementation matters with security controls and how it changes priorities. This came about after reading the following…
Frequently Asked Questions
DevelopSec: Developing Security Awareness has published 133 episodes since January 2014, covering topics in Education, News.
DevelopSec: Developing Security Awareness is currently sporadic with new episodes weekly. Average episode length is 18m.
Sign up on Grep.FM to access contact details for DevelopSec: Developing Security Awareness, including email and social media links.
Similar Podcasts
Mac Geek Gab — Apple Tips, Tricks, and Troubleshooting
Dave Hamilton, Pilot Pete & Adam Christianson
1,145 episodes
Programming Throwdown
Patrick Wheeler and Jason Gauci
188 episodes
Programming Throwdown
Patrick Wheeler and Jason Gauci
188 episodes
CoRecursive: Coding Stories
Adam Gordon Bell - Software Developer
115 episodes
BSD Now
JT Pennington
667 episodes
Destination Linux
Deviant Airwaves
475 episodes