Aviation ASCII Art, OpenSSH Double-Free, F5 Format String, OSC&R for Supply Chains - ASW #228
The aviation equivalent of ASCII art, a memory safety issue in OpenSSH that might not be terrible, a format string in F5 that might be terrible, a new MITRE framework for supply chain security, programming languages and secure code Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw228 00:00 - Application Security Weekly 01:29 - Security Weekly's guest columnist John Rankin 01:48 - Do we need a bug Bounty program? 02:39 - Bug Bounty 06:22 - ASCII Art 08:16 - Chat GPT 13:23 - C Plus plus 15:38 - What is Secure Code? 17:52 - How frequently does a developer have to deal with patterns? 19:21 - What is the point of this article? 20:13 - Legibility and Readability 24:18 - Pipeline 26:43 - Success Bombs 30:14 - Where do we track an application is running as root? 32:29 - Importing Software 34:40 - Proxies and Network Traffic 35:57 - Application Security Weekly
The aviation equivalent of ASCII art, a memory safety issue in OpenSSH that might not be terrible, a format string in F5 that might be terrible, a new MITRE framework for supply chain security, programming languages and secure code Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw228 00:00 - Application Security Weekly 01:29 - Security Weekly's guest columnist John Rankin 01:48 - Do we need a bug Bounty program? 02:39 - Bug Bounty 06:22 - ASCII Art 08:16 - Chat GPT 13:23 - C Plus plus 15:38 - What is Secure Code? 17:52 - How frequently does a developer have to deal with patterns? 19:21 - What is the point of this article? 20:13 - Legibility and Readability 24:18 - Pipeline 26:43 - Success Bombs 30:14 - Where do we track an application is running as root? 32:29 - Importing Software 34:40 - Proxies and Network Traffic 35:57 - Application Security Weekly