If web application security is one of the many things you have on your job description, then you should watch episode 457 of Paul's Security Weekly.
In this episode, the show's host Paul Asadoorian is joint by industry veteran Jack Daniel, infosec consultant Joff Thyer and Netsparker's CEO and founder Ferruh Mavituna. In this web application security focused episode participants discussed subjects such as:
- What is going on at Netsparker and the aim to automate as much as possible from the web vulnerability detection process to help organizations keep all of their complex web assets secure.
- How to find the right balance between speed, intrusiveness and thoroughness when using a security tool to automatically scan more than 1,000 websites and web applications for security flaws.
- How can enterprises digest all the information from the scan results of thousands of websites and pass all that information to the web developers so they can fix the identified vulnerabilities.
- How can businesses integrate automated web application security scanning at every stage of the SDLC, including automated scanning of the fixes that developers submit.
- The challenges web developers face when they have to write both functional and secure code, yet still meet the project's deadlines.