View More ASW Episodes

Where Generative AI Can Actually Help Security (And Where It Doesn’t) – Farshad Abasi, Allie Mellen – ASW #292

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don’t always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-fulfill-your-autonomous-soc-hopes-or-even-your-demo-dreams/ https://www.forrester.com/blogs/top-5-things-you-need-to-know-about-how-generative-ai-is-used-in-security-tools/ https://www.forrester.com/blogs/the-blob-is-poisoning-the-security-industry/ SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, ...

Full Show Notes
Segment One

Where Generative AI Can Actually Help Security (And Where It Doesn’t) – Allie Mellen, Farshad Abasi – ASW #292

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders.

Segment resources:

Guests
Principal Analyst at Forrester Research

Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield. She is a leading industry analyst who advises the Global 2000 on cybersecurity policy and practice, with a focus on detecting and responding to nation-state attacks. She is a featured speaker at many leading security conferences, including RSA Conference, Black Hat, SANS events, and others. Her insights are frequently featured in top business and technology outlets such as NPR, The Wall Street Journal, and The Washington Post. 

Founder and CEO at Forward Security and Eureka DevSecOps

Farshad Abasi is the Founder and CEO of Forward Security and Eureka DevSecOps, bringing over 29 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad’s commitment to the field extends to his role as an instructor at BCIT, where he imparts his wealth of knowledge to the next generation of cybersecurity experts. His diverse experience, which spans startups to large enterprises, informs his approach to delivering adaptive and reliable solutions.

Engaged actively in the cybersecurity community through roles in BSides Vancouver/MARS, OWASP Vancouver/AppSec PNW, and as a CISSP designate, Farshad’s vision and leadership continue to drive the industry forward. Under his guidance, Forward Security and Eureka are setting new standards in application and cloud security.

Announcements

  • You're invited to InfoSec World 2024 at Disney’s Coronado Springs Resort in Lake Buena Vista, FL, from September 23-25. Join top cybersecurity experts for this premier event! Save 25% on your pass by using code ISW24-SW25 when you register at securityweekly.com/infosecworld2024. Don’t miss out on this exclusive opportunity!

Segment Two

SAPwned, Squarespace Domain Hijacks, AIs Fixing Code, Infosec Investments – ASW #292

SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more!

Guest
Founder and CEO at Forward Security and Eureka DevSecOps

Farshad Abasi is the Founder and CEO of Forward Security and Eureka DevSecOps, bringing over 29 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad’s commitment to the field extends to his role as an instructor at BCIT, where he imparts his wealth of knowledge to the next generation of cybersecurity experts. His diverse experience, which spans startups to large enterprises, informs his approach to delivering adaptive and reliable solutions.

Engaged actively in the cybersecurity community through roles in BSides Vancouver/MARS, OWASP Vancouver/AppSec PNW, and as a CISSP designate, Farshad’s vision and leadership continue to drive the industry forward. Under his guidance, Forward Security and Eureka are setting new standards in application and cloud security.

Announcements

  • Maximize your investment at BlackHat 2024 with a 1:1 on-site interview. Drive thought leadership and boost brand awareness with CyberRisk Alliance's expert editorial team from Security Weekly and SC Media. Act now, limited interview slots available - secure yours today at https://securityweekly.com/blackhat2024

List of Articles

Mike Shema

  1. Give Me the Green Light Part 1: Hacking Traffic Control Systems — Red Threat
  2. SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts | Wiz Blog
  3. Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
  4. AI Cyber Challenge (AIxCC) and the Needle Linux Kernel Vulnerability – Part 2
  5. Why Good Security Fails: The Asymmetry of InfoSec Investment
  6. Our Statement on Today’s Outage | CrowdStrike
Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Episodes

Related Content

You can skip this ad in 5 seconds