Broadening What We Call AppSec – Christien Rioux – ASW #179
There's an understandable focus on "shift left" in modern DevOps and appsec discussions. So what does it take to broaden what we call appsec into something effective for modern apps, whether they're on the web, mobile, or cloud? We'll talk about moving on from niche offerings into successful appsec programs.
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
We had an absolute blast putting together this year's SW Unlocked virtual event! All presentations are now available on-demand for your viewing pleasure. Please visit https://securityweekly.com/unlocked to register and watch now!
Guest
Christien Rioux, also known by his handle DilDog, is a Distinguished Engineer at Lacework and the co-founder and former chief scientist for the Burlington, Massachusetts based company Veracode, for which he is the main patent holder. Educated at MIT, Rioux was a computer security researcher at L0pht Heavy Industries and then at the company @stake (later bought by Symantec). While at @stake, he looked for security weaknesses in software and led the development of Smart Risk Analyzer (SRA). He co-authored the best-selling Windows password auditing tool @stake LC (L0phtCrack) and the AntiSniff network intrusion detection system.He is also a member of Cult of the Dead Cow and its Ninja Strike Force. Formerly, he was a member of L0pht.DilDog is best known as the author of the original code for Back Orifice 2000, an open source remote administration tool. He is also well known as the author of “The Tao of Windows Buffer Overflow.”