Displaying all 3 Episode of Three Buddy Problem with the tag “web app security”.
-
Vinnie Liu discusses a life in the offensive security trenches
August 7th, 2022 | 1 hr 7 mins
bug bounties, continuous testing, h2c smuggling, pen-testing, security assessments, web app security
A conversation with Bishop Fox chief executive Vinnie Liu on the origins and evolution of the pentest services business, the emerging continuous attack surface management space, raising $75m as a 'growth mode' investment, cybersecurity's people problem, and much more...
-
Collin Greene, head of product security, Facebook
May 25th, 2021 | 1 hr 1 min
bug bounties, facebook, pen-testing, product security, security assessments, web app security
Facebook product security leader Collin Greene joins the show to discuss philosophies around securing code at scale, the pros and cons of relying on bug-bounty programs, the humbling lessons from being on the wrong side of a malicious hack, and why "shift-left" should be the priority for every defender.
-
Shubs Shah on finding riches (and lessons) from bug bounty hacking
April 20th, 2021 | 52 mins 49 secs
bug bounties, continuous testing, h2c smuggling, pen-testing, security assessments, web app security
Shubham Shah is a brilliant hacker who quit his pen-testing job to hack for cash in bug-bounty programs. He quickly mastered the game of automating automating pre-breach reconnaissance and zero in on common webapp programming and configuration errors. Shubs, now co-founder at Assetnote, joined Ryan on the show to talk about the stressful life of a fulltime bug-bounty hunter, advancements in web app security defense, and how automation is completely rewriting the bug-discovery business.