#AppSec Recommendations (S03E08) – Application Security PodCast

Chris and Robert go over a plethora of recommendations they have accumulated over their years of experience in the industry.
Chris’s recommendations
1. Book: Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
by Laura Bell (Author),‎ Michael Brunton-Spall (Author),‎ Rich Smith (Author),‎ Jim Bird (Author)
2. Website: Iron Geek
Adrian Crenshaw records many major, non-commercial security conferences and posts the talks to Youtube
3. Book: The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations
by Gene Kim  (Author),‎ Patrick Debois  (Author),‎ John Willis (Author),‎ Jez Humble  (Author)
 4. News Source: The Register
News site, but has great sources and a bit of British humor attached to technology failures
5. Blog: TechBeacon
6. Book: Threat Modeling: Designing for Security
by Adam Shostack  (Author)
7. Book: The Tangled Web: A Guide to Securing Modern Web Applications
by Michal Zalewski  (Author)
8. Book: Start with Why: How Great Leaders Inspire Everyone to Take Action
by Simon Sinek  (Author)
Not a security book, but a good approach for those trying to change a security culture
Robert’s Recommendations
1. Books by Martin Fowler (Author)
He wrote many books on understanding Architecture.
2. Book: Software Security: Building Security In
by Gary McGraw (Author)
3. Book: Core Software Security: Security at the Source
by James Ransome (Author) and Anmol Misra (Author)
4. Book: Threat Modeling: Designing for Security
by Adam Shostack  (Author)
5. Websites: Troy Hunt
6. Conferences: #AppSec USA, , B-Sides, Source, Converge
7. Website: Google Alerts
Use this to be notified about specific topics you want to learn about.
8. Book: The Checklist Manifesto: How to Get Things Right
by Atul Gawande (Author)
9. Book Securing Systems: Applied Security Architecture and Threat Models
by Brook S. E. Schoenfield (Author)
10. Book: Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis
by Tony UcedaVelez (Author) and Marco M. Morano
By |2018-07-27T20:12:25+00:00March 9th, 2018|podcast, Uncategorized|0 Comments