Redefining CyberSecurity

Guest: Jason Haddix, CISO and Hacker in Charge at BuddoBot Inc [@BuddoBot]On LinkedIn | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/Jhaddix____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this Redefining CyberSecurity Podcast, we provide an in-depth exploration of the potential implications of large language models (LLMs) and artificial intelligence in the cybersecurity landscape. Jason Haddix, a renowned expert in offensive security, shares his perspective on the evolving risks and opportunities that these new technologies bring to businesses and individuals alike. Sean and Jason explore the potential risks of using LLMs:🚀 Prompt Injections💧 Data Leakage🏖️ Inadequate Sandboxing📜 Unauthorized Code Execution🌐 SSRF Vulnerabilities⚖️ Overreliance on LLM-generated Content🧭 Inadequate AI Alignment🚫 Insufficient Access Controls⚠️ Improper Error Handling💀 Training Data PoisoningFrom the standpoint of offensive security, Haddix emphasizes the potential for LLMs to create an entirely new world of capabilities, even for non-expert users. He envisages a near future where AI, trained on diverse datasets like OCR and image recognition data, can answer private queries about individuals based on their public social media activity. This potential, however, isn't limited to individuals - businesses are equally at risk.According to Haddix, businesses worldwide are rushing to leverage proprietary data they've collected in order to generate profits. They envision using LLMs, such as GPT, to ask intelligent questions of their data that could inform decisions and fuel growth. This has given rise to the development of numerous APIs, many of which are integrated with LLMs to produce their output.However, Haddix warns of the vulnerabilities this widespread use of LLMs might present. With each integration and layer of connectivity, opportunities for prompt injection attacks increase, with attackers aiming to exploit these interfaces to steal data. He also points out that the very data a company uses to train its LLM might be subject to theft, with hackers potentially able to smuggle out sensitive data through natural language interactions.Another concern Haddix raises is the interconnected nature of these systems, as companies link their LLMs to applications like Slack and Salesforce. The connections intended for data ingestion or query could also be exploited for nefarious ends. Data leakage, a potential issue when implementing LLMs, opens multiple avenues for attacks.Sean Martin, the podcast's host, echoes Haddix's concerns, imagining scenarios where private data could be leveraged and manipulated. He notes that even benign-seeming interactions, such as conversing with a bot on a site like Etsy about jacket preferences, could potentially expose a wealth of private data.Haddix also warns of the potential to game these systems, using the Etsy example to illustrate potential data extraction, including earnings of sellers or even their private location information. He likens the data leakage possibilities in the world of LLMs to the potential dangers of SQL injection in the web world. In conclusion, Haddix emphasizes the need to understand and safeguard against these risks, lest organizations inadvertently expose themselves to attack via their own LLMs.All OWASP Top 10 items are reviewed, along with a few other valuable resources (listed below).We hope you enjoy this conversation!____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesThe inspiring Tweet: https://twitter.com/Jhaddix/status/1661477215194816513Announcing the OWASP Top 10 for Large Language Models (AI) Project (Steve Wilson): https://www.linkedin.com/pulse/announcing-owasp-top-10-large-language-models-ai-project-steve-wilson/OWASP Top 10 List for Large Language Models Descriptions: https://owasp.org/www-project-top-10-for-large-language-model-applications/descriptions/Daniel Miessler Blog: The AI attack Surface Map 1.0: https://danielmiessler.com/p/the-ai-attack-surface-map-v1-0/PODCAST: Navigating the AI Security Frontier: Balancing Innovation and Cybersecurity | ITSPmagazine Event Coverage: RSAC 2023 San Francisco, USA | A Conversation about AI security and MITRE Atlas with Dr. Christina Liaghati: https://itsprad.io/redefining-cybersecurity-163Learn more about MITRE Atlas: https://atlas.mitre.org/MITRE Atlas on Slack (invitation): https://join.slack.com/t/mitreatlas/shared_invite/zt-10i6ka9xw-~dc70mXWrlbN9dfFNKyyzQGandalf AI Playground: https://gandalf.lakera.ai/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Erhan Temurkan, Director of Security and Technology at Fleet Mortgages [@FleetMortgages]____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesIn this Chats on the Road to Infosecurity Europe 2023, hosts Marco and Sean interview Erhan Temurkan, Director of Security and Technology at Fleet Mortgages to discuss his experiences with cybersecurity strategy and diversifying recruitment, emphasizing the need for the security community to learn from each other's experiences and to talk about security incidents to improve outcomes.The conversation touches on the importance of having a diverse range of skills and backgrounds in the cybersecurity workforce, and maintaining a balance of skills for old and new technology. They also discuss how organizations can maintain a workforce for legacy technology while also preparing for the future, and how to recruit candidates with varied experiences and education.The conversation also highlights the value of having flexibility and being open to new ideas, including from younger generations. The hosts encourage listeners to engage with speakers and attendees at events and continue the conversation beyond the sessions.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Erhan's session: Managing the Current Demands of a Cyber Workforce Whilst Looking to Secure the Workforce of the FutureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Paul Watts, Distinguished Analyst at Information Security Forum [@securityforum]On Linkedin | https://www.linkedin.com/in/paulewatts____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesAs part of the traditional Chats on the Road to Infosecurity Europe 2023 series, hosts Sean Martin and Marco Ciappelli welcome Paul Watts, keynote speaker, to discuss the importance of communication, collaboration, and diversity in cybersecurity.The conversation touches on several topics, including the need for security professionals to understand customer needs, the importance of being agile and forward-thinking, and the value of having a nurturing relationship with the business. They also discuss Paul's session on the cybersecurity workforce, where he advocates for creativity and skills beyond just technical expertise.Overall, the episode emphasizes the need for constant, progressive conversations and relationships with the business, recognizing that change is a two-way street. Paul invites listeners to join his sessions at InfoSecurity Europe and engage in meaningful conversations. We look forward to seeing you there!____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Paul's session: Managing the Current Demands of a Cyber Workforce Whilst Looking to Secure the Workforce of the FutureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this story on the ITSPmagazine podcast network, Marco and Sean are joined by Daniel Lattimer and Guido Grillenmeier from Semperis to discuss the challenges of managing Active Directory and Azure AD in the modern cloud era.The foursome speak to the difficulty of determining responsibility and ownership for directory services and touch on the value that secure businesses bring. The conversation covers the potential risks of syncing on-premises and cloud-based directories, the evolving threat landscape, and the importance of securing directory services. They also discuss Semperis' Purple Knight tool, which helps organizations assess their Active Directory security posture and identify potential indicators of compromise.The episode includes several case studies of clients who have improved their security posture with Semperis' offerings. The conversation also explores the ongoing challenge of detecting legitimate logins that are actually malicious and the importance of ongoing monitoring and detection.Overall, the conversation provides informative insights on the complex world of directory services and the challenges of securing them in the modern business environment.Note: This story contains promotional content. Learn more.GuestsDaniel Lattimer, Area Vice President - UK & Ireland at Semperis [@SemperisTech]On Linkedin | https://www.linkedin.com/in/daniel-lattimer-37533016/Guido Grillenmeier, Principal Technologist EMEA at Semperis [@SemperisTech]On Linkedin | https://www.linkedin.com/in/guidogrillenmeier/ResourcesLearn more about Semperis and their offering: https://itspm.ag/semperis-1rooGet a free Active Directory security vulnerability assessment: https://itspm.ag/semperjs0yVisit Semperis at Infosecurity Europe 2023: https://www.infosecurityeurope.com/en-gb/exhibitor-details.org-18976101-97be-4f3d-a009-872b8e0b9079.html#/Are you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this story on the ITSPmagazine podcast network, hosts Sean Martin and Marco Ciappelli invite guest Karl Triebes to take a look back at 10 years of Bad Bot Reports. Looking forward to the future, they discuss the increasing sophistication of bot attacks, the challenges in detecting them, and the potential damage to businesses and society.As they discuss the evolution of bot attacks in the last decade, they outline the increasing focus on API security, account takeover, and business logic attacks. They also discuss the challenges of detecting bot attacks with the rise of AI. The conversation raises philosophical questions about the future of humanity and the potential damage to businesses and society caused by bot attacks.Note: This story contains promotional content. Learn more.GuestKarl Triebes, SVP and General Manager, Application Security at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/karltriebes/On Twitter | https://twitter.com/TriebesResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Download the 2023 Imperva Bad Bot Report: https://itspm.ag/impervv0sgAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Frankie ThomasOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/frankie-thomasHosts:Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode IntroductionOn this "Hacking Your Potential" podcast introduction episode, Sean Martin and Marco Ciappelli are joined by Frankie Thomas to discuss the plans for the show, imposter syndrome, challenges of education, and community support for personal and professional growth.______________________Resources______________________For more podcast stories from Hacking Your Potential Podcast with Frankie Thomas, visit: https://www.itspmagazine.com/hacking-your-potential-podcastWatch the webcast version on-demand on YouTube: (coming soon) Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Robin Lennon Bylenga, Information Security Awareness, Education and Communications Lead at DWS Group [@DWS_Group]On LinkedIn | https://www.linkedin.com/in/robinlbylenga/On Twitter | https://twitter.com/pedalchic____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesIn this Chats on the Road to Infosecurity Europe Conference podcast episode, In this episode of ITSPmagazine, hosts, Sean Martin and Marco Ciappelli, invite Robin Lennon Bylenga, a human factors expert, to discuss the impact of culture on cybersecurity.The conversation emphasizes the importance of involving humans in cybersecurity instead of just relying on technology. Robin advocates building a cybersecurity awareness culture by making cybersecurity relevant to individuals' daily routines. Robin shares valuable insights on folding security into an organization's culture, making it relevant to employees, and using storytelling to build a security culture.Sean and Marco highlight the significance of Robin's upcoming keynote speech at Infosecurity Europe, where she will explain the importance of a good security culture using stories. The conversation also touches upon GDPR and avoiding over-reliance on technology while making metrics to measure success.The conversation provides an holistic perspective on how the culture of an organization influences cybersecurity, as cybersecurity is not just about technology, but it's also about the way people make sense of it.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Robin's session: ‘Culture Eats Strategy for Breakfast’ - Building a Strong Cyber Security Awareness CultureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests:Dr. Stacy Thayer, Senior Manager, Marketing Research and Engagement at Netography [@netography] and Adjunct Professor of CyberPsychology at Norfolk State University [@Norfolkstate]On LinkedIn | https://www.linkedin.com/in/stacythayer/Dr. Darius Hines-Cross, Security Assigned Expert at Splunk [@splunk]On LinkedIn | https://www.linkedin.com/in/dariushinescross/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity on ITSPmagazine Podcast Network, host Sean Martin is joined by Dr. Stacy Thayer and Dr. Darius Hines-Cross to explore how virtual and augmented reality can be used in cybersecurity to improve business operations. Throughout the conversation, the group discusses the possibilities and ethical implications of using these technologies. They speculate on how virtual and augmented reality can be used to improve cybersecurity operations, such as training and simulations.The experts explore the wide range of implications and opportunities that virtual and augmented reality offer in various industries, including the healthcare industry to help draw some analogies to other business operations. In another example, virtual reality can allow individuals to experience alternate worlds and places that may not be physically accessible. However, the group also discusses the potential dangers of crafted reality, where the reality is still controlled by someone else. They also discuss how virtual classrooms could be used to improve student participation in courses.During the episode, the group also touches on the challenges of implementing such technology and the importance of doing research and risk analysis before investing. Small and medium-sized businesses are also discussed, with emphasis on the potential risks associated with implementing technology without proper security concerns. The podcast ends by stressing the opportunities and challenges of using virtual and augmented reality in various industries, including cybersecurity, and how technology can be used ethically to improve society.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________Resources____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: John Chambers, Founder and CEO at JC2 Ventures [@JC2Ventures]On Linkedin | https://www.linkedin.com/in/johnchambersjc/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesOn this episode of Redefining Cybersecurity, John Chambers - former CEO of Cisco and current CEO of JC2 Ventures - speaks with host Sean Martin about the intersection of cybersecurity and risk with AI, the state of enterprise budgets for cybersecurity, innovation in the tech industry, and the need for education and innovation hubs. Chambers warns that companies need a well-thought-out plan when it comes to AI strategies and cybersecurity strategies, emphasizing that those without plans may experience difficulties raising funds and suffer from stock declines. He notes the complexities arising from cybersecurity attacks, specifically those leveraging AI, and highlights the importance of getting ahead of the issue. Chambers also talks about the need for companies to evolve and emphasizes the importance of innovation.Later in the conversation, Chambers and Martin shift to the need for education and innovation hubs, discussing how these hubs are shifting from being limited to only the coasts. They discuss how the industry playbook is similar to previous movements in cloud and internet technology, but the speed of change and disruption has evolved. Chambers highlights the changes occurring in West Virginia and notes the emergence of a new crop of cybersecurity professionals entering the field.The episode concludes with Chambers emphasizing the need for a change in education to achieve long-term success in the industry, with a focus on sharing knowledge and innovation throughout the country. Overall, the episode provides listeners with insights on the future of cybersecurity and innovation, the importance of having a well-planned strategy for both fields, and the need for education and innovation hubs to achieve success.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________Resources____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests:Andrew Woodhouse, CIO at RealVNC [@RealVNC]On Linkedin | https://www.linkedin.com/in/ajwoodhouse/Dr. Mario Heiderich, Founder of Cure53 [@cure53berlin]On Linkedin | https://www.linkedin.com/in/marioheiderich/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesThis Redefining CyberSecurity podcast features insights from Andrew Woodhouse, Dr. Mario Heiderich, and host Sean Martin, who explore various aspects of system and application security. Woodhouse introduces software composition analysis and the importance of security initiatives like ISO 27001. Dr. Heiderich discusses the roles in security testing, and the parallels between traditional QA testing and security testing methods. The use of C++ as a core language, the intricacies of managing large-scale software, and the complexities of auditing entire tech stacks are also highlighted. The discussion provides an overall comprehensive understanding of tech stack security tests and audit processes.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesWhite Box Testing – What is, Techniques, Example & Types: https://www.guru99.com/white-box-testing.html____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.