web01.fireside.fm Thu, 16 Apr 2026 15:37:54 -0500 Fireside (https://fireside.fm) Off Script - Episodes Tagged with “Web Application Security” https://off-script.fireside.fm/tags/web%20application%20security Wed, 22 Sep 2021 10:00:00 +0100 Hosted by CTOs Josh Nesbitt and James Hall, Off Script brings you unfiltered conversations about the highs, lows, and lessons of working in tech today. From leading engineering teams and scaling companies, to tackling burnout, bad bets, and breakthrough ideas, this is the show where raw honesty meets experience. Alongside one-on-one conversations between Josh and James, you’ll hear from leaders, builders, designers, and entrepreneurs who aren’t afraid to share what’s really going on behind the scenes — the conversations usually left for DMs, side chats, and after-hours drinks. Whether you’re building your first product or leading a fast-growing team, Off Script gives you a raw and refreshing perspective on the challenges and creativity that shape modern tech. New episodes every few weeks. Subscribe and join the conversation. en-gb episodic Where raw honesty meets experience. Unfiltered conversations at the edge of tech, leadership, and creativity. Hey! Presents Hosted by CTOs Josh Nesbitt and James Hall, Off Script brings you unfiltered conversations about the highs, lows, and lessons of working in tech today. From leading engineering teams and scaling companies, to tackling burnout, bad bets, and breakthrough ideas, this is the show where raw honesty meets experience. Alongside one-on-one conversations between Josh and James, you’ll hear from leaders, builders, designers, and entrepreneurs who aren’t afraid to share what’s really going on behind the scenes — the conversations usually left for DMs, side chats, and after-hours drinks. Whether you’re building your first product or leading a fast-growing team, Off Script gives you a raw and refreshing perspective on the challenges and creativity that shape modern tech. New episodes every few weeks. Subscribe and join the conversation. yes Technology leadership, CTO podcast, Creative technologists, Product development, Engineering culture, Software teams, AI and product, Startup stories, Agency leadership, Honest tech conversations, Scaling tech companies, Tech industry insights, Tech News Hey! Presents offscript@heypresents.com Episode 08: Web application security https://off-script.fireside.fm/08 1fb18277-ba46-434d-ae3d-ef9f0e7825c0 Wed, 22 Sep 2021 10:00:00 +0100 Hey! Presents full 2 Hey! Presents Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. 47:51 yes Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. Big data breaches can lead to losing customer trust so it’s so important to makes sure you’re running a tight ship with security. Basic security maintenance is essential but what can companies and individuals be doing to make sure their web applications are secure during a time of high value bug bounties being offered to people for finding vulnerabilities? Bug bounties. The positives, negatives and relevancy to different sized agencies The use of bots to find MongoDB vulnerabilities Encrypted vaults The Slack issue How hard is it to put secure processes in place from the start? Canary and environment variables If you’re a security researcher, what do you do with responsible disclosure? The fine line between helping the hackers and helping the community What makes a good, secure app? Package managers Modern libraries making it obvious when you are doing a bad thing Open pull requests Get your house in order with OWASP Frameworks and the early standards they set with password management and security hygiene Importance of rotating keys Human interfaces and the floors surrounding them What can we learn from Twelve-Factor? Github Workspaces and recreatable environments The issues of convenience Macs vs dev accessibility and Windows catching up Github and Atom Good, automated test suites How to have a good view on what makes a good security test Falling into the trap of feeling productive Sitting down with the team to discuss testing value and priorities The creativity of SQL injection Reinventing the wheel Dangers of writing an encryption tool and importance of getting an external security company Resources: * GitHub Security Bug Bounty (https://bounty.github.com/) * snyk (https://snyk.io/) * Yarn (https://yarnpkg.com/) * The Open Web Application Security Project (https://owasp.org/) * 12 Factor (https://12factor.net/) * Hyper (https://hyper.is/) Find out more about Stac and Parallax: * Stac (https://stac.works) * Parallax (https://parall.ax) tech, community, development, web, web tech, web technology, web development, web security, software alternatives, privacy, automated testing, bug bounties, encrypted vaults Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. Big data breaches can lead to losing customer trust so it’s so important to makes sure you’re running a tight ship with security.

Basic security maintenance is essential but what can companies and individuals be doing to make sure their web applications are secure during a time of high value bug bounties being offered to people for finding vulnerabilities?

  • Bug bounties. The positives, negatives and relevancy to different sized agencies
  • The use of bots to find MongoDB vulnerabilities
  • Encrypted vaults
  • The Slack issue
  • How hard is it to put secure processes in place from the start?
  • Canary and environment variables
  • If you’re a security researcher, what do you do with responsible disclosure?
  • The fine line between helping the hackers and helping the community
  • What makes a good, secure app?
  • Package managers
  • Modern libraries making it obvious when you are doing a bad thing
  • Open pull requests
  • Get your house in order with OWASP
  • Frameworks and the early standards they set with password management and security hygiene
  • Importance of rotating keys
  • Human interfaces and the floors surrounding them
  • What can we learn from Twelve-Factor?
  • Github Workspaces and recreatable environments
  • The issues of convenience
  • Macs vs dev accessibility and Windows catching up
  • Github and Atom
  • Good, automated test suites
  • How to have a good view on what makes a good security test
  • Falling into the trap of feeling productive
  • Sitting down with the team to discuss testing value and priorities
  • The creativity of SQL injection
  • Reinventing the wheel
  • Dangers of writing an encryption tool and importance of getting an external security company

Resources:

Find out more about Stac and Parallax:

]]> Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. Big data breaches can lead to losing customer trust so it’s so important to makes sure you’re running a tight ship with security.

Basic security maintenance is essential but what can companies and individuals be doing to make sure their web applications are secure during a time of high value bug bounties being offered to people for finding vulnerabilities?

  • Bug bounties. The positives, negatives and relevancy to different sized agencies
  • The use of bots to find MongoDB vulnerabilities
  • Encrypted vaults
  • The Slack issue
  • How hard is it to put secure processes in place from the start?
  • Canary and environment variables
  • If you’re a security researcher, what do you do with responsible disclosure?
  • The fine line between helping the hackers and helping the community
  • What makes a good, secure app?
  • Package managers
  • Modern libraries making it obvious when you are doing a bad thing
  • Open pull requests
  • Get your house in order with OWASP
  • Frameworks and the early standards they set with password management and security hygiene
  • Importance of rotating keys
  • Human interfaces and the floors surrounding them
  • What can we learn from Twelve-Factor?
  • Github Workspaces and recreatable environments
  • The issues of convenience
  • Macs vs dev accessibility and Windows catching up
  • Github and Atom
  • Good, automated test suites
  • How to have a good view on what makes a good security test
  • Falling into the trap of feeling productive
  • Sitting down with the team to discuss testing value and priorities
  • The creativity of SQL injection
  • Reinventing the wheel
  • Dangers of writing an encryption tool and importance of getting an external security company

Resources:

Find out more about Stac and Parallax:

]]>