PodParley PodParley
PodParley
Episode 08: Web application security episode artwork

EPISODE · Sep 22, 2021 · 47 MIN

Episode 08: Web application security

from Off Script · host Hey! Presents

Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. Big data breaches can lead to losing customer trust so it’s so important to makes sure you’re running a tight ship with security. Basic security maintenance is essential but what can companies and individuals be doing to make sure their web applications are secure during a time of high value bug bounties being offered to people for finding vulnerabilities? Bug bounties. The positives, negatives and relevancy to different sized agencies The use of bots to find MongoDB vulnerabilities Encrypted vaults The Slack issue How hard is it to put secure processes in place from the start? Canary and environment variables If you’re a security researcher, what do you do with responsible disclosure? The fine line between helping the hackers and helping the community What makes a good, secure app? Package managers Modern libraries making it obvious when you are doing a bad thing Open pull requests Get your house in order with OWASP Frameworks and the early standards they set with password management and security hygiene Importance of rotating keys Human interfaces and the floors surrounding them What can we learn from Twelve-Factor? Github Workspaces and recreatable environments The issues of convenience Macs vs dev accessibility and Windows catching up Github and Atom Good, automated test suites How to have a good view on what makes a good security test Falling into the trap of feeling productive Sitting down with the team to discuss testing value and priorities The creativity of SQL injection Reinventing the wheel Dangers of writing an encryption tool and importance of getting an external security company Resources: GitHub Security Bug Bounty snyk Yarn The Open Web Application Security Project 12 Factor Hyper Find out more about Stac and Parallax: Stac Parallax

What this episode covers

Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the common pitfalls they are seeing people fall for. Big data breaches can lead to losing customer trust so it’s so important to makes sure you’re running a tight ship with security. Basic security maintenance is essential but what can companies and individuals be doing to make sure their web applications are secure during a time of high value bug bounties being offered to people for finding vulnerabilities? Bug bounties. The positives, negatives and relevancy to different sized agencies The use of bots to find MongoDB vulnerabilities Encrypted vaults The Slack issue How hard is it to put secure processes in place from the start? Canary and environment variables If you’re a security researcher, what do you do with responsible disclosure? The fine line between helping the hackers and helping the community What makes a good, secure app? Package managers Modern libraries making it obvious when you are doing a bad thing Open pull requests Get your house in order with OWASP Frameworks and the early standards they set with password management and security hygiene Importance of rotating keys Human interfaces and the floors surrounding them What can we learn from Twelve-Factor? Github Workspaces and recreatable environments The issues of convenience Macs vs dev accessibility and Windows catching up Github and Atom Good, automated test suites How to have a good view on what makes a good security test Falling into the trap of feeling productive Sitting down with the team to discuss testing value and priorities The creativity of SQL injection Reinventing the wheel Dangers of writing an encryption tool and importance of getting an external security company Resources: GitHub Security Bug Bounty snyk Yarn The Open Web Application Security Project 12 Factor Hyper Find out more about Stac and Parallax: Stac Parallax

NOW PLAYING

Episode 08: Web application security

0:00 47:51

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

Do you need to be a Raver to enjoy Rotterdam's wildest nights?

Sep 14, 2025 ·22m

Japan Then & Now: 10 Years of Travel, Culture & Change

Aug 10, 2025 ·46m

Ancient Arc 05: Legendary Nestor & Mycenaean Culture

Aug 3, 2025 ·43m

Ancient Arc 04: Ancient Messini

Jul 27, 2025 ·49m

Ancient Arc 3: Apollon Epicurius

Jul 20, 2025 ·21m

Ancient Arc 2: Realm of the Nymphs

Jul 13, 2025 ·22m

Similar Podcasts

On the Floor with Little Fern Little Fern Salon Step into the world of Little Fern Salon, where two hairstylists, Female co-owners,  serve up behind-the-chair secrets every other week. From the chaos of running a business to heart-to-hearts with clients, nothing is off-limits in this unfiltered look at salon life. Expect juicy stories, unexpected twists, and a touch of drama, all served with a side of wit and style. Each episode is a reminder that no day—or conversation—is ever ordinary in our little corner of the world. XOXO, Fern Girlz Explicit Unfiltered Casefile Presents Unfiltered invites guests from all walks of life to share real stories about justice and transformation. Join host Raquel O'Brien for a series of raw and honest conversations from a range of perspectives in an invitation for you to make up your own mind. No topic is off-limits. Hosted on Acast. See acast.com/privacy for more information. Explicit Inglorious RBG Robyn Brooke Inglorious RBG is a podcast where no topic is off limits. Robyn gets personal in interviews with friends, family, and special guests about life experiences, including: self-growth and exploration, dating and relationships, finding your "path", and taking risks. Life is a winding road, and we’re embracing all the glorious, and inglorious moments it has to offer. Explicit Dark Ride Podcast Dark Ride Take a ride with us into the spooky, wacky, irrelevant, and spectacular. No topic is off limits- if it makes your skin crawl, we are here to walk you through it. This podcast has a 40 foot drop straight into creepy topics, with a hint of dark humor. Please note that this podcast will have spins, twists, and sharp turns. For your safety please keep your hands, arms, feet, and legs inside the ride at all times and enjoy the dark ride podcast. Explicit

Frequently Asked Questions

How long is this episode of Off Script?

This episode is 47 minutes long.

When was this Off Script episode published?

This episode was published on September 22, 2021.

What is this episode about?

Today, Off Script hosts Josh and James discuss all things web application security. It’s something that is getting more and more important to get right. More cyber attacks. More ransomware attacks. They address good application hygiene and the...

Can I download this Off Script episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!