Creating the Secure Pipeline Verification Standard - Farshad Abasi - ASW #274
Application Security Weekly (Audio) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Farshad Abasi joins us again to talk about creating a new OWASP project, the Secure Pipeline Verification Standard. (Bonus points for not being a top ten list!) We talk about what it takes to pitch a new project and the problems that this new project is trying to solve. For this kind of project to be successful -- as in making a positive impact to how software is built -- it's important to not only identify the right audience, but craft guidance in a way that's understandable and achievable for that audience. This is also a chance to learn more about a project in its early days and the opportunities for participating in its development!
Segment resources
PrintListener recreates fingerprints, iMessage updates key handling for a PQ3 rating, Silent Sabotage shows supply chain subterfuge against AI models, 2023 Rust survey results, the ways genAI might help developers, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-274