In this first of two episodes of AppSec Decoded, recorded live at RSA 2022 in San Francisco, Tim Mackey, principal security strategist within the Synopsys Cybersecurity Research Center, and Taylor Armerding, security advocate at Synopsys, discuss the overall focus of that guidance: How to build processes and programs around risk-based principles.

Password security has been a hot topic since the Internet’s inception. Once upon a time, securing your accounts was as simple as not setting your password as “password.” Now, there can’t be talk about password security without multi-factor authentication (MFA) and how it has become a critical solution to protect users, data, networks, and more. WatchGuard and Miercom, an independent organization focused on product testing, have worked together on testing three MFA solutions and assessing performance in user and admin experiences.

Learn how to tackle a common problem known as “MAC Spoofing” faced by many security teams looking to control access to the network. In this video you will gain an understanding what MAC Spoofing is, why it's a problem, and how Forescout is uniquely positioned to help detect it. You will be able to differentiate between the two primary MAC Spoofing scenarios and the strategies used for detection and learn how to configure Forescout to detect both scenarios and test successfully.

During this live stream, we explored the vulnerability known as Dompdf. We looked at what DomPDF is, how DomPDF makes your applications vulnerable, and most importantly what you can do to protect yourself.

This week on the podcast we review our time at this year's Black Hat and Def Con cybersecurity conferences in Las Vegas. We'll cover how the WatchGuard CTF contest went this year and discuss takeaways from a few of the briefings we attended. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

Mutations within GraphQL are simply queries that modify or change data within the target platform. In this episode, we will cover some of the various mutations available within the Rubrik GraphQL schema, and show you how they can be used to insert, update, or delete data.

At the core of GraphQL lies the query. Queries allow us to fetch exactly the data we need from the Rubrik platform. This episode will dive into how we form basic queries to retrieve Rubrik objects for usage with automation. We’ll talk about how to form a query, create fragments, and pass data into our queries using variables.

Join 1Password senior developer, Nathan West, as he demystifies atomics – the primitive rules for safely interacting with shared memory from multiple threads. Nathan shows that, while complex, atomic code really is possible to understand. He discusses the C11 memory model, atomic and nonatomic operations, and memory orderings. Nathan also provides insight and clarification on the often-confusing concept of each thread having an independent view of the memory.

With the launch of Rubrik Security Cloud, a new way to interface with Rubrik APIs has been introduced, GraphQL. In our first episode, we will dive into why Rubrik chose to implement GraphQL endpoints, and what the difference is between our RESTful APIs and our GraphQL APIs.

In our micro webinar series, UpGuard Sessions provide you with a quick dive into the most timely topics in cyber security that will help you with third-party risk management, discover potential vendor risks, and comply with regulations. Interested in finding out more about UpGuard?