DtSR Episode 154 - Enterprise Software Security Reloaded

Send the hosts a message - try it now! In this episode Raf asks - Why haven’t we solved the same old software security bugs?James asks how a security team gets out of the way and still get better security?We discuss threat modeling, and channel a bit of John StevenJeff talks about the OWASP ESAPI and standard security libraries and controlsJeff talks about “libraries with known vulnerabilities” and the role of open source componentsRaf brings up the ugly side of enterprise outsourcing - code ...