Hashtag Realtalk with Aaron Bregg
Welcome to my little corner of the Internet!
In this channel I give 'real talk' about information security and technologies that impact both your business and personal lives. I try and focus on issues and items that can help you become more 'security curious'. The ultimate goal of help protect your personal and professional well being.
Employer Disclaimer - The opinions and views expressed in the podcast are not necessarily the views of my current employer, Corewell Health.
Legal Disclaimer - All of the security advice that I give is 'as is' and does not constitute real paid professional advice. As with everything security related, please seek second opinions from paid professionals. Photo by
Hashtag Realtalk with Aaron Bregg
Episode 23 - Let's Talk Web Application Security
In this episode I talk with Zane Lackey about Web Application Security. Zane is the Co-Founder and Chief Security Officer for Signal Sciences.
Talking Points and Listener Submitted Questions:
- What kinds of 'Real World' attacks are people dealing with against web applications?
- How do you detect an attack against a web application?
- How do you measure the effectiveness of your technical web app security controls (WAF, API, Authentication, Business Logic, etc.)?
- How do can you ensure that your companies web application API's cannot be abused to access data that the user is unauthorized to access?
- Do bug bounty programs work?
- Should all SMBs have a web application vulnerability disclosure program?
This episode is sponsored by Signal Sciences. Signal Sciences is a web application security company based out of Culver City, California.