OWASP Purpleteam with Kim Carter
.NET Rocks!6 Apr 2021

OWASP Purpleteam with Kim Carter

How do you test the security of your applications? Carl and Richard chat with Kim Carter about purpleteam, an open-source library for testing web applications as part of your CI/CD pipeline. Kim talks about OWASP in general and yes, SQL injection (and injection in general) is still the number one security risk - but there are plenty more. Don't be an easy victim, start making security testing part of your build and deployment process!

Support this podcast at — https://redcircle.com/net-rocks/donations

Episoder(1967)

Securing Existing Applications with Joylynn Kirui

Securing Existing Applications with Joylynn Kirui

How do you secure your existing applications from the security exploits out there today? Carl and Richard talk to Joylynn Kirui about the challenges developers face in making secure applications. Joylynn talks about understanding the threat landscape and staying up to date on the CVEs that can represent a zero-day vulnerability to your application. There are a ton of tools to help make you aware of the potential risks, check out all the links in the show notes. And check out Joylynn's webinar on shifting application security left at https://aka.ms/DevSecOpsDNR

24 Nov 202248min

.NET Developers Building Power Apps with April Dunnam

.NET Developers Building Power Apps with April Dunnam

Why should .NET developers build Power Apps? Carl and Richard talk to April Dunnam about the latest in Microsoft's Power Platform and why .NET developers should get involved. April talks about the fusion development methodology, where domain experts use the Power Platform tools alongside .NET developers using Visual Studio to build line-of-business apps. There are many opportunities in the cycle of building Power Apps where your skills as a .NET developer can make the process go faster, more reliable, and with more features! Also, check out April's upcoming workshops on building Power Apps online at https://aka.ms/PowerDNR and at the DevIntersection conference in Las Vegas in December!

17 Nov 202250min

Hacking APIs with Dana Epp

Hacking APIs with Dana Epp

Are your APIs vulnerable to hacking? Carl and Richard talk to Dana Epp about how APIs have become the focus of black hats today. Dana talks about tooling you can use to look at your APIs the same way the hackers do, and find potential exploit paths for impersonating users, stealing data, and otherwise exploiting your system. There's an OWASP list specifically for API security - spend some time with it!

10 Nov 202258min

Making Open Source Work for Everyone with David Whitney

Making Open Source Work for Everyone with David Whitney

How do we make open source work for everyone? While at NDC in Oslo, Carl and Richard talked to David Whitney about his experiences working on open-source projects, and the challenges of making them sustainable. David talks about how many projects start with an individual making something for themselves, which then evolves into many people utilizing the project, but not contributing to it. And when companies depend on that software, the pressure on the creators gets serious - but without compensation. How do we make open source better? And how do the tech giants make the situation better or worse?

3 Nov 202250min

Observability in Production with Alayshia Knighten

Observability in Production with Alayshia Knighten

What can observability do for you? While at NDC in Oslo, Carl and Richard chatted with Alayshia Knighten about her work with honeycomb and helping people understand what's happening with their applications in production. Alayshia talks about instrumenting applications to provide insight into behavior in real-time - by leveraging existing tools to provide data and reporting. The conversation digs into how sysadmins and developers see applications differently, and how standard telemetry systems make it easier for everyone to be on the same page!

27 Okt 202248min

Cloud Scaling from the Trenches with Meg Gotshall

Cloud Scaling from the Trenches with Meg Gotshall

Ready for a story of cloud scaling from the trenches? While at NDC Oslo, Carl and Richard talked with Meg Gotshall about her experiences scaling the Fotoware service with her team. Meg talks about the limits of auto-scaling, where all the services are scaled up, but the bottlenecks exist in only one place - and how dashboards help to provide more visibility into the problem. But even when you sense the problem, how do you fix it? The conversation digs into breaking services into their containers and AppService plans so they can be scaled independently - initially for diagnostics but ultimately for production!

20 Okt 202253min

Testing Web Apps using Playwright Debbie O'Brien

Testing Web Apps using Playwright Debbie O'Brien

How do you test your web applications? Carl and Richard talk to Debbie O'Brien about Playwright, Microsoft's new open-source web application testing tool. Playwright lets you build tests in an array of languages, platforms, and browsers. Debbie talks about how you can build atomic tests that will survive new versions, and test independently of other features. And when tests fail, Playwright generates a PWA of the test run showing exactly where the test fails!

13 Okt 202252min

GitHub Copilot with Michelle Mannering

GitHub Copilot with Michelle Mannering

GitHub Copilot is here! Are we all going to lose our jobs? While at NDC in Oslo, Carl and Richard talked to Michelle Mannering about how Copilot helps you write code - emphasis on help! Michelle explains that Copilot is able to take your explanations of what code needs to be written to find examples of that code for you to take advantage of. It's still up to you to break down the problem well enough, but you spend less time fussing with syntax. This is especially powerful when calling into unfamiliar APIs or coding in languages you have less experience with. The conversation dives into how the developer ecosystem continues to evolve with these new tools, so that we can do more faster!

6 Okt 202251min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
energi-og-klima
tomprat-med-gunnar-tjomlid
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
smart-forklart
rss-alt-som-gar-pa-strom
pedagogisk-intelligens
rss-digitaliseringspadden
elektropodden
rss-heis
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-plateprat
rss-fjorsilkebris-podcast