In this segment with Clint Gibler, learn:
* Why secure defaults are higher ROI than finding vulnerabilities
* How modern AppSec teams are working with their engineering counterparts
* Targeting vulnerability classes, avoiding bug whack-a-mole
* The latest innovations in lightweight static analysis
Segment Resources:
https://github.com/returntocorp/semgrep
https://github.com/returntocorp/semgrep-rules
2020 GlobalAppSec SF https://docs.google.com/presentation/d/14PjOViz2dE6iToOyoFk_BQ_RUfkEHGX-celIiybDQZA/edit
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw156