Why All Bug Bounties Suck! Find out before you compare vendors
Learn from a 20+ year App Sec founder and leader before you consider a Bug Bounty service!
Understand the fundamentals before comparing these products:
* Hackerone
* Bug Crowd
* Synack
(Hackerone vs Bug Crowd vs Synack)
- Chapters -
0:00 Cold Intro
0:44 Topic Intro
2:00 Pen Testing 101
2:57 Why they suck
7:12 Why they rock
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
** Addendum: Bug Bounties!
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing vs Bug Bounty)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
79
views
Software Leadership - The Ted Lasso Way
In this episode, we delve into the transformative power of good leadership that fosters an environment where ideas can come from anyone on the team. Inspired by a captivating moment in the popular show "Ted Lasso" (Season 1, Episode 3), we explore a remarkable instance where Ted embraces an idea from Nate, a team member in a lower-ranked position.
Join us as we dissect this powerful scene and discuss the significance of inclusive leadership. We dive deep into how leaders who encourage and value ideas from all team members can unlock hidden potentials and drive innovation.
Through insightful analysis and practical examples, we highlight the positive impact of creating a safe space for every individual to contribute their thoughts and ideas, regardless of their position or experience level.
Subscribe to our channel to continue learning about effective leadership strategies and how to foster a culture of inclusivity in software development. Join us on this journey as we explore how to 'Hack Software Development Leadership' and unlock the full potential of your team!
Song: Podcast By Snail Music (Loop)
Author: Snail Music
https://youtube.com/snailmusice
19
views
Why All Pen-Testing Services S_ck! Find out before you compare vendors
Learn from a 20+ year App Sec founder and leader before you hire your next Pen-Testing service provider!
Understand the fundamentals before comparing pen-testing service offerings
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
The playlist - https://www.youtube.com/playlist?list=PLr15vRqvmtdW-LxrY_fFGNV8ub4_d_Qoc
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
36
views
Why All WAF Products S_ck! Find out before you compare WAF vendors (WAF vs RASP)
Learn from a 20+ year App Sec founder and leader before you buy your next WAF or Web Application Firewall product!
Understand the fundamentals before comparing these products:
* Imperva WAF
* F5 WAF
* FortiWeb
* ModSecurity
(Imperva WAF vs F5 WAF vs FortiWeb vs ModSecurity)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
The playlist - https://www.youtube.com/playlist?list=PLr15vRqvmtdW-LxrY_fFGNV8ub4_d_Qoc
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
26
views
Why All RASP Products S_ck! Find out before you compare RASP vendors (WAF vs RASP)
Learn from a 20+ year App Sec founder and leader before you buy your next RASP or Runtime Application Self-Protection product!
Understand the fundamentals before comparing these products:
* Signal Sciences
* Imperva RASP
* Contrast
* ThreatX
(Signal Sciences vs Imperva RASP vs Contrast vs ThreatX)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
The playlist - https://www.youtube.com/playlist?list=PLr15vRqvmtdW-LxrY_fFGNV8ub4_d_Qoc
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
20
views
Why All SCA Products S_ck! Find out before you compare SCA vendors (SAST vs DAST vs IAST vs SCA)
Learn from a 20+ year App Sec founder and leader before you buy your next SCA or Software Composite Analysis product!
Understand the fundamentals before comparing these products:
* Synk
* Men.io
* BlackDuck
(Synk vs Men.io vs BlackDuck)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
59
views
Why All IAST Products S_ck! Find out before you compare IAST vendors (SAST vs DAST vs IAST vs SCA)
Learn from a 20+ year App Sec founder and leader before you buy your next IAST or Interactive Application Security Testing product!
Understand the fundamentals before comparing these products:
* Contrast Security
* Semgrep
* HCL AppScan
* PT Application Inspector
* Synopsis Seeker
(Contrast Security vs Semgrep vs HCL AppScan vs PT Application Inspector vs Synopsis Seeker)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
35
views
Why All DAST Products Suck! Find out before you compare DAST vendors (SAST vs DAST vs IAST vs SCA)
Learn from a 20+ year App Sec founder and leader before you buy your next DAST or Dynamic Application Security Testing product!
Understand the fundamentals before comparing these products:
* Rapid7 AppSpider
* Rapid7 InsightAppSec
* HCL AppScan
* Invicti (formerly Netsparker)
* Acunetix by Invicti
* Veracode Dynamic Analysis
* Bright Security
(Rapid7 AppSpider vs InsightAppSec vs HCL AppScan vs Invicti (formerly Netsparker) vs Acunetix by Invicti vs Veracode Dynamic Analysis vs Bright Security)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
45
views
Why All SAST Products Suck! Find out before you compare SAST vendors (SAST vs DAST vs IAST vs SCA)
Learn from a 20+ year App Sec founder and leader before you buy your next SAST or Static Analysis Security Testing product!
Understand the fundamentals before comparing these products:
* CyberRes Fortify
* Checkmarx
* Perforce Klocwork
* Veracode
* Spectral SpectralOps
(CyberRes Fortify vs Checkmarx vs Perforce Klocwork vs Veracode vs Spectral SpectralOps)
This episode is part of a comprehensive series, where we each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
44
views
Why All AppSec Products Suck! (SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-testing)
Learn from a 20+ year App Sec founder and leader before you buy your next Application Security Testing product or service! Understand the fundamentals before comparing SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing
This episode is the kick off of a comprehensive series, where we look at each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)
To gain more valuable insights and resources from Dan On Dev visit our website
https://danondev.com
82
views