Difference between revisions of "Podcast 5"

From OWASP
Jump to: navigation, search
m
m
 
(5 intermediate revisions by one user not shown)
Line 1: Line 1:
 
'''[[OWASP_Podcast|OWASP Podcast Series]] #5'''
 
'''[[OWASP_Podcast|OWASP Podcast Series]] #5'''
 
+
<br/>Interview with Gary McGraw<br/>
 
Recorded January 15, 2009
 
Recorded January 15, 2009
  - [http://www.owasp.org/download/jmanico/owasp_podcast_5.mp3 Listen Now owasp_podcast_5.mp3]
+
  [http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=300769012 http://images.apple.com/itunes/overview/images/overview-icon-itunes20081106.jpg] [http://www.owasp.org/download/jmanico/podcast.xml https://www.owasp.org/images/d/d3/Feed-icon-32x32.png] [http://www.owasp.org/download/jmanico/owasp_podcast_5.mp3 direct download]
 
+
[http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=300769012 http://images.apple.com/itunes/overview/images/overview-icon-itunes20081106.jpg] [http://www.owasp.org/download/jmanico/podcast.xml https://www.owasp.org/images/d/d3/Feed-icon-32x32.png]
+
  
 
==Participants==
 
==Participants==
Line 11: Line 9:
  
 
==Interview with Gary McGraw==
 
==Interview with Gary McGraw==
 +
- Why do you insist on use of the term “software security” as opposed to “application security”?
 +
- What is static analysis good for and what is it no good for?
 +
- What is the exact relationship between Cigital and Fortify?
 +
- Why do you think your “top 19” is any better than the OWASP top 10 or the CWE top 25?
 +
- Why does Cigital have a proprietary approach to IP?
 +
- What makes the Touchpoints any better than the SDL or CLASP?
 +
- What is your relationship with Allan Paller and SANS?
 +
- And more!
  
 
==Intro Music by Rhine Singleton and Gary McGraw==
 
==Intro Music by Rhine Singleton and Gary McGraw==

Latest revision as of 21:31, 30 January 2009

OWASP Podcast Series #5
Interview with Gary McGraw
Recorded January 15, 2009

overview-icon-itunes20081106.jpg Feed-icon-32x32.png direct download

Participants

- Gary McGraw is the CTO of Cigital.
- Jim Manico is a Web Application Architect and Security Engineer for Aspect Security.

Interview with Gary McGraw

- Why do you insist on use of the term “software security” as opposed to “application security”?
- What is static analysis good for and what is it no good for?
- What is the exact relationship between Cigital and Fortify?
- Why do you think your “top 19” is any better than the OWASP top 10 or the CWE top 25? 
- Why does Cigital have a proprietary approach to IP?
- What makes the Touchpoints any better than the SDL or CLASP?
- What is your relationship with Allan Paller and SANS?
- And more!

Intro Music by Rhine Singleton and Gary McGraw

- Song "To You Right Now" from the album 100 Feet Above the Ground
- Guitar and vocals: Rhine Singleton
- Mandolin, fiddle, and vocals: Gary McGraw 
- Produced by Gary McGraw