Beste Kalyani Podcasts (2024)

1
Exploring Rails Productivity and Language Trade-offs - JSJ 653 1:45:58

1d ago1:45:58

1:45:58

Charles and Dan dive deep into the world of programming languages, development practices, and the trade-offs that shape our daily coding lives. Joining them is special guest Tomer Gabel, an experienced backend engineer, and consultant. In this episode, they unpack the productivity benefits and challenges of using Rails, deliberate on the pros and c…

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

8d ago1:12:35

1:12:35

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
Unlocking Vue and Nuxt Potential: New Tools, Best Practices, and more - JSJ 652 58:49

9d ago58:49

58:49

In this episode, AJ and Steve dive deep into the world of Vue.js and API integration with a special guest, Daniel Kelly, a seasoned lead instructor at Vue School. this episode is packed with valuable discussions on using the useFetch Vue component for seamless API requests, navigating the challenges of migrating from Vue 2 to Vue 3, and embracing T…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57

14d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…

1
Interactive Coding Tutorials with Tomek Salkowski: Enhancing Developer Experiences - JSJ 651 57:08

16d ago57:08

57:08

AJ and Steve dive deep into the world of interactive coding tutorials alongside guest, Tomek Sułkowski. They kick off with a brief chat about the weather before delving into Tomek's expertise in creating engaging and interactive tutorials—shedding light on everything from the history of coding tutorials to the technical wonders of web containers, b…

1
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300 1:07:51

22d ago1:07:51

1:07:51

APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational…

1
Optimizing SQL and ORM Practices for High-Performance Applications - JSJ 650 1:31:10

23d ago1:31:10

1:31:10

In today's episode, Charles, Steve, and AJ, are joined by back-end engineer and team lead at Homebound, Stephen Haberman. We delve into the fascinating world of SQL c and its revolutionary approach to managing SQL queries with dedicated SQL files, delivering benefits such as reduced typing errors and pre-deployment checks. Stephen also walks us thr…

1
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299 1:02:26

29d ago1:02:26

1:02:26

When a conference positioned as a day of security for developers has to be canceled due to lack of interest from developers, it's important to understand why there was so little interest and why appsec should reconsider its approach to awareness. Dustin Lehr discusses how appsec can better engage and better deliver security concepts in a way that m…

1
Mentorship in Tech: Balancing Professionalism and Friendship for Maximum Growth and Accountability - JSJ 649 1:19:31

30d ago1:19:31

1:19:31

They dive deep into the world of mentorship, personal growth, and problem-solving with our special guests, Joao and Manny, alongside our insightful panelists, AJ and Charles. In this episode, they explore the transformative power of weekly accountability meetings (WAM), where tasks are committed and followed up with a yes or no, no excuses allowed.…

1
Paying Down Tech Debt, Rust in Firmware, EUCLEAK, Deploying SSO - ASW #298 56:25

1M ago56:25

56:25

Considerations in paying down tech debt, make Rust work on bare metal, ECDSA side-channel in Yubikeys, trade-offs in deploying SSO quickly, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-298

1
Unpacking Deno 2: Code Stability, Free Speech, and more - JSJ 648 1:34:59

1M ago1:34:59

1:34:59

Today, Charles, Dan, AJ, and Steve dive into a range of fascinating discussions. Joining this episode is special guest, Ryan Dahl, the visionary creator behind Node.js and Deno. In this episode, they traverse an eclectic mix of topics, from humorous offbeat news and dad jokes to in-depth tech discussions. They explore the complexities and legalitie…

1
Create Inspiration 15:07

1M ago15:07

15:07

Start your day off right by remembering your ability to create your life. Setting the tone for your day so you can reawaken inspiration. Tap into the vast field of creative energy within you. Music: “The Healing Meditation” By: StepanBel Image: “Woman posing for light painting with bright lights in the dark. Reflection in the water.” By: mpalis…

1
Opinionated Core Web Vitals - JSJ 647 1:10:35

1M ago1:10:35

1:10:35

Dan Shappir takes the lead this week to discuss Core Web Vitals and how Google is pushing the web to be faster. He leads Chuck, Aimee, and AJ through the ways that developers can measure and improve the performance of websites based on the statistics specified by Google as components of Google rankings. Sponsors Wix Studio Links Web Vitals Picks Ai…

1
Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault 37:48

1M ago37:48

37:48

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on May 9, 2023. What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these quest…

1
Beyond JavaScript: Master TypeScript at Scale at SquiggleConf - JSJ 646 1:10:40

2M ago1:10:40

1:10:40

Dan together with Josh Goldberg, a prominent open-source maintainer and author of "Learning TypeScript, dive into the world of TypeScript and JavaScript with a special focus on the upcoming Squiggleconf. In this episode, they'll detail the conference format, including its dedicated days for talks and workshops, and highlight the impressive lineup o…

1
Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297 1:04:28

2M ago1:04:28

1:04:28

IoT devices are notorious for weak designs, insecure implementations, and a lifecycle that mostly ignores patching. We look at external factors that might lead to change, like the FCC's cybersecurity labeling for IoT. We explore the constraints that often influence poor security on these devices, whether those constraints are as consequential given…

1
The Fallout and Lessons Learned from the CrowdStrike Fiasco - Shimon Modi, Jeff Pollard, Allie Mellen, Boaz Barzel - ASW #296 1:21:54

2M ago1:21:54

1:21:54

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor…

1
Deep Dive into Metrics and Monitoring with Prometheus and Grafana - JSJ 645 1:25:45

2M ago1:25:45

1:25:45

Dive into a fascinating discussion blending the worlds of literature, gaming, and tech. In this episode, Chuck and Dan explore the intriguing connections between The Hobbit and The Lord of the Rings, including an extraordinary tale about Israeli pilots translating The Hobbit during wartime. They share insights into Guy Gavriel Kaye’s standalone nov…

1
When Appsec Needs to Start Small - Kalyani Pawar, Danny Jenkins, Nikos Kiourtis - ASW #295 1:08:53

2M ago1:08:53

1:08:53

Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. In complex software ecosystems, individual application risks are compounded. When it …

1
Crafting Code and Community: AI, LeetCode, and Meetups - JSJ 644 1:09:20

2M ago1:09:20

1:09:20

In this episode, they dive deep into the world of coding, meetups, and the evolving landscape of technical interviews. Join them as they explore the fascinating use of OpenAI's technology for coding assistance, the challenges of setting up impactful meetups, and the intricacies of mastering LeetCode problems. Our experts share invaluable insights—f…

1
Overcoming JavaScript Load Issues: Import Maps and Performance Enhancements - JSJ 643 1:35:31

2M ago1:35:31

1:35:31

In this episode, they dive deep into the intricate world of JavaScript loading and web performance. Join the panel with insightful discussions led by Dan, Charles, Steve, and special guest Yoav Weiss—an expert with extensive experience in web performance from his time at Google, Akamai, and Shopify. They explore the latest initiatives aimed at impr…

1
Building Successful Security Champions Programs - Marisa Fagan - ASW #294 1:10:17

2M ago1:10:17

1:10:17

Even though Security Champions programs look very different across organizations and maturity levels, they share core principles for becoming successful. Marisa shares her experience in building these programs to foster a positive security culture within companies. She explains the incentives and rewards that lead to more engagement from champions …

1
A CISO's Perspective on AI, Appsec, and Changing Behaviors - ASW #293 45:18

3M ago45:18

45:18

Modern appsec isn't modern because security tools got shifted in one direction or another, or because teams are finding and fixing more vulns. It's modern because appsec is meeting developer needs and supporting the business. Paul Davis talks about how AI is (and isn't) changing appsec, the KPIs that reflect outcomes rather than being busy, and the…

1
Personal Branding for Developers with Morad Stern - JSJ 642 51:37

3M ago51:37

51:37

The JSJ panel talks with Morad Stern from Wix about personal branding; what it is, why it’s important for developers, and how to build it. Links Obama asks America to learn computer science Configuring Apache Solr Multi-core With Drupal and Tomcat on Ubuntu 9.10 Picks AJ - War Stories | How Crash Bandicoot Hacked The Original Playstation AJ - Crash…

1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292 1:05:00

3M ago1:05:00

1:05:00

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…

1
Making AI Accessible for Developers - JSJ 641 1:25:26

3M ago1:25:26

1:25:26

In this captivating episode, they dive deep into the world of AI, hands-on learning, and the evolving landscape of development with Steve Sewell from Builder.io. They explore the misconceptions about needing deep AI expertise to build AI products and highlight the importance of rapid iteration and practical experience. They discuss everything from …

1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291 1:09:02

3M ago1:09:02

1:09:02

How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…

1
Framework Comparisons, Real User Metrics, and Effective Performance Tools - JSJ 640 1:19:06

3M ago1:19:06

1:19:06

In today's episode, they dive deep into web performance optimization and the strategies employed by our expert panel to achieve it. Join Dan, Steve, Charles, and guest Vinicius Dallacqua as they explore robust techniques like code splitting, lazy loading, and server-side solutions to enhance website performance. In this episode, you'll hear Viniciu…

1
Ep 28. Stop Hiding 28:55

3M ago28:55

28:55

Welcome to the first Solo-cast of the Love Is Our Nature Podcast! In this episode I veer away from the usual interview format to share with you a vulnerable open-hearted reflection. I also share a valuable and inspiring message from my past self, as I explore the challenges and fears that often hold us back from pursuing our dreams. Some Key Takeaw…

1
State Of Application Security 2024 - Sandy Carielli, Janet Worthington - ASW #290 1:12:41

3M ago1:12:41

1:12:41

Sandy Carielli and Janet Worthington, authors of the State Of Application Security 2024 report, join us to discuss their findings on trends this year! Old vulns, more bots, and more targeted supply chain attacks -- we should be better at this by now. We talk about where secure design fits into all this why appsec needs to accelerate to ludicrous sp…

1
Adapting to Effect Cluster: JavaScript Developers' Guide to Enhancing Code Maintainability - JSJ 639 1:35:01

3M ago1:35:01

1:35:01

In today's episode, they dive deep into the world of JavaScript and TypeScript. They explore the innovative message-passing style between components using Effect Cluster, a game-changing alpha product that integrates seamlessly with solutions like Remix and React Server Components. Join them as Michael sheds light on the ease of transitioning TypeS…

1
Building and Distributing PWAs: Tools, Techniques, and Insights - JSJ 638 37:34

4M ago37:34

37:34

In today's episode, they delve into the fascinating world of mobile web development with our esteemed guest, Maximiliano Firtman, a seasoned web developer from Buenos Aires, Argentina, who has over two decades of experience. Join them as Maximiliano takes you on a journey through the evolution of web and mobile development, starting from the early …

1
Warriors at Ease- Progressive Muscle Relaxation 28:00

4M ago28:00

28:00

One of the easiest ways to induce relaxation and reduce stress is to practice Progressive Muscle Relaxation. Explore the contrast between tension and relaxation as you observe sensations in your body. This meditation was developed to be trauma informed for veterans but all can benefit from this practice. Image By: Realworkhard on Pixabay Music: 741…

1
Warriors At Ease- 61 Point Meditation (No Music) 15:00

4M ago15:00

15:00

This meditation will guide you on a journey of sensation throughout your body without the distraction of background music. Simply find a comfortable position for your body and allow my voice to assist you in unwinding all stress and tension. No experience necessary. Image: Catching a nap outdoors. Cropped shot of a handsome young man lying on the g…

1
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289 1:01:09

4M ago1:01:09

1:01:09

OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable. Segment Resources: https://oauth.net/2.1 https://oauth.n…

Podcasts, die es wert sind, gehört zu werden

Kalyani Podcasts

Podcasts, die es wert sind, gehört zu werden

Kurzanleitung