Intro to App Sec (with Frank Rietta)

Advanced Persistent Security
Advanced Persistent Security
Intro to App Sec (with Frank Rietta)

Intro to App Sec (with Frank Rietta)

Advanced Persistent Security Podcast

Episode 16

Guest: Frank Rietta

August 29, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.

NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Intro to App Sec (with Frank Rietta) Show Notes

Part 1

We introduce Frank and discuss his background. We begin to discuss application security (App Sec) and how it plays into the cloud. We also provide a few cloud definitions

Part 2

We discuss defense in Depth. We provide a definition and some applicable scenarios as to its use. We graze the surface on passwords, encryption, access controls, and training. We discuss training and events local to Atlanta and the Georgia area.

Part 3

We discuss some scenarios we have seen or heard about in the security space and how they work or did not work. We also discuss the role of security in system development and the relationships between the business, security, developers, and dev ops. We discuss bug bounties on sites like HackerOne and BugCrowd.

We introduce the following lists to help security professionals and developers alike:

App Sec
Frank Rietta

About Frank

Mr. Rietta’s role in Rietta Inc is to ensure that your project is designed for security and speed.

With over 16 years of career experience, he is specialized in working with startups, new Internet businesses, and in developing with the Ruby on Rails platform to build scalable businesses.

He is a computer scientist with a Masters in Information Security from the College of Computing at the Georgia Institute of Technology.

Frank is a public speaker, teaching about data breaches and information security topics. You can also follow him on Twitter or LinkedIn using the links below.

Contacting Frank:

Twitter: @frankrietta
Email: [email protected]
Learning Center

Frank’s Book Recommendations

Software Security: Building Security In
The Tangled Web: A Guide to Securing Modern Web Applications
Gary McGraw’s Cigital Silver Bullet Podcast

Announcements and Resources

Advanced Persistent Security has partnered with the EC-Council to provide a discounted EC-Council Training Event to our readers and listeners. The codes are only good for the Hacker Halted event in Atlanta, GA September 11-14 and 15-16, 2016. Below are the codes, if you have any questions, Contact Us.

Password Blog Links:

Hosted Locally on Advanced Persistent Security

Vulnerable Web Applications for Learning:

OWASP Maintains a list here.

Conferences Mentioned:

Security Onion Conference: Friday, September 9, 2016 from 7:30 AM to 5:00 PM (EDT)

Augusta University
Jaguar Student Activity Center (JSAC) Ballroom
2500 Walton Way
Augusta, GA 30904

BSides Augusta: September 10, 2016 at 7:45 AM

J. Harold Harrison MD, Education Commons
1301 R.A. Dent Blvd
Augusta, GA 30901


$1,999 Courses if you register using discount code: HHAPSTRN

Choose one of the following courses and exams:

  1. Certified Ethical Hacker (C|EH)*
  2. Computer Hacking Forensic Investigator (C|HFI)*
  3. Certified Security Analyst (E|CSA/L|PT)*
  4. Certified Chief Information Security Officer (C|CISO)*

All courses include:

  • Official Courseware
  • 1 Complimentary Exam Voucher
  • Certificate of attendance
  • Lunch and coffee breaks throughout the duration of the training
  • Complimentary Pass to Hacker Halted – Atlanta conference (September 15 & 16)

September 15-16, 2016

*Individual conference passes can be purchased for $35 (down from $199) Use code: HHAPSCON

Instructions for registration:

1) Click here

2) Fill in all the necessary info

3) Enter Qty (1) for conference pass – public

4) Enter promotional code HHAPSCON (for $35 Conference Passes) HHAPSTRN (for $1,999 Courses)

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

Enter your email address:

Delivered by FeedBurner

Subscribe to our mailing list

* indicates required

This site uses Akismet to reduce spam. Learn how your comment data is processed.