Code Scanning That Works With Your Code - Scott Norberg - ASW #317 Application Security Weekly (Video) podcast

Artwork

Tech News Tech News Applicationsecurityweekly Keithhoodlet Paulasadoorian Sdlcsecurity Technology Video Security Weekly Productions DevOps AppSec asw

Player FM - Internet Radio Done Right

Added five years ago

Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

<

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/subtext-and-discourse-art-world-podcast">Subtext and Discourse | Art World Podcast</a></span>

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/subtext-and-discourse-art-world-podcast">Subtext and Discourse | Art World Podcast</a></span> podcast artwork

<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/subtext-and-discourse-art-world-podcast">Subtext and Discourse | Art World Podcast</a></span> podcast artwork

1
Subtext and Discourse | Art World Podcast

1 day ago1d ago

Monthly

The art world and associated market are famously opaque and can at times be exclusive. Berlin based gallery director and educator Michael Dooney speaks with artists, curators and other professionals who share their personal experiences of this unique field. If you have ever felt unsure about walking into a gallery, wish to understand more about creativity or better understand how this complex industry works, then tune in every second Monday to hear the insightful conversations with these inspiring individuals.

Application Security Weekly (Video) « »
Code Scanning That Works With Your Code - Scott Norberg - ASW #317

about a year ago 37:01

Share

MP4•Episode home

Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Code scanning is one of the oldest appsec practices. In many cases, simple grep patterns and some fancy regular expressions are enough to find many of the obvious software mistakes. Scott Norberg shares his experience with encountering code scanners that didn't find the .NET vuln classes he needed to find and why that led him to creating a scanner from scratch. We talk about some challenges in testing tools, making smart investments in engineering time, and why working with .NET's compiler made his decisions easier.

Segment Resources:

-https://github.com/ScottNorberg-NCG/CodeSheriff.NET

Show Notes: https://securityweekly.com/asw-317

… continue reading

665 episodes

#Tech #News #Tech News #Applicationsecurityweekly #Keithhoodlet #Paulasadoorian #Sdlcsecurity #Technology #Video #Security Weekly Productions #DevOps #AppSec #asw

Artwork

Code Scanning That Works With Your Code - Scott Norberg - ASW #317

Application Security Weekly (Video)

published about a year ago

Share

MP4•Episode home

Content provided by Security Weekly Productions. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly Productions or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

Code scanning is one of the oldest appsec practices. In many cases, simple grep patterns and some fancy regular expressions are enough to find many of the obvious software mistakes. Scott Norberg shares his experience with encountering code scanners that didn't find the .NET vuln classes he needed to find and why that led him to creating a scanner from scratch. We talk about some challenges in testing tools, making smart investments in engineering time, and why working with .NET's compiler made his decisions easier.

Segment Resources:

-https://github.com/ScottNorberg-NCG/CodeSheriff.NET

Show Notes: https://securityweekly.com/asw-317

… continue reading

665 episodes

#Tech #News #Tech News #Applicationsecurityweekly #Keithhoodlet #Paulasadoorian #Sdlcsecurity #Technology #Video #Security Weekly Productions #DevOps #AppSec #asw

All episodes

×

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Listen to 500+ topics

Quick Reference Guide

Top Podcasts

The Bill Simmons Podcast

Comedy of the Week

How Did This Get Made?

Doug Loves Movies

TED Talks Daily

NBC Nightly News with Tom Llamas

The World This Hour

Daily Boost Motivation and Coaching

This American Life

Sword and Scale

Help/FAQ | Upgrade | Advertise

Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion

Science|Soccer|Sports|Storytelling|Technology|True Crime

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright

Listen to this show while you explore