CSCP S4EP09 – Micheal Smith – Code to Network Reachability how to use WAF to prioritize vulnerabilities

CSCP S4EP09 – Micheal Smith – Code to Network Reachability how to use WAF to prioritize vulnerabilities

Phoenix Security
Phoenix Security
CSCP S4EP09 - Micheal Smith - Code to Network Reachability how to use WAF to prioritize vulnerabilities

CSCP S4EP09 – Micheal Smith – Code to Network Reachability how to use WAF to prioritize vulnerabilities

Phoenix Security
Phoenix Security
CSCP S4EP09 - Micheal Smith - Code to Network Reachability how to use WAF to prioritize vulnerabilities


Phoenix Security
Phoenix Security
CSCP S4EP09 - Micheal Smith - Code to Network Reachability how to use WAF to prioritize vulnerabilities


This is an enlightening conversation with Michael Smith on CSCP exploring the intersection between vulnerabilities, DDoS and WAF technologies. 

Join us as we reconvene with cybersecurity virtuoso Michael Smith, Field CTO at Verkara, for a rerecording further to explore the fascinating intersection of cybersecurity and cloud technology. Listen in as Michael brings his wealth of experience from military intelligence to web application development to the table, shedding light on how engineering and integration teams navigate regulations and government sector compliance.


The episode is brought to you by Phoenix Security; get in control of your vulnerabilities from code to cloud with the power of Phoenix. ACT Now on the most important vulnerabilities and reduce your exposure to modern attacks. See it for yourself. Go to https://phoenix.security/request-a-demo/ for a free 14-day licence.

Our conversation ventures into the complexities of application security and the strategic utilization of vulnerabilities. Venture into the murky waters of cyberattacks with us as we discuss how vulnerabilities can be harnessed for DDoS attacks, causing chaos at both the network and application layers. Hear about Phoenix Security Limited’s role in software security and how unvalidated pagination can be exploited to strain databases and servers. We wrap up this segment by contrasting the precision of these attacks with broader network-level DDoS strategies, offering insight into crafting robust cybersecurity defenses.
Cap off this episode with a crucial discussion on the ethical dimensions of technology. Discover the challenges of differentiating between benign and malicious bot activity, and how technologies like domain fronting have dual purposes. We stress the importance of vigilance and responsibility in the tech sphere, where the same tools can secure or compromise systems. Remember to stay engaged with the content by checking your logs for anomalies and sharing your thoughts for a chance to win an Amazon gift card. Michael’s insights are a reminder of the persistent evolution and nuanced nature of cybersecurity in our interconnected world.


Tune in to this enlightening episode to equip yourself with the knowledge and insights needed to navigate the evolving landscape of cybersecurity.

00:02: Introduction to Cybersecurity and Cloud Podcast
00:53: Host and Guest Introduction
01:40: Michael Smith’s Journey in Cybersecurity
03:23: Shift Towards Security
04:22: The Evolution of Cybersecurity Roles
06:58: Challenges in IoT and Hardware Security
08:22: Insights from Akamai and Handling Major Incidents
09:58: The Evolution of Cybersecurity Threats
11:35: The Current State of Cybersecurity
14:49: The Future of Cybersecurity and Emerging Threats
17:22: Leveraging Vulnerabilities for DDoS Attacks
22:51: Addressing Sophisticated Cybersecurity Threats
26:27: Advanced Cybersecurity Techniques and Challenges
29:00: The Importance of Collaboration in Cybersecurity
33:58: Closing Thoughts and Positive Takeaways
39:01: Outro and Acknowledgments


Micahel Smith
Linkedin: https://www.linkedin.com/in/rybolov/ 


Cyber Security and Cloud Podcast hosted by Francesco Cipollone
Twitter @FrankSEC42
Linkedin: linkedin.com/in/fracipo 
#CSCP #cybermentoringmonday cybercloudpodcast.com 


Social Media Links 
Follow us on social media to get the latest episodes:
Website: http://www.cybercloudpodcast.com/
Linkedin: https://www.linkedin.com/company/35703565/admin/  

Twitter: https://twitter.com/podcast_cyber   

Youtube https://www.youtube.com/channel/UCVgsq-vMzq4sxObVonDsIAg/ 
You can listen to this podcast on your favourite player:
Itunes: https://podcasts.apple.com/gb/podcast/the-cyber-security-cloud-podcast-cscp/id1516316463  

Spotify: https://open.spotify.com/show/3fg8AqP4vEi5Im8YKxazUQ 


#Cybersecurity, #appsec #waf 


Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.

Follow us on social media to get the latest episodes:

Discuss this podcast with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

More episodes

Discover innovative strategies to overcome the cybersecurity talent shortage in this insightful episode with Jitendra Arora, CISO at Deloitte. Dive deep into discussions on talent sourcing, nurturing diverse skills, fostering positive work culture, and self-care in the high-stress field of cybersecurity. Featuring expert insights and practical advice, this episode is a must-watch for cybersecurity professionals and enthusiasts. #CybersecurityInsights
Generated by Feedzy

Jeevan Singh

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James Berthoty

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

Christophe Parisel

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris Romeo

Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

Jim Manico

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.