Word Notes

A fun and informative infosec audio glossary from the CyberWire.

To get access to ad-free episodes, exclusive podcasts, unlimited briefings, stories, and transcripts, and other valuable bonus features sign up today.

Recent Episodes

Ep 83 | 1.11.22

Log4j vulnerability (noun)

An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information.

Transcript

Ep 82 | 1.4.22

OWASP broken access control (noun)

Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls.

Transcript

Ep 81 | 12.21.21

OWASP security misconfiguration (noun)

The state of a web application when it's vulnerable to attack due to an insecure configuration.

Transcript

Ep 80 | 12.14.21

OWASP insecure design (noun)

A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.

Transcript

Ep 79 | 12.7.21

OWASP injection (noun)

A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality.

Transcript

Host(s)

Rick Howard is CSO, Chief Analyst, and Senior Fellow at the CyberWire. Past lives include CSO at Palo Alto Networks, TASC, iDefense GM, Counterpane SOC Director, and the Army's Computer Emergency Response Team (CERT) Commander. Rick served 25 years in the Army, taught computer science at West Point, and edited two books. Rick is regularly joined by the CyberWire's Hash Table experts.

Schedule: Tuesdays

Creator: CyberWire, Inc.