Through following this course, students will gain a basic understanding of the principles behind network security and the working of the main protocols, mechanisms and techniques in the area of security. The course consists of three parts: security mechanisms within network protocols, systems security and lab sessions. In the first part (security mechanisms within network protocols), the following topics will be discussed: IPSec, SSH, SSL, HTTPS and security for wireless networks. The second ...
…
continue reading
Sql Injection Podcasts
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs. If you’re an AppSec professional looking for an opportunity to work with some of the best in the ...
…
continue reading
1
LLM Vulnerabilities and Prompt Injection: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.19
28:36
28:36
Play later
Play later
Lists
Like
Liked
28:36
In this episode, we explore the emerging security risks of AI and LLMs in modern applications. Iman shares real-world experiences bypassing AI guardrails like LlamaGuard and OpenAI Shield, while the team discusses prompt injection attacks, system prompt exposure, excessive agency vulnerabilities, and data poisoning. Learn about the OWASP Top 10 for…
…
continue reading
1
Fake Extensions to AI Bug Hunters: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.18
18:49
18:49
Play later
Play later
Lists
Like
Liked
18:49
In this episode of The AppSec Insiders Podcast, we dive into two major security stories making headlines: a fake Solidity extension that drained a developer’s crypto wallets, and Google’s AI-powered tool “Big Sleep” uncovering a critical Chrome vulnerability. From malicious packages to AI-driven defenses, we break down what these cases reveal about…
…
continue reading
1
SQL Injection to RCE: Fortinet's Critical Vulnerability Exposed | The AppSec Insiders Podcast Ep. 17
17:31
17:31
Play later
Play later
Lists
Like
Liked
17:31
On this episode of The AppSec Insiders Podcast, we dive into CVE-2025-25257, a Fortinet FortiWeb Fabric Connector SQL injection vulnerability that escalates to RCE. We break down how this exploit works, why it’s so impactful, and what lessons organizations can learn, from proper network segmentation to the importance of SAST in your pipeline. We al…
…
continue reading
1
Prompt Injection to RCE: When AI Gets Compromised | The AppSec Insiders Ep.16
18:29
18:29
Play later
Play later
Lists
Like
Liked
18:29
In this episode, we unpack CVE-2025-49596, where prompt injection, CSRF, and localhost access were chained to achieve RCE in the MCP Inspector AI tool. Learn how the exploit worked, what it reveals about LLM security risks, and how to defend against similar threats with sandboxing, access controls, and DevSecOps monitoring.…
…
continue reading
1
What Existing AWS Services are Important to AppSec? (Part 1 of 2) | The AppSec Insiders Ep.14
26:00
26:00
Play later
Play later
Lists
Like
Liked
26:00
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizati…
…
continue reading
1
What Existing AWS Services are Important to AppSec? (Part 2 of 2) | The AppSec Insiders Ep.15
33:28
33:28
Play later
Play later
Lists
Like
Liked
33:28
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizati…
…
continue reading
In this episode, we discuss 2023 Security Threats & Newcomers RecapBy Farshad Abasi
…
continue reading
1
The AppSec Insiders Ep. 11 - Flipper Zero and IoT Security
30:59
30:59
Play later
Play later
Lists
Like
Liked
30:59
In this episode, we discuss the Flipper Zero and IoT Security.By Farshad Abasi
…
continue reading
1
Exploring the Challenges of Testing Against the ASVS Standard - Part 4
31:20
31:20
Play later
Play later
Lists
Like
Liked
31:20
In this episode, we return to the topic from the previous episodes and continue explore the challenges of testing against the ASVS standard.By Farshad Abasi
…
continue reading
1
Exploring the Challenges of Testing Against the ASVS Standard - Part 3
33:53
33:53
Play later
Play later
Lists
Like
Liked
33:53
In this episode, we explore the challenges of testing against the ASVS standard - Part 3By Farshad Abasi
…
continue reading
1
Exploring the Challenges of Testing Against the ASVS Standard - Part 2
32:35
32:35
Play later
Play later
Lists
Like
Liked
32:35
In this episode, we continue to explore the challenges of testing against the ASVS standard.By Farshad Abasi
…
continue reading
1
Software Composition Analysis (SCA) & Supply Chain Security feat. Oscar van der Meer from MergeBase
40:45
40:45
Play later
Play later
Lists
Like
Liked
40:45
In this episode, we sit down with Oscar van der Meer, Founder and CEO of MergeBase to discuss Software Composition Analysis (SCA) and why it is important for supply chain security.By Farshad Abasi
…
continue reading
1
Azure Security: Raising Alarms and Reducing the Blast Radius
33:21
33:21
Play later
Play later
Lists
Like
Liked
33:21
In this episode we explore Azure Security: Raising Alarms and Reducing the Blast Radius.By Farshad Abasi
…
continue reading
In this episode we explore AWS SRA (Secure Reference Architecture).By Farshad Abasi
…
continue reading
1
Exploring the Challenges of Testing Against the ASVS Standard
38:07
38:07
Play later
Play later
Lists
Like
Liked
38:07
In this episode, we explore the challenges of testing against the ASVS standard.By Farshad Abasi
…
continue reading
1
ChatGPT and the Future of Application Security
19:36
19:36
Play later
Play later
Lists
Like
Liked
19:36
In this episode, we dive deep into the world of ChatGPT and AI technology. What does this mean for application security?By Farshad Abasi
…
continue reading
In this episode, we explore OWASP Top 10 and the potential attacks on the CI/CD (part 1).By Farshad Abasi
…
continue reading
In this episode, we continue our discussion about OWASP Top 10 and attacks on the CI/CD pipeline.By Farshad Abasi
…
continue reading
In this short video we provide some examples of possible security related assignments and projects at the DACS group. The lecture concludes with information regarding the exam.By Aiko Pras
…
continue reading
This lecture discusses two main techniques to protect your network: Intrusion Detection Systems (IDS) and Firewalls. The IDS part discusses host-based versus network-based ID systems, passive versus reactive systems, as well as the main operation of an IDS (data capturing, signature versus anomaly-based operation). The firewall part compares differ…
…
continue reading
This guest lecture is provided by Frank van Vliet, from the companyBy Aiko Pras
…
continue reading
In the first part of this lecture we discuss the operation of the SSL/TLS protocol, which is used for secure web browsing (HTTPs), as well as the SSH protocol, which is used, amongst others, for remote login. In the second part of this lecture the concept of AAA (Authentication, Authorization and Access Control) is introduced, followed by a discuss…
…
continue reading
In this lecture we will discuss the IPSec protocol. We start with comparing IPSec usage to that of other secure protocols, such as SSH and TLS. An overview of the various IPSec standards is given, followed by a discussion of the two modes in which IPSec can operate: transport mode and tunnel mode. We than provide some details regarding the two vari…
…
continue reading
