Preview Mode Links will not work in preview mode

Dec 3, 2016

As part of our ongoing discussion about the #SDLC and getting security baked in as far left as possible, Joe Gray, host of the  Advanced Persistant Security #Podcast (find it at, Mr. Boettcher, and I sat down with Dr. Gary McGraw, author of "Software Security: Building Security In" to discuss his book. We are also doing this book as part of the Brakeing Security Book Club (check out our #Slack channel for more information).

Gary walks us through the 7 Kingdoms of getting more security in, including doing automated and manual code audits, proper penetration testing of the application at various stages (testing), documentation (if you don't know it works, how can you test it?), and your Security Operations people, monitoring for things once it goes into production.  Also, find out what Chapter he thinks you should skip altogether... the answer may surprise you... :)

Join Mr. Gray, Mr. Boettcher, and I for a discussion with a true leader in the software and application security industry.

Buy the book on Amazon:

Check out Gary's Website at, and check out Gary's own podcast the Silver Bullet Security Podcast at

Gary's twitter is @cigitalgem

Joe Gray's twitter is @C_3PJoe

Special deal for our #BrakeSec Listeners:

"If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box Amsterdam conference, which will take place between 10 to 14 April 2017. The Call For Papers (#CFP) is open until the end of December, submission details can be found at
Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". Brakeing Down Security thanks Sebastian Paul Avarvarei and all the organizers of Hack In The Box (#HITB) for this opportunity!

Direct Link:



Join our Slack Channel! Sign up at


#Google Play Store:


Comments, Questions, Feedback, or Suggestions?  Contact us via Email:

#Twitter: @brakesec @boettcherpwned @bryanbrake



#Player.FM :

#Stitcher Network:

#TuneIn Radio App: