We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities. A new deps.dev API for supply chain enthusiasts, hacking and modding agricultural devices, guidance from CISA on secure by design (and by default!), Glaze brings adversarial art to AI training, key transparency for WhatsApp, a new appsec myth(?), Android hacking tool list, and a Chrome extension to find web debugging behavior.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw237