It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking stacks. They also tend to have different threat scenarios. Many of these systems are designed, successfully, to maintain availability. But when a port scan can freeze or crash a device, that availability seems like it hasn't put enough consideration into adversarial environments. We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now. In the news, how HTTP/2's rapid reset is abused for DDoS, a look at the fix for Curl's recent high severity bug, OWASP moves to make CycloneDX a standard, Microsoft deprecates NTLM, VBScript, and old TLS -- while also introducing an AI bug bounty program. Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://securityweekly.com/asw for all the latest episodes!
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
#2426 - Cameron Hanes & Adam Greentree
16 Dec 2025
The Joe Rogan Experience
#487 β Irving Finkel: Deciphering Secrets of Ancient Civilizations & Flood Myths
12 Dec 2025
Lex Fridman Podcast
#2425 - Ethan Hawke
11 Dec 2025
The Joe Rogan Experience
SpaceX Said to Pursue 2026 IPO
10 Dec 2025
Bloomberg Tech
Donβt Call It a Comeback
10 Dec 2025
Motley Fool Money
Japan Claims AGI, Pentagon Adopts Gemini, and MIT Designs New Medicines
10 Dec 2025
The Daily AI Show