The Application Security Podcast

The Application Security Podcast


Latest Episodes

Meghan Jacquot -- Assumed Breach Red Team Engagements for AppSec
March 20, 2024

AppSec specialist Megan Jacquot joins Chris and Robert for a compelling conversation about community, career paths, and productive red team exercises. Megan shares her unique cybersecurity origin story, tracing her interest in the field from childhood inf

Bill Sempf -- Development, Security, and Teaching the Next Generation
March 12, 2024

Robert is joined by Bill Sempf, an application security architect with over 20 years of experience in software development and security. Bill shares his security origins as a curious child immersed in technology, leading to his lifelong dedication to appl

Hendrik Ewerlin -- Threat Modeling of Threat Modeling
March 05, 2024

Robert and Chris talk with Hendrik Ewerlin, a threat modeling advocate and trainer. Hendrik believes you can threat model anything, and he recently applied threat modeling to the process of threat modeling itself. His conclusions are published in the docu

Jason Nelson -- Three Pillars of Threat Modeling Success: Consistency, Repeatability, and Efficacy
February 27, 2024

Jason Nelson, an accomplished expert in information security management, joins Chris to share insights on establishing successful threat modeling programs in data-intensive industries like finance and healthcare. Jason presents his three main pillars to c

Erik Cabetas -- Cracking Codes on Screen and in Contests: An Expert's View on Hacking, Vulnerabilities, and the Evolution of Cybersecurity Language
February 17, 2024

Erik Cabetas joins Robert and Chris for a thought-provoking discussion about modern software security. They talk about the current state of vulnerabilities, the role of memory-safe languages in AppSec, and why IncludeSec takes a highly systematic approach

Justin Collins -- Enabling the Business to Move Faster, Securely
February 06, 2024

Justin Collins of Gusto joins Robert and Chris for a practical conversation about running security teams in an engineering-minded organization. Justin shares his experience leading product security teams, the importance of aligning security with business

Kyle Kelly -- The Dumpster Fire of Software Supply Chain Security
January 30, 2024

Kyle Kelly joins Chris to explore the wild west of software supply chain security. Kyle, author of the CramHacks newsletter, sheds light on the complicated and often misunderstood world of software supply chain security. He brings unique insights into the

Chris Hughes -- Software Transparency
January 20, 2024

Chris Hughes, co-founder of Aquia, joins Chris and Robert on the Application Security Podcast to discuss points from his recent book Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, co-authored with Tony Turner. The con

Jay Bobo & Darylynn Ross -- App Sec Is Dead. Product Security Is the Future.
January 09, 2024

Jay Bobo and Darylynn Ross from CoverMyMeds join Chris to explain their assertion that 'AppSec is Dead.' They discuss the differences between product and application security, emphasizing the importance of proper security practices and effective

Eitan Worcel -- Is AI a Security Champion?
December 19, 2023

Eitan Worcel joins the Application Security Podcast, to talk automated code fixes and the role of artificial intelligence in application security. We start with a thought-provoking discussion about the consistency and reliability of AI-generated responses