The Application Security Podcast
Latest Episodes
Meghan Jacquot -- Assumed Breach Red Team Engagements for AppSec
AppSec specialist Megan Jacquot joins Chris and Robert for a compelling conversation about community, career paths, and productive red team exercises. Megan shares her unique cybersecurity origin story, tracing her interest in the field from childhood inf
Bill Sempf -- Development, Security, and Teaching the Next Generation
Robert is joined by Bill Sempf, an application security architect with over 20 years of experience in software development and security. Bill shares his security origins as a curious child immersed in technology, leading to his lifelong dedication to appl
Hendrik Ewerlin -- Threat Modeling of Threat Modeling
Robert and Chris talk with Hendrik Ewerlin, a threat modeling advocate and trainer. Hendrik believes you can threat model anything, and he recently applied threat modeling to the process of threat modeling itself. His conclusions are published in the docu
Jason Nelson -- Three Pillars of Threat Modeling Success: Consistency, Repeatability, and Efficacy
Jason Nelson, an accomplished expert in information security management, joins Chris to share insights on establishing successful threat modeling programs in data-intensive industries like finance and healthcare. Jason presents his three main pillars to c
Erik Cabetas -- Cracking Codes on Screen and in Contests: An Expert's View on Hacking, Vulnerabilities, and the Evolution of Cybersecurity Language
Erik Cabetas joins Robert and Chris for a thought-provoking discussion about modern software security. They talk about the current state of vulnerabilities, the role of memory-safe languages in AppSec, and why IncludeSec takes a highly systematic approach
Justin Collins -- Enabling the Business to Move Faster, Securely
Justin Collins of Gusto joins Robert and Chris for a practical conversation about running security teams in an engineering-minded organization. Justin shares his experience leading product security teams, the importance of aligning security with business
Kyle Kelly -- The Dumpster Fire of Software Supply Chain Security
Kyle Kelly joins Chris to explore the wild west of software supply chain security. Kyle, author of the CramHacks newsletter, sheds light on the complicated and often misunderstood world of software supply chain security. He brings unique insights into the
Chris Hughes -- Software Transparency
Chris Hughes, co-founder of Aquia, joins Chris and Robert on the Application Security Podcast to discuss points from his recent book Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, co-authored with Tony Turner. The con
Jay Bobo & Darylynn Ross -- App Sec Is Dead. Product Security Is the Future.
Jay Bobo and Darylynn Ross from CoverMyMeds join Chris to explain their assertion that 'AppSec is Dead.' They discuss the differences between product and application security, emphasizing the importance of proper security practices and effective
Eitan Worcel -- Is AI a Security Champion?
Eitan Worcel joins the Application Security Podcast, to talk automated code fixes and the role of artificial intelligence in application security. We start with a thought-provoking discussion about the consistency and reliability of AI-generated responses