Application Security PodCast

Application Security PodCast

Latest Episodes

Aaron Rinehart -- Security Chaos Engineering
April 30, 2021

Aaron Rinehart is expanding the possibilities of chaos engineering to cybersecurity. He began pioneering security in chaos engineering when he released ChaoSlingr during his tenure as Chief Security Architect at UnitedHealth Group (UHG). Rinehart is the O

Izar Tarandach and Matt Coles-- Threat Modeling: A Practical Guide for Development Teams
April 23, 2021

In this episode of the Application Security Podcast, we're joined by friends Izar and Matt, authors of the book "Threat Modeling: A Practical Guide for Development Teams." Izar is currently the Squarespace Principal Security Engineer. He li

Charles Shirer -- The most positive person in security
April 16, 2021

Charles is a Senior Security Consultant for Red Siege. He has over 18 years of experience in IT. In his spare time, Charles does retro gaming and works on the SECBSD open source project, a penetration testing distro. He currently works as Staff at...

Leif Dreizler: Tactical tips to shift engineering right
April 09, 2021

Leif Dreizler is the manager of the Product Security team at Segment. Leif got his start in the security industry at Redspin doing security consulting work and was later an early employee at Bugcrowd. He helps organize the Bay Area OWASP Chapter, the...

Vandana Verma -- OWASP Spotlight Series
April 02, 2021

Vandana Verma is the President of Infosec girls and Infosec Kids, a board of directors member for OWASP, and a leader for BSides Dehli. She joins us to introduce the OWASP Spotlight Series. With each video she creates, she highlights an OWASP project....

Dr. Anita D’Amico -- Do certain types of developers or teams write more secure code?
March 25, 2021

Dr. Anita D’Amico is the CEO of Code Dx, which provides Application Security Orchestration and Correlation solutions to industry and government. Her roots are in experimental psychology and human factors. Her attention is now focused on enhancing the...

Alyssa Miller -- Bringing security to DevOps and the CI/CD pipeline
March 18, 2021

Alyssa Miller is a life-long hacker, security advocate, and cybersecurity leader. She is the BISO for S&P Global ratings and has over 15 years of experience in security roles. She is heavily involved in the cybersecurity community as an international

Liran Tal — Cloud native application security, what’s a developer to do?
March 09, 2021

Liran Tal is an application security activist and long-time proponent of open-source software. He is a member of the Node.js security working group, an OWASP project lead, author of Essential Node.js Security, and O’Reilly’s Serverless Security. He is lea

Chris Romeo — DevSecOps Fails
February 17, 2021

For this episode, Robert and I decided to talk about an article I wrote called "DevOps security culture: 12 fails your team can learn from". We hope you enjoy this walkthrough of the 12 fails. If we missed any, hit us up on Twitter and let us kn

Jim Routh — Secure software pipelines
February 10, 2021

Jim Routh has built software security programs at some of the biggest brands in the world. He has served as CISO or CSO six different times in his career, always staying close to his cyber and software security roots. Jim has hung up his CISO badge and no