The Application Security Podcast

The Application Security Podcast


Latest Episodes

OWASP Board of Directors Debate
October 03, 2023

The Application Security Podcast presents the OWASP Board of Directors Debate for the 2023 elections. This is a unique and engaging discussion among six candidates vying for a position on the board. Throughout the debate, candidates address pressing quest

Itzik Alvas -- Secrets Security and Management
September 26, 2023

Itzik Alvas, Co-founder and CEO of Entro, is an expert on secrets security.Itzik joins Chris and Robert to discuss the significance of understanding and managing secrets, emphasizing the importance of knowing how many secrets an organization has, where th

Harshil Parikh -- Deep Environmental and Organizational Context in Application Security
September 19, 2023

Harshil Parikh is a seasoned security leader with experience building security and compliance functions from the ground up. He notably built the security and compliance team at Medallia from scratch and led it through several transitions. He is also a con

Jeff Williams -- The Tech of Runtime Security
September 12, 2023

Jeff Willams of Contrast Security joins Chris and Robert on the Application Security Podcast to discuss runtime security, emphasizing the significance of Interactive Application Security Testing (IAST) in the modern DevOps landscape. After reflecting on t

Mark Curphey and John Viega -- Chalk
September 05, 2023

Mark Curphey and John Viega join Chris and Robert to explain the details of Chalk, Crash Override's new tool. Mark also talks about why ZAP departed from OWASP and joined the Software Security Project, highlighting some of the value and differences o

Maril Vernon -- You Get What You Inspect, Not What You Expect
August 29, 2023

Maril Vernon is passionate about Purple teaming and joins Robert and Chris to discuss the intricacies of purple teaming in cybersecurity. She underscores the significance of fostering a collaborative environment between developers and the security team. D

Dan Küykendall -- Why All Application Security Products Suck
August 22, 2023

Dan Kykendall visits The Application Security Podcast to discuss his series "Why All AppSec Products Suck" and explain why software companies should understand the uses and limitations of any security tool. The series aims to highlight the limi

Kevin Johnson -- Samurai Swords and Zap's Departure
August 15, 2023

Kevin Johnson is the CEO of Secure Ideas. He began his career as a developer but turned toward security when he discovered that the interface for an intrusion detection system, Snort, was out of date. This led him to create BASE (Basic Analysis and Securi

Tony Quadros -- The Life of an AppSec Vendor
August 08, 2023

Tony Quadros, the AppSec Lumberjack, shares the unique career path that led him to find his passion in Application Security. The discussion delves into the work of an AppSec vendor, with Tony explaining his role and the responsibilities it entails. He emp

Steve Giguere -- Cloud AppSec
July 23, 2023

Cloud security is on an evolutionary path, with newer platforms embracing secure-by-default settings. This has led to a significant improvement in security but also adds complexity as developers need to understand these defaults when deploying to the clo