Coffee, Chaos and ProdSec Ep 29 - AI, AppSec, and the Security Industry Reckoning ft. Absolute AppSec
🎙️ Coffee, Chaos and ProdSec, Ep 29
The AppSec industry is having a moment, and not the good kind.
So this week, Cameron and Kurt bring in Seth Law and Ken Johnson from the Absolute AppSec podcast to ask the questions most security teams are still avoiding. Is AppSec dead or just getting a new job title nobody's written yet? Is your AI policy a real security control or just legal cover? And who actually owns AI security in your organization right now?
From compliance frameworks mandating tools that no longer reflect best practice, to MCP servers becoming critical infrastructure nobody's tracking, to AI agents running on human credentials with blast radius nobody's mapped, this episode gets into the mess that happens when adoption moves faster than governance.
Four practitioners. No vendor slides. No clean answers. Just honest takes on what AI is actually doing to Application Security, Product Security, DevSecOps, and the people trying to hold it all together.
If you work in Cybersecurity, AppSec, or Software Supply Chain Security and you've ever nodded along to a risk assessment while quietly knowing something was wrong, this one's for you.
☕ New episodes every Wednesday.
Coffee, Chaos and ProdSec -> strong coffee, stronger opinions.