The Application Security Podcast

Chris Romeo and Robert Hurlbut
undefined
May 22, 2018 • 23min

Apollo Clark -- Malicious User Stories

In this episode, Robert speaks about Malicious User Stories and DevOps with Apollo Clark. He discusses how to properly handle user stories in a world being taken over by DevOps. You can find Apollo on Twitter @apolloclarkFOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
May 15, 2018 • 18min

Megan Roddie -- Neurodiversity in Security

Megan Roddie joins Robert at the SOURCE Conference in Boston. She talks about how neurodiverse people can truly help an organization. You can find her on Twitter @megan_roddieFOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 27, 2018 • 31min

Chase Schultz -- AppSec and Hardware

Chase Schultz joins to discuss the combination of AppSec and hardware. He also dives into how the Meltdown and Spectre attacks worked.You can find Chase on Twitter @f47h3r_B0FOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 20, 2018 • 30min

John Melton -- #OWASP AppSensor

John Melton joins to discuss the #OWASP AppSensor project. He talks about how AppSensor works and how it can be used in your application. You can find John on Twitter @_jtmelton FOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 13, 2018 • 37min

David Habusha -- Third Party Software is not a Cathedral, It’s a Bazaar

David Habusha joins to discuss the OWASP Top 10 A9: Using components with known vulnerabilities. He also dives into the Software Composition Analysis (SCA) market. You can find David on Twitter @davidhabusha FOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 12, 2018 • 48min

Steve Springett -- Dependency Check and Dependency Track

Steve Springett joins the show to talk about Dependency Check and Dependency Track. He also discusses how they can help prevent you from using components with known vulnerabilities. You can find Steve on Twitter @stevespringettFOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 6, 2018 • 33min

Steven Wierckx -- The #OWASP Threat Modeling Project

Steven Wierckx joins Robert and Chris this week to talk about the #OWASP Threat Modeling project that he’s involved in. You can find Steven on Twitter @ihackforfun https://open-security-summit.org/FOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Apr 5, 2018 • 31min

Jim Manico -- The #OWASP Cheat Sheet Project

Jim Manico joins us to discuss some of the changes with the OWASP Cheat Sheets and their plans for that project's future. Jim also talks about how they are looking for experts to create or update some of the Cheat Sheets. You can find Jim on Twitter @manicodeFOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Mar 23, 2018 • 34min

Neil Smithline -- OWASP Top 10 #10: Logging

Neil Smithline joins this week to discuss one of the new items on the OWASP Top 10 List, Insufficient Logging and Monitoring. You can find Neil on Twitter @neilsmithineFOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
undefined
Mar 16, 2018 • 43min

Jim Routh -- Selling #AppSec Up The Chain

Jim Routh joins the podcast to discuss selling #AppSec up the chain. Jim has built five successful software security programs in his career and serves as a CISO now. Jim shares his real-world experience with successfully selling #AppSec to senior management (as well as many other pieces of wisdom for running an AppSec program).You can find Jim on Twitter @jmrouth01FOLLOW OUR SOCIAL MEDIA:➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcastThanks for Listening!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app