Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo

AppSec Podcasts

show episodes
 
The cybersecurity podcast about application security and those who practice it. Hosted by tech industry veterans, each episode focuses on a specific area of cybersecurity, with the hosts and their guests sharing their practitioners’ experiences and opinions, sprinkled liberally with a solid dose of humor and anecdotes.
  continue reading
 
Artwork
 
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs. If you’re an AppSec professional looking for an opportunity to work with some of the best in the ...
  continue reading
 
Artwork
 
AppSec Builders features practical and actionable conversations with application security experts and practitioners. Topics range from understanding and solving classes of vulnerability, building protections to efficiently scale with your business, and core best practices to strengthen your security posture. AppSec Builders is hosted by Jb Aviat, AppSec staff engineer at Datadog, former CTO and co-founder at Sqreen and Apple Red Team member. Contact us at [email protected]
  continue reading
 
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
  continue reading
 
Secured is the podcast for software security enthusiasts. Host Cole Cornford sits down with Australia's top software security experts to uncover their unconventional career paths and the challenges they faced along the way. Listen in as they share their insights on the diverse approaches to AppSec, company by company, and how each organisation's security needs are distinct and require personalised solutions. Gain insider access to the masterminds behind some of Australia's most successful So ...
  continue reading
 
Artwork

1
The API Hour

Christine Bevilacqua

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly+
 
The API Hour is your front-row seat to where APIs meet InfoSec. Hosted by Dan Barahona and brought to you by APIsec University, each episode dives into real-world breaches, testing tactics, and the tools shaping AppSec. Whether you're building, breaking, or securing APIs, you'll get practical insights from the experts redefining API security. Plug in, lock down, and decode what’s really going on behind the APIs—because in a connected world, security is everything.
  continue reading
 
Automation, Generative AI, Shift Left - the world of application security is evolving fast, and so are the conversations that shape it. Welcome to The Security Champions Podcast, the go-to resource for insights from the front lines of application security. The podcast is cohosted by Michael Burch, Director of Application Security for Security Journey, and Dustin Lehr, the Director of AppSec Advocacy. Each month, one of them shares a candid conversation with security leaders, engineering voic ...
  continue reading
 
The Future of Application Security is a podcast for ambitious leaders who want to build a modern and effective AppSec program. Doing application security right is really hard and we want to help other experts build the future of AppSec by curating the best industry insights, tips and resources. What’s the most important security metric to measure in 2024? It’s Mean Time to Remediate (MTTR). Download our new MTTR guide: https://lnkd.in/evjcf4Vt
  continue reading
 
Working in cybersecurity can lead to many restless nights worrying about the safety of your applications. But don’t let software insecurity get you down – we’re here to help you take back your sleep. World-renowned software security evangelists will join our Checkmarx experts Stephen Gates and Matt Slotten to get inside the minds of cyber attackers. Our conversations will be packed with insight into the latest software threats and best practices for maturing your application security program ...
  continue reading
 
Artwork

1
The Security Repo

Mackenzie Jackson & Dwayne McDaniel

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Weekly
 
The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.
  continue reading
 
Artwork

1
The Security Table

Izar Tarandach, Matt Coles, and Chris Romeo

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly+
 
The Security Table is four cybersecurity industry veterans from diverse backgrounds discussing how to build secure software and all the issues that arise!
  continue reading
 
I'm always fascinated by new technology, especially AI. One of my biggest regrets is not taking AI electives during my undergraduate years. Now, with consumer-grade AI everywhere, I’m constantly discovering compelling use cases far beyond typical ChatGPT sessions. As a tech founder for over 22 years, focused on niche markets, and the author of several books on web programming, Linux security, and performance, I’ve experienced the good, bad, and ugly of technology from Silicon Valley to Asia. ...
  continue reading
 
Artwork

1
ITSPmagazine

ITSPmagazine, Sean Martin, Marco Ciappelli

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Daily
 
Broadcasting Ideas and Connecting Minds at the Intersection of Cybersecurity, Technology and Society. Founded by Sean Martin and Marco Ciappelli in 2015, ITSPmagazine is a multimedia platform exploring how technology, cybersecurity, and society shape our world. For over a decade, we've recognized this convergence as one of the most defining forces of our time—and it's more critical than ever. Our global community encourages intellectual exchange, challenging assumptions and diving deep into ...
  continue reading
 
Artwork

1
Redefining CyberSecurity

Sean Martin, ITSPmagazine

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Weekly
 
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
  continue reading
 
ConversingLabs Podcast brings you conversations with the best and brightest minds in malware analysis, threat hunting, incident response and software assurance. Hosted by Paul Roberts, Cyber Content Lead at ReversingLabs, ConversingLabs digs into cutting edge topics that are most pressing in the world of cybersecurity.
  continue reading
 
Artwork

1
The Application Security Podcast

Chris Romeo and Robert Hurlbut

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly+
 
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
  continue reading
 
Artwork

1
BrakeSec Education Podcast

Bryan Brake, Amanda Berlin, and Brian Boettcher

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly
 
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
  continue reading
 
Building a cybersecurity program is complicated. Building one that is equipped to truly enable the organization it serves is another thing altogether. Robert Wood from Sidekick Security interviews security leaders from a diverse set of organizations to talk about program transformations. From team design, technology, compliance versus security, and strategic leadership, learn about how to lead a program transformation of your own from people who have gone through it before.
  continue reading
 
Loading …
show series
 
SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them. So why …
  continue reading
 
In this episode of The AppSec Insiders Podcast, we dive into two major security stories making headlines: a fake Solidity extension that drained a developer’s crypto wallets, and Google’s AI-powered tool “Big Sleep” uncovering a critical Chrome vulnerability. From malicious packages to AI-driven defenses, we break down what these cases reveal about…
  continue reading
 
Large language models are transforming software development by making it easier to write and connect code, but they also introduce serious security risks. Vulnerabilities like LLM command injection, SSRF, and insecure outputs mirror traditional web flaws while creating new attack vectors unique to AI-driven apps. In this episode, Dan Murphy and Rya…
  continue reading
 
In this episode of the Security Repo Podcast, Jenn Gile shares insights from her hands-on security education at DEF CON's AppSec Village, where she ran a wildly successful lottery-style dependency upgrade game. She discusses the challenges developers face with remediation, the importance of empathy in AppSec, and how gamified, tangible learning exp…
  continue reading
 
⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com ______Title: AI Creativity Expert Reveals Why Machines Need More Freedom - Creative Machines: AI, Art & Us Book Interview | A Conversation with Author Maya Ackerman | Redefining Society And Technology Podcast With Marco Ciappelli ______Guest: Maya Ackerma…
  continue reading
 
In this issue of the Future of Cyber newsletter, Sean Martin digs into a topic that’s quietly reshaping how software gets built—and how it breaks: the rise of AI-powered coding tools like ChatGPT, Claude, and GitHub Copilot. These tools promise speed, efficiency, and reduced boilerplate—but what are the hidden trade-offs? What happens when the tool…
  continue reading
 
In this issue of the Future of Cyber newsletter, Sean Martin digs into a topic that’s quietly reshaping how software gets built—and how it breaks: the rise of AI-powered coding tools like ChatGPT, Claude, and GitHub Copilot. These tools promise speed, efficiency, and reduced boilerplate—but what are the hidden trade-offs? What happens when the tool…
  continue reading
 
In this episode of the Security Repo Podcast, we chat with Alyssa Miles, a product marketing leader at CyberArk, about building authentic developer communities in the security space. She shares her journey from agency marketing to driving developer engagement, along with insights from Hacker Summer Camp and strategies for enabling community-driven …
  continue reading
 
We’re debating the concepts of 'Shift Left' and 'Shift Down' in the world of cybersecurity. We explore the intricacies of developer responsibility, the impact of modern AI on code security, and the delicate balance between innovation and secure coding practices. Join us for a thought-provoking discussion that ranges from keeping our digital world s…
  continue reading
 
⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com _____ Newsletter: Musing On Society And Technology https://www.linkedin.com/newsletters/musing-on-society-technology-7079849705156870144/ _____ Watch on Youtube: https://youtu.be/nFn6CcXKMM0 _____ My Website: https://www.marcociappelli.com _______________…
  continue reading
 
⬥GUEST⬥ Pieter VanIperen, CISO and CIO of AlphaSense | On Linkedin: https://www.linkedin.com/in/pietervaniperen/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ Real-World Principles for Real-…
  continue reading
 
⬥GUEST⬥ Pieter VanIperen, CISO and CIO of AlphaSense | On Linkedin: https://www.linkedin.com/in/pietervaniperen/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ Real-World Principles for Real-…
  continue reading
 
SBOMs were supposed to be the ingredient label for software—bringing transparency, faster response, and stronger trust. But reality shows otherwise. Fewer than 1% of GitHub projects have policy-driven SBOMs. Only 15% of developer SBOM questions get answered. And while 86% of EU firms claim supply chain policies, just 47% actually fund them. So why …
  continue reading
 
In this episode of the Security Repo Podcast, Aria Langer returns to share deep insights from her work in privileged access management and the challenges of implementing security controls without alienating coworkers. She and Dwayne dive into the often-overlooked importance of empathy in cybersecurity, exploring how human connection can make securi…
  continue reading
 
We’re diving into the relevance and execution of threat modeling within agile development environments. We dissect the claims, explore the true integration of agile practices with threat modeling, and address the misconceptions and challenges commonly faced. Check out the episode to find out if threat modeling is indeed slowing down agile processes…
  continue reading
 
This episode provides an extensive overview of the complex and rapidly evolving landscape of Artificial Intelligence (AI) copyright litigation, with a particular focus on the landmark $1.5 billion settlement in the Bartz v. Anthropic case. This settlement addresses Anthropic's infringement by pirating books from shadow libraries like LibGen and PiL…
  continue reading
 
Dealing with vulns tends to be a discussion about prioritization. After all, there a tons of CVEs and dependencies with known vulns. It's important to figure out how to present developers with useful vuln info that doesn't overwhelm them. Francesco Cipollone shares how to redirect that discussion to focus on remediation and how to incorporate LLMs …
  continue reading
 
Dealing with vulns tends to be a discussion about prioritization. After all, there a tons of CVEs and dependencies with known vulns. It's important to figure out how to present developers with useful vuln info that doesn't overwhelm them. Francesco Cipollone shares how to redirect that discussion to focus on remediation and how to incorporate LLMs …
  continue reading
 
This episode discusses a multifaceted view of the rapid growth and regulatory landscape of Artificial Intelligence in China, highlighting both the technological advancements and the strategic governmental approach. One source details China's leading "Six Tigers" AI unicorn companies—such as Zhipu AI and MiniMax—describing their origins, funding, an…
  continue reading
 
This episode primarily discusses the evaluation and performance of large language models (LLMs) in complex software engineering tasks, specifically focusing on long-context capabilities. One source, an excerpt from Simon Willison’s Weblog, praises the new Claude Sonnet 4.5 model for its superior performance in code generation, detailing an impressi…
  continue reading
 
⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com ______Title: Tech Entrepreneur and Author's AI Prediction - The Last Book Written by a Human Interview | A Conversation with Jeff Burningham | Redefining Society And Technology Podcast With Marco Ciappelli ______Guest: Eli Lopian Founder of Typemock Ltd |…
  continue reading
 
When we talk about AI at cybersecurity conferences these days, one term is impossible to ignore: agentic AI. But behind the excitement around AI-driven productivity and autonomous workflows lies an unresolved—and increasingly urgent—security issue: identity. In this episode, Sean Martin and Marco Ciappelli speak with Cristin Flynn Goodwin, keynote …
  continue reading
 
The cybersecurity industry operates on a fundamental misconception: that consumers want to understand and manage their digital security. After 17 years at F-Secure and extensive consumer research, Dmitri Vellikok has reached a different conclusion—people simply want security problems to disappear without their involvement. This insight has driven F…
  continue reading
 
⬥GUEST⬥ Aunshul Rege, Director at The CARE Lab at Temple University | On Linkedin: https://www.linkedin.com/in/aunshul-rege-26526b59/ ⬥CO-HOST⬥ Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ ⬥HOST⬥ Host: S…
  continue reading
 
⬥GUEST⬥ Aunshul Rege, Director at The CARE Lab at Temple University | On Linkedin: https://www.linkedin.com/in/aunshul-rege-26526b59/ ⬥CO-HOST⬥ Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ ⬥HOST⬥ Host: S…
  continue reading
 
In this episode of the Security Repo Podcast, we chat with Jake Hildreth, Principal Security Consultant at Semperis, about the enduring challenges of securing Active Directory in a hybrid cloud world. Jake shares war stories from the field, including dangerously misconfigured environments and the real-world impacts of legacy systems. We also explor…
  continue reading
 
We’re discussing the intriguing world of cyber privateers and the concept of 'hacking back' against cyber criminals. The discussion centers around a proposed bill in the U.S. Congress, H.R. 4988, that aims to authorize private individuals to pursue cyber criminals with the full backing of government-issued letters of marque. We explore the historic…
  continue reading
 
Episode Summary Can multi-factor authentication really “solve” security, or are attackers already two steps ahead? In this episode of The Secure Developer, we sit down with Paul Querna, CTO and co-founder at ConductorOne, to unpack the evolving landscape between authentication and authorisation. In our conversation, Paul delves into the difference …
  continue reading
 
Francesco Cipollone, the CEO of Phoenix Security, shares his extensive experience in AI and security, discussing the crucial difference between true AI agents and glorified chatbots. Learn why Phoenix Security utilizes six different LLMs instead of a single super agent. Understand the sobering economics behind AI implementation and the importance o…
  continue reading
 
In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple improves iOS with hardware-backed memory safety, DeepSeek demonstrates the difficulty in reviewing models, curl reduces risk by eliminating code, preserving the context of code reviews, and more! Visit https://www.securityweekly.com/asw for all the latest episo…
  continue reading
 
In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple improves iOS with hardware-backed memory safety, DeepSeek demonstrates the difficulty in reviewing models, curl reduces risk by eliminating code, preserving the context of code reviews, and more! Show Notes: https://securityweekly.com/asw-349…
  continue reading
 
A Mystery in Florence In Tuscany there is so much magic: hills decorated with olive trees, vineyards and cypresses, bell towers ringing everywhere, hidden gardens, and of course enchanted cities, full of history and beauty, where famous artists have created marvellous works of art. In this tale we find ourselves in the city of Florence, where magic…
  continue reading
 
The decision to leave a successful corporate position and start a company requires more than just identifying a market opportunity. For Shankar Somasundaram, it required witnessing firsthand how traditional cybersecurity approaches consistently failed in the environments that matter most to society: hospitals, manufacturing plants, power facilities…
  continue reading
 
In this episode of the Security Repo Podcast, Andre Van Klaveren talks about his decades-long journey through IT, software development, and application security, culminating in the reboot of the OWASP St. Louis chapter. They discuss the history and importance of OWASP, community building in a post-pandemic world, and how risk-based thinking and str…
  continue reading
 
Dr. Kim Wuyts and Avi Douglen join us in today's episode. Both guests are fresh from their training sessions at Black Hat and DEF CON in Las Vegas and share a quick overview of their experiences. We discuss a newly developed privacy awareness card game called 'Context and Cringe,' which aims to educate participants about privacy issues in a fun and…
  continue reading
 
In what is (sadly) becoming a weekly segment, this episode starts with talk of the latest installment of npm package takeovers, dubbed Shai Hulud as discussed in Slack and analyzed by Paul McCarty and team. Strategies discussed for monitoring packages and preventing malware from entering into organization's products. This is followed by an article …
  continue reading
 
Episode Summary Bob Remeika, CEO and Co-Founder of Ragie, joins host Danny Allan to demystify Retrieval-Augmented Generation (RAG) and its role in building secure, powerful AI applications. They explore the nuances of RAG, differentiating it from fine-tuning, and discuss how it handles diverse data types while mitigating performance challenges. The…
  continue reading
 
Loading …
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play