About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
Sdlc Podcasts
Brief of SDLC Cover art photo provided by Vanessa Ives on Unsplash: https://unsplash.com/@vanessaives
…
continue reading
Digestible, research-backed briefs on software, management, and the systems that shape performance—plus the occasional, clearly labeled detour.
…
continue reading
Welcome to "The Teacher's Forum" hosted by David Harris, a veteran educator with 32 years of experience in private, public, and charter schools. This podcast is your platform to hear the voices of educators from the United States and around the world, with a special focus on educators of color, who are often overlooked in crucial education discussions today. Join us as we dive into important topics, and experiences of K-12 educators, and get a chance to hear from David’s former students, as ...
…
continue reading
Welcome to Shaping Healthcare, a podcast by CitiusTech. Some of the great minds in the world are constantly striving to solve the healthcare industry's greatest challenges with technology, creativity, and agility. With every episode of The Shaping Healthcare Podcast, we will take you deeper into the world of healthcare and life sciences and give you a perspective into what it takes to build a human-first, technologically enabled healthcare world.
…
continue reading
Tune into our tech conversations that allow you to stay up to date on tech trends. Our podcasts revolve around cutting edge tech topics from the most insightful hosts from Knoldus.
…
continue reading
Learn how the top brands wow customers through production-first engineering. On this podcast you will find the tactics, methodologies, and metrics used to drive customer value by the engineering leaders actually doing it. Join Rookout CTO, Liran Haimovitch as he explores how customer-centric brands approach engineering to create a competitive advantage; with interviews covering topics such as automation, issue resolution, team structure, DevOps, and more.
…
continue reading
Modern Software Explore the ever-evolving world of technology and innovation with Modern Software, the podcast that delves into the trends, tools, and techniques shaping the way we build, test, and consume digital solutions. From testing innovations to development breakthroughs, we cover everything impacting those who create software—and those who benefit from it. Join us for casual, conversational interviews with fascinating voices from across the tech space, as we uncover insights, share s ...
…
continue reading

1
Design Errors in Entra ID, Design Defenses in iOS, Design Difficulties in DeepSeek - ASW #349
58:43
58:43
Play later
Play later
Lists
Like
Liked
58:43In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple improves iOS with hardware-backed memory safety, DeepSeek demonstrates the difficulty in reviewing models, curl reduces risk by eliminating code, preserving the context of code reviews, and more! Visit https://www.securityweekly.com/asw for all the latest episo…
…
continue reading

1
How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - ASW #348
1:08:00
1:08:00
Play later
Play later
Lists
Like
Liked
1:08:00This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now. We start…
…
continue reading

1
Voices of Change: Dr. RoseMary Clairmont and Jonathan Santos Silva on Reclaiming Indigenous Education
1:15:27
1:15:27
Play later
Play later
Lists
Like
Liked
1:15:27Send us a text message and let us know what you think and for ideas for future episodes. In this episode of The Teacher’s Forum, David sits down with Jonathan Santos Silva and Dr. RoseMary Clairmont to explore the revitalization of Native education. From Dr. Clairmont's journey from the classroom to tribal leadership (04:12) to Jonathan's powerful …
…
continue reading

1
Limitations and Liabilities of LLM Coding - Seemant Sehgal, Ted Shorter - ASW #347
1:17:09
1:17:09
Play later
Play later
Lists
Like
Liked
1:17:09Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity’s door. They discuss the terrifying reality of quantum computing’s power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline…
…
continue reading

1
Challenging the Narrative: Ismail Khalidi on Storytelling and the Palestinian Perspective
58:08
58:08
Play later
Play later
Lists
Like
Liked
58:08Send us a text message and let us know what you think and for ideas for future episodes. In this episode of The Teacher’s Forum, David reconnects with his former student, award-winning playwright and screenwriter Ismail Khalidi, to explore identity, art, and Palestine. From growing up Palestinian in America (05:45) to the influence of family and ed…
…
continue reading

1
AI, APIs, and the Next Cyber Battleground: Black Hat 2025 - Chris Boehm, Idan Plotnik, Josh Lemos, Michael Callahan - ASW #346
1:08:11
1:08:11
Play later
Play later
Lists
Like
Liked
1:08:11In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pu…
…
continue reading

1
Translating Security Regulations into Secure Projects - Roman Zhukov, Emily Fox - ASW #345
1:13:31
1:13:31
Play later
Play later
Lists
Like
Liked
1:13:31The EU Cyber Resilience Act joins the long list of regulations intended to improve the security of software delivered to users. Emily Fox and Roman Zhukov share their experience education regulators on open source software and educating open source projects on security. They talk about creating a baseline for security that addresses technical items…
…
continue reading

1
QA in HealthTech will never be the same: How Gen AI is driving the change
28:32
28:32
Play later
Play later
Lists
Like
Liked
28:32In this episode of the Shaping Healthcare Podcast, host Laurel Rockall welcomes Gaurav Shrimal, AVP of Quality & Validation at CitiusTech, and Kanika Pandey, VP of Global Sales at Loadmill, to explore how Gen AI is reshaping quality assurance in healthcare. Join them to gain insights into: Dual impact of Gen AI on QA: transforming QA processes and …
…
continue reading
Navigating the AI Supercar: Reshaping the SDLCBy Context Engineered
…
continue reading

1
Managing the Minimization of a Container Attack Surface - Neil Carpenter - ASW #344
1:08:17
1:08:17
Play later
Play later
Lists
Like
Liked
1:08:17A smaller attack surface should lead to a smaller list of CVEs to track, which in turn should lead to a smaller set of vulns that you should care about. But in practice, keeping something like a container image small has a lot of challenges in terms of what should be considered minimal. Neil Carpenter shares advice and anecdotes on what it takes to…
…
continue reading

1
Bridging the AI Productivity GAP in Software Development
52:29
52:29
Play later
Play later
Lists
Like
Liked
52:29By Context Engineered
…
continue reading

1
The Future of Supply Chain Security - Janet Worthington - ASW #343
42:13
42:13
Play later
Play later
Lists
Like
Liked
42:13Open source software is a massive contribution that provides everything from foundational frameworks to tiny single-purpose libraries. We walk through the dimensions of trust and provenance in the software supply chain with Janet Worthington. And we discuss how even with new code generated by LLMs and new terms like slopsquatting, a lot of the most…
…
continue reading
Focus on the Product Requirements Prompt (PRP) framework, a structured approach to context engineering for AI-assisted software development. They explain that traditional "vibe coding" and simple prompt engineering are insufficient for complex tasks, proposing that PRPs, which combine adapted Product Requirements Documents with curated codebase int…
…
continue reading

1
Beyond Prompting: Mastering AI Code Assistance with Context Engineering
22:11
22:11
Play later
Play later
Lists
Like
Liked
22:11Context engineering transforms AI coding tools from unpredictable autocomplete systems into reliable development partners through systematic information architecture rather than ad-hoc prompting. The approach involves dynamic curation of project knowledge, structured workflows, and tool-specific optimizations that deliver measurable results—includi…
…
continue reading
This is an introductory breakdown of Context Engineering. The discipline of managing the context window provided to a LLM during inference.By Context Engineered
…
continue reading

1
Uniting software development and application security - Will Vandevanter, Jonathan Schneider - ASW #342
58:07
58:07
Play later
Play later
Lists
Like
Liked
58:07Maintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Schneider talks about the engineering considerations of refactoring and rewriting code, why code maintenance is important to appsec, and how to build con…
…
continue reading

1
How Product-Led Security Leads to Paved Roads - Julia Knecht - ASW #341
1:04:11
1:04:11
Play later
Play later
Lists
Like
Liked
1:04:11A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an …
…
continue reading

1
Rise of Compromised LLMs - Sohrob Kazerounian - ASW #340
1:06:35
1:06:35
Play later
Play later
Lists
Like
Liked
1:06:35AI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of software or a system. In some cases, it doesn't matter if a human or an LLM generated code -- the code needs to be reviewed for common flaws and design p…
…
continue reading

1
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
1:07:50
1:07:50
Play later
Play later
Lists
Like
Liked
1:07:50What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users. The better question is, "What do you want to secure?" We discus…
…
continue reading

1
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338
1:07:15
1:07:15
Play later
Play later
Lists
Like
Liked
1:07:15Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…
…
continue reading

1
Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337
38:26
38:26
Play later
Play later
Lists
Like
Liked
38:26Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from a…
…
continue reading

1
How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336
1:01:18
1:01:18
Play later
Play later
Lists
Like
Liked
1:01:18Fuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests…
…
continue reading

1
Rooted in Resilience (Part II): Dr. Rodney Glasgow on Reclaiming, Resisting, and Reimagining the Legacy of POCC and SDLC
42:58
42:58
Play later
Play later
Lists
Like
Liked
42:58Send us a text message and let us know what you think and for ideas for future episodes. In Part II of this compelling Pride Month conversation, David continues his interview with Dr. Rodney Glasgow, focusing on the recent pause of the NAIS People of Color Conference (POCC) and the Student Diversity Leadership Conference (SDLC), and what that means…
…
continue reading

1
Threat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335
1:08:00
1:08:00
Play later
Play later
Lists
Like
Liked
1:08:00What makes a threat modeling process effective? Do you need a long list of threat actors? Do you need a long list of terms? What about a short list like STRIDE? Has an effective process ever come out of a list? Farshad Abasi joins our discussion as we explain why the answer to most of those questions is No and describe the kinds of approaches that …
…
continue reading

1
The rise of Gen AI in healthcare: Challenges, opportunities, and what's next
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50In this episode of Shaping Healthcare, host Laurel Rockall welcomes Healthcare and Life Sciences experts Kaushik Raha and Harvey Ruback, for an in-depth discussion on the rapid rise of generative AI (Gen AI) in healthcare and what it means for the future. Join them as they: Break down the difference between traditional AI and Generative AI using fo…
…
continue reading

1
Rooted in Resilience (Part I): Dr. Rodney Glasgow on Pride, Purpose, and the Power of Living Authentically
46:08
46:08
Play later
Play later
Lists
Like
Liked
46:08Send us a text message and let us know what you think and for ideas for future episodes. In Part I of this powerful Pride Month conversation, David speaks with Dr. Rodney Glasgow, a prominent educator and advocate for equity and inclusion, about the intersections of race, class, and sexual orientation, and the role of educators in today’s challengi…
…
continue reading

1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334
1:09:09
1:09:09
Play later
Play later
Lists
Like
Liked
1:09:09CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…
…
continue reading

1
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333
39:06
39:06
Play later
Play later
Lists
Like
Liked
39:06The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our sea…
…
continue reading

1
A Legacy in Every Note: How Michael and Lana Manson Are Transforming Lives Through the Musical Arts Institute
53:54
53:54
Play later
Play later
Lists
Like
Liked
53:54Send us a text message and let us know what you think and for ideas for future episodes. In this episode of The Teacher’s Forum, David speaks with Michael and Lana Manson, founders of the Musical Arts Institute in Chicago, in celebration of African American Music Appreciation Month. They discuss their musical roots, the role of HBCUs in shaping the…
…
continue reading

1
AI in AppSec: Agentic Tools, Vibe Coding Risks & Securing Non-Human Identities - Mo Aboul-Magd, Shahar Man, Brian Fox, Mark Lambert - ASW #332
1:04:35
1:04:35
Play later
Play later
Lists
Like
Liked
1:04:35ArmorCode unveils Anya—the first agentic AI virtual security champion designed specifically for AppSec and product security teams. Anya brings together conversation and context to help AppSec, developers and security teams cut through the noise, prioritize risks, and make faster, smarter decisions across code, cloud, and infrastructure. Built into …
…
continue reading

1
Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie - ASW #331
1:01:48
1:01:48
Play later
Play later
Lists
Like
Liked
1:01:48In the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenSSF and Linux Foundation. Then we share two more sponsored interviews f…
…
continue reading