Podcast Episodes
Back to Search
Limitations and Liabilities of LLM Coding - Seemant Sehgal, Ted Shorter - ASW #347
Up first, the ASW news of the week.
At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity’s door. They discuss the ter…
Published on 11 hours ago
AI, APIs, and the Next Cyber Battleground: Black Hat 2025 - Chris Boehm, Idan Plotnik, Josh Lemos, Michael Callahan - ASW #346
In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and …
Published on 1 week ago
Translating Security Regulations into Secure Projects - Roman Zhukov, Emily Fox - ASW #345
The EU Cyber Resilience Act joins the long list of regulations intended to improve the security of software delivered to users. Emily Fox and Roman Zhukov share their experience education regulators …
Published on 2 weeks ago
Managing the Minimization of a Container Attack Surface - Neil Carpenter - ASW #344
A smaller attack surface should lead to a smaller list of CVEs to track, which in turn should lead to a smaller set of vulns that you should care about. But in practice, keeping something like a cont…
Published on 3 weeks ago
The Future of Supply Chain Security - Janet Worthington - ASW #343
Open source software is a massive contribution that provides everything from foundational frameworks to tiny single-purpose libraries. We walk through the dimensions of trust and provenance in the so…
Published on 4 weeks ago
Uniting software development and application security - Will Vandevanter, Jonathan Schneider - ASW #342
Maintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Sc…
Published on 1 month ago
How Product-Led Security Leads to Paved Roads - Julia Knecht - ASW #341
A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requ…
Published on 1 month, 1 week ago
Rise of Compromised LLMs - Sohrob Kazerounian - ASW #340
AI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of so…
Published on 1 month, 2 weeks ago
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339
What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared…
Published on 1 month, 3 weeks ago
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338
Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this …
Published on 2 months ago