Podcast Episodes
Back to SearchEpisode 174 - Smart Contracts, Code Review Lessons Learned
If there were a magical world where mensch-y podcasters (@cktricky and @sethlaw) discuss smart contract vulnerabilities, secure code review experienc…
4 years ago
Episode 173 - Enumeration Attacks!
Yet ANOTHER episode of Absolute AppSec with Seth and Ken! User enumeration vulnerabilities are the order of the day. Seth digs in on an interesting …
4 years ago
Episode 172 - Jimmy Mesta - Kubernetes, Startup Adventures
Jimmy Mesta (@jimmesta) of KSOC joins Ken and Seth to talk about Kubernetes Security and startup adventures with KSOC. This leads to a discussion on …
4 years, 1 month ago
Episode 171 - Ruby Deserialization Walkthrough, Domain Takeovers
Ken and Seth are back to talk about potential of package hijacking based on DNS takeovers due to domain expirations. Ken provides a walkthrough of Ru…
4 years, 1 month ago
Episode 170 - Security Basics, Social Engineering, Plan for Failure
Seth and Ken return with a discussion of security basics and failures resulting from lack of security hygiene. As a developer, security engineer, or …
4 years, 1 month ago
Episode 169 - Finding Security Bugs
Seth and Ken return to the podcast and spend the episode reviewing the recent keynote from Mark Dowd at OffensiveCon 22 about the process he uses to …
4 years, 1 month ago
Episode 168 - Secure Code Review, Package Confusion, Privacy Acts
What's that sound?! Could it be the Absolute AppSec train coming 'round the bend, set to deliver @cktricky and @sethlaw's timely takes on Application…
4 years, 2 months ago
Episode 167 - Ken Toler - Cryptocurrency, Spring4Shell
A pair of Kens. A quick discussion on Spring4Shell and how the exploit takes advantage of Java's dynamic configuration options along with a data bind…
4 years, 2 months ago
Episode 166 - Web App Firewalls, ProtestWare, CSP Level 3
As sands through the hourglass, another episode is falls on a Tuesday in late March. It was not _the_ first episode, but it was an episode as Ken and…
4 years, 2 months ago
Episode 165 - Portswigger 2021 Top 10, Supply Chain Attacks, TLS Certs
Welcome to the latest nihilism and bitch session. In this episode, Seth and Ken review Portswigger's Top 10 list of the "most significant web securit…
4 years, 3 months ago