Best OWASP PDX Podcasts (2024)

1
AppSec Days PNW 2023 Portland: A conversation with Jeevan Singh and Chelsea Willis 26:43

12M ago26:43

26:43

AppSec Days PNW leaders Jeevan Singh and Chelsea Willis join us to talk about the upcoming OWASP collaborative event from the OWASP chapters of Vancouver, Victoria, Seattle, and Portland happening this year in Portland on June 10th. AppSec Days PNW has been running for three years now and this is the first in person event. You can learn more and re…

1
OWASP Portland Training Day Sponsor Highlight - Summit Security Group 14:43

2+ y ago14:43

14:43

Summit Security Group is a long time partner of Portland OWASP Training Day and this year's CTF sponsor. David Quisenberry interviews Summit Security Group Managing Director and Founder Dan Briley to talk about their services, trends they are seeing in their security consulting practice, and ways they encourage a learning lifestyle at Summit. Suppo…

1
OWASP Portland Training Day Sponsor Highlight - Cambia Health 13:02

2+ y ago13:02

13:02

Support the Show.By OWASP PDX

1
Michael Allen Lake - From the JEDI Initiative to the New U.S. Digital Corps 43:02

2+ y ago43:02

43:02

Our special guest today is Michael Allen Lake who is a digital transformation consultant focused on innovation and change adoption within the Federal government. He has worked on projects at nine different Federal agencies. His experience ranges from helping organizations leverage data as a strategic asset to the adoption and promotion of enterpris…

1
Sarba Roy - The Security World Is Your Oyster and You Are the Pearl 37:51

3y ago37:51

37:51

Our special guest today is Sarba Roy. Sarba is currently a Product Security Consultant at Umpqua Bank where she is collaborating and acting as a security advisor to the product teams when new digital technologies and/or business needs are identified. She is also the Oregon Affiliate Membership Chair for Women In CyberSecurity (WiCyS), and she also …

1
Aarti Gadhia - Doing Real Work in Bridging the Diversity Gap in Cybersecurity Leadership 21:18

3y ago21:18

21:18

Our special guest today is Aarti Gadhia. She is a highly successful cybersecurity professional who has worked in various leadership roles in sales and marking for well-known companies such as Bugcrowd, Carbon Black, Trend Micro and Sophos. Aarti is also the founder of Standout to Lead and SHE (Sharing Her Empowerment). Aarti is passionate about bri…

1
Jeff Williams - We Are in the Stone Age for Application Security 44:16

3y ago44:16

44:16

Our special guest today is Jeff Williams, Co-Founder and CTO of Contrast Security. Jeff was one of the pioneering members who formed the Open Web Application Security Project® (OWASP). Not only did he chair it, he also contributed to many successful open source projects, including WebGoat, the OWASP Application Security Verification Standard (ASVS)…

1
Frank Heidt - CEO and Co-Founder of Leviathan Security Group 43:59

3y ago43:59

43:59

Our special guest today is Frank Heidt who is the CEO and Co-Founder at Leviathan Security Group. Frank is a recognized expert in the fields of information assurance, network security and systems penetration. Prior to starting Leviathan, Frank was a managing security architect for @stake. He also engaged in various computer and networking security …

1
Rebekah Brown and Scott J. Roberts - Intelligence-Driven Incident Response 52:50

3y ago52:50

52:50

Our guests today are Rebekah Brown and Scott J. Roberts. They wrote a seminal book together called Intelligence-Driven Incident Response: Outwitting the Adversary. Both have extensive backgrounds in information security. Rebekah started her work as an intelligence and network warfare analyst while honorably serving in the United States Marine Corps…

1
Farshad Abasi and Roberto Salgado - Our New Pacific Northwest Application Security Conference (PNWSEC) 54:12

3y ago54:12

54:12

On Saturday, June 19, 2021 something very special is going to happen. For the first time, a perfect trifecta of OWASP chapters in the Pacific Northwest are getting together to host a virtual conference focused on serious application security. It's called the Pacific Northwest Application Security Conference (PNWSEC). The chapters hosting this fine …

1
Jonathan Badeen - Tinder Co-Founder - Flirting With Fire: A Conversation about Start-ups, Evolving App Sec, and His Path of Creation 46:19

3y ago46:19

46:19

Our special guest today is Jonathan Badeen, He is one of the co-founders of Tinder and has been its Chief Strategy Officer since March 2016. He is a programmer, designer and inventor, including Tinder's famous #SwipeRight feature. His other work experiences include Cardify, Chegg Flashcards, Casting Networks' FastCapture & Match Made. He is also an…

1
Nabil Hannan - I Can Teach Someone to Be Smart, but I Can't Teach Someone to Be Clever When It Comes to Training a Pentester; A Pentester Must Be the Latter 38:03

3y ago38:03

38:03

Our guest today is Nabil Hannan, who is a Managing Director at NetSPI. He leads the company’s consulting practice, focusing on helping clients solve their cyber security assessment, and threat & vulnerability management needs. He has over 13 years of experience in cyber security consulting from his tenure at Cigital/Synopsys Software Integrity Grou…

1
John Strand - Running a Security Company Is to Do Illegal Things With Permissions 39:41

3y ago39:41

39:41

John Strand is our special guest today. He is the owner of Black Hills Information Security - a company that specializes in penetration testing and security architecture services. He is also cofounder of Active Countermeasures. He created the popular Backdoors and Breaches incident response card game. He wrote a book called Offensive Countermeasure…

1
Lewis Ardern and PwnFunction - Discovering Clever Ways to Exploit the Vue.js JavaScript Framework 47:42

3y ago47:42

47:42

Our special guests today are Lewis Ardern and PwnFunction. Lewis is an Associate Principal Consultant at Synopsys where he focuses on web application security. He is also an organizer for the OWASP Bay Area Chapter. Check out his new SecuriTEA and Crumpets videos on YouTube. PwnFunction is an independent security consultant. He makes popular hackin…

1
Volko Ruhnke, Adam Shostack and Hadas Cassorla - Building Games to Teach Real-World Security 1:08:59

3+ y ago1:08:59

1:08:59

We have three very special guests today. All come from different backgrounds but share a common interest in gaming - the kind that can be used to teach you things, like how to become better at handling security incidents or winning a historical insurrection. This podcast is sponsored by the We Hack Purple Academy. Volko Ruhnke is a renowned wargame…

1
Caroline Wong - What a Top Chief Strategy Officer Has to Say About Security These Days 25:15

3+ y ago25:15

25:15

Our very special guest today is Caroline Wong. She is the Chief Strategy Officer at Cobalt. As CSO, Caroline leads the Security, Community, and People teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role. Caroline’s close and practical information security knowledge …

1
Jim Manico - "Kūlia I Ka Nu'u" to Be Your Best in Security 33:49

3+ y ago33:49

33:49

Our special guest today is Jim Manico. He is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the co-founder of the LocoMoco Security Conference in Hawaii as well as an investor and advisor for BitDiscovery and Signal Sciences. Jim is a frequent speaker on secure software pra…

1
Bruce Schneier - We Live in a Security and Privacy World That Science Fiction Didn't Predict 32:55

3+ y ago32:55

32:55

Our distinguished guest today is Bruce Schneier. Bruce is a public-interest security and privacy technologist, cryptographer, an author of over one dozen books, including the famous blue and red versions of Applied Cryptography. His most recent book is Click Here to Kill Everybody. He is a fellow and lecturer at Harvard's Kennedy School and a board…

1
STÖK - What It Takes to Be a Good Hacker 23:52

3+ y ago23:52

23:52

Our guest today is Fredrik Alexandersson. You probably know him better as STÖK. He is a highly regarded Swedish hacker and cyber-security advisor with passions in technology and sustainable fashion. Our conversation today is about hacking and bug bounties. STÖK brings to the table many years of experience with a refreshingly positive perspective in…

1
Terry Dunlap - IoT Security Starts with Getting Rid of Your IoT Devices 24:25

3+ y ago24:25

24:25

Our guest today is Terry Dunlap. Arrested at 17 while hacking with a Commodore 64, Terry went on to work for the US National Security Agency to help track terrorists. He left the NSA in 2007 to bootstrap Tactical Network Solutions, an offensive-focused cyber company catering to the world's friendly foreign governments and militaries. Today he's a c…

1
Dr. Linus Karlsson - The Art of Managing Open Source Vulnerabilities is Good Science Too 19:01

3+ y ago19:01

19:01

Our guest today is Dr. Linus Karlsson who is a security specialist for Debricked - a company that was founded in 2018 as a spin-off from a research project at Lund University in Sweden. Dr. Karlsson has done some fascinating security research work in the areas of trusted computing, cryptography, software-defined networking and interconnectivity of …

1
Terry Tower - Drones Be Hacked 26:34

3+ y ago26:34

26:34

Our guest today is our very own Terry Tower. Terry was in the Army for almost 11 years with two deployments in Iraq. He currently works for EZDrone in Portland, Oregon and for VanderHouwen at the Nike Campus doing devops with security in mind. He has a Masters in Computer Science and a Bachelors in Business. Terry's drone experience started out whe…

1
Andrew van der Stock - OWASP Executive Director - Our Software is the Firewall 25:50

3+ y ago25:50

25:50

Our special guest today is Andrew van der Stock. He is our new Executive Director at OWASP, taking the Foundation through organizational change and taking our mission to the next level. Andrew is a seasoned web application security specialist and enterprise security architect. He has worked in the IT industry for over 25 years. He has researched an…

1
Simon Bennetts and Rick Mitchell - The Great Proxy Wars - ZAP vs. Burp Suite 18:19

4y ago18:19

18:19

Our special guests today are Simon Bennetts and Rick Mitchell. Simon co-leads the OWASP Zed Attack Proxy (ZAP) project, which he started in 2009 and is a Distinguished Engineer at StackHawk, a SaaS company that uses ZAP to help users fix application security bugs before they hit production. He has talked about and demonstrated ZAP at conferences al…

1
Eva Galperin - Director of Cybersecurity at the Electronic Frontier Foundation (EFF) - Go Look Where No One Else is Looking 31:10

4y ago31:10

31:10

Our special guest today is Eva Galperin who is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF). Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from San Francisco State University (SFSU). Her work is primarily …

1
Glenn Bravy and Merritt Wilson - Secure Code Warrior - Are Some Languages More Dangerous Than Others? 22:18

4y ago22:18

22:18

Our guests today are Glenn Bravy and Merritt Wilson. Glenn works at Secure Code Warrior, partnering with people who believe that secure code training can be both hands-on and enjoyable. When it comes to getting upskilling, active learning and consistent practice outperform talent over time. When not working, Glenn is trying to hack and grow veggies…

1
Jake King - Linux Cloud and Endpoint Security - Do It Wisely. Make it Easy. 23:15

4y ago23:15

23:15

Our guest today is Jake King, who is the CEO & Co-Founder of Cmd. He's a long-time security practitioner specializing in infrastructure security, primarily in cloud environments. Prior to starting Cmd, Jake managed the security program at social media giant Hootsuite where he experienced first-hand the risks pertaining to Linux systems at scale. Cm…

1
Eric Higgins - Security From Zero: Practical Security for Busy People 18:53

4y ago18:53

18:53

Our guest today is Eric Higgins. He has been in the technology industry for over 20 years. He spent a decade in Silicon Valley, where he worked at Google and then led the security team at Optimizely. Now he runs a consulting firm that helps business leaders understand how to start a security program at their company - and how to help it be successf…

1
Mike Goodwin and Jon Gadsden - Threat Dragon is for Threat Modeling. Come Help Build It! 26:44

4y ago26:44

26:44

Today we are going to be talking about - OWASP Threat Dragon - and our guests are Mike Goodwin, the founder, and Jon Gadsden, a major contributor to the project. Threat Dragon is a popular, free tool used for threat modeling, including diagramming, threat identification, mitigation and report generation. Mike is the VP of Product Security and Archi…

1
Ashish Patel - Best Practices for Proactive Cloud Security 16:05

4y ago16:05

16:05

We're super delighted to have today, Ashish Patel. He's a security engineer on the Box Infrastructure Security team. He usually lives in the realm of cloud security and automating security related tasks that scale across multiple clouds & attack surfaces. Articles written by Ashish and talked about on the show: Cloud Security Automation with Python…

1
Theresa Masse - Department of Homeland Security - Tips,Tricks and Free AppSec Services from the DHS - Stay Protected from the New Bad COVID-19 Actors 17:29

4y ago17:29

17:29

Our honored guest today is Theresa Masse. She is the U.S. Department of Homeland Security's Cyber Security Advisor for Region X, including Oregon, Washington, Idaho and Alaska. Ms. Masse was the first Chief Information Security Officer (CISO) for the State of Oregon as well as the CISO for the Port of Portland for almost 15 years combined. We'll ta…

1
John Andersen - The Easiest Way to Use Machine Learning for AppSec (DFFML) 16:40

4y ago16:40

16:40

John Andersen is our distinguished guest today. He is a software security engineer with a passion for open source. He works for a really big Fortune 500 company here in Oregon doing product security and runs an open source project called Data Flow Facilitator for Machine Learning or DFFML. He's also done product level pentesting, secure design life…

1
Tanya Janca - SheHacksPurple - Some of the Best AppSec Advice You'll Ever Hear Here! 42:59

4y ago42:59

42:59

Our special guest today is Tanya Janca, also known as ‘SheHacksPurple'. She is the founder, security trainer and coach of SheHacksPurple.dev, specializing in software and cloud security. Her obsession with securing software runs deep, from starting her company, to running her own OWASP chapter for 4 years in Ottawa, co-founding a new OWASP chapter …

1
Laura Chappell - Inspiring the Next Generation of Security People to Do Wireshark Packet Analysis on the Interplanetary Internet 25:07

4y ago25:07

25:07

Welcome back to another edition of the OWASP PDX podcast. Our special guest today is Laura Chappell. She's a leading expert in network packet analysis, a public speaker, educator and author, including several best selling books on Wireshark and TCP/IP. She's the founder of Chappell University that helps students to prepare for the WCNA certificatio…

1
Kaliya Young - How We See Identity for Authentication Needs to Change 18:37

4y ago18:37

18:37

Welcome back to another OWASP PDX podcast. Our special guest today is Kaliya Young. She is an expert when it comes to self-sovereign identity on the Internet. For many of us who build and integrate authentication systems into our web apps, an identifier is usually nothing more than an e-mail address or an account number that we define and not the i…

1
U.S. Senator Ron Wyden (OR) - Election Security, Mind Your Own Business Act, Encryption Weakening, NSA Surveillance, FISA, SIM Swapping and STEM Initiatives 18:14

4y ago18:14

18:14

Welcome back to the OWASP PDX Podcast. Today we have a very distinguished guest, senior United States Senator for Oregon, Ron Wyden. He's been a senator for our beautiful state since 1996. He's a member of the Democratic Party and has previously served in the U.S. House of Representatives from 1981 until 1996. He is the current dean of Oregon's con…

1
Ian Melven - Playing the Long Game in Infosec 14:48

4y ago14:48

14:48

Welcome to another edition of the Portland, Oregon OWASP podcast. Today we'll be talking with, Ian Melven. Bio: Ian Melven currently leads security at an Los Angeles based startup. Previously, he built and led the Product Security team at New Relic. Ian has worked in security related roles for over 15 years, including at Mozilla, Adobe, McAfee and …

1
Mark Curphey - Founder of OWASP - Security. Don't Be Shy. Just Ask! 20:35

4y ago20:35

20:35

Welcome back to the OWASP PDX Podcast Today, we're talking with none other than Mark Curphey, the founder of OWASP. Mark is also founder and CEO of SourceClear. And, as we just learned this week, cofounder of his new venture Open Raven. Mark moved to the U.S. in 2000 to join Internet Security Systems (now a part of IBM), and later held roles. inclu…

1
Chad Holmes - CMD+CTRL Web Application Cyber Range 11:55

4y ago11:55

11:55

Today we'll be talking with Chad Holmes. Chad is a Product Marketing Manager for Security Innovation with a focus on educating customers on emerging Cyber Range technologies and how they can improve security education within organizations. Prior to joining Security Innovation, Chad was a Penetration Tester, Product Manager, Security Program Manager…

1
Aaron and Ray - Application Security. It's Really About the Code! 20:12

4+ y ago20:12

20:12

Today we'll be talking with Aaron and Ray. Aaron is an Application Security Engineer with almost 10 years of experience. His unorthodox career path has led to many unique insights in the security industry. Ray is a life coach and conspiracy theorist. He does AppSec in his non-spare time for money. Both are insightful and brutally honest appsec blog…

1
Ryan Krause - Some Good Advice for Those Who Want to Become Pen Testers 15:34

4+ y ago15:34

15:34

Today we'll be talking with Ryan Krause. Ryan is a penetration tester based Portland, Oregon. He's worked in various security areas for the past 11 years, including companies such as HP, eEye Digital Security, which is now BeyondTrust, and Comcast with a primary focus on app security and development. He's currently a consultant at NetSPI, where he …

1
Tim Morgan - Breaking New Ground in Predictive Risk-Based Vulnerability Management 29:56

4+ y ago29:56

29:56

Today we will be talking to one of our own, Tim Morgan. Tim has had a fascinating journey in the world of security. He started in his teens as an old school hacker. And now owns his own security consulting and research company headquartered right here in Portlandia. For the past three years, Tim has been working on a new, innovated, risk-based vuln…

1
Alex Ivkin - Container Security 13:53

4+ y ago13:53

13:53

OWASP Portland 2019 Training Day Abstract: "When it comes to container security there are two prevailing schools of thought - either containers are secure by default, so you should not care much, or containers can not be secure in principle, so you should avoid them at all costs. In this training you will go through the real world examples of confi…

1
Justin Angra - Intro to Chrome Exploitation 13:40

4+ y ago13:40

13:40

OWASP Portland 2019 Training Day Abstract: Over 3 billion browser devices are actively loading arbitrary data served by someone else. What happens if one of those pages contains maliciously crafted JavaScript? Could they capture your passwords, perform UXSS, or worse - execute local code on your machine? In this session, you will get the opportunit…

1
David Quisenberry & Ben Pirkl - OWASP Top 10 / Juice Shop Hack Session 13:30

4+ y ago13:30

13:30

OWASP Portland 2019 Training Day Abstract: This session is meant for those new to OWASP Top Ten. We will go over the OWASP Top Ten - where it came from, what it’s good for, what are the top ten, etc. And illustrate the concepts in the OWASP Top Ten through another OWASP Flagship Project - The OWASP Juice Shop. This will be a hands on class so every…

1
Patterson Cake - Overcoming Your Greatest InfoSec Adversary: You! 15:04

4+ y ago15:04

15:04

Tips on formulating complete sentences without acronyms, learning to pretend you aren't the smartest person in the room, choosing the right animations for your PowerPoint presentations, and more! Lets be honest, you probably didn't get into info-sec because of your love for public speaking, your mastery of written and verbal communication, or your …

1
Adam Shostack - Threat Modeling 22:56

4+ y ago22:56

22:56

Adam Shostack is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He's a member of the BlackHat Review Board, and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack & Associates, and advises startups, including as a Mach37…

Podcasts Worth a Listen

OWASP PDX Podcasts

Podcasts Worth a Listen

Quick Reference Guide