Chris and Matt are two guys who used to perform stand-up and improvisational comedy together until life took them their separate ways. They have since reunited, older and wiser, well, older. Each week they take on two semi-trending stories and discuss them for 15 minutes each, giving out their best takeaways, perspectives, and insightful humor along the way.
…
continue reading
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
In no way affiliated with the Bill Simmons Podcast from the CEO of The Ringer, this weekly (?) show is an irreverent skewering of the previous week's episodes of the BSPod. Knife_guy approved (but he's washed anyway). Support this podcast: https://www.patreon.com/bspodpod
…
continue reading
In which we discuss a town in Germany who have found a creative way to get rid of their pigeon problem as well as Martin Shkreli and his legal trouble with a Wu Tang album. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.co…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
David Quisenberry -- Building Security, People, and Programs
56:54
56:54
Play later
Play later
Lists
Like
Liked
56:54
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut engage in a deep discussion with guest David Quisenberry about various aspects of application security. They cover David's journey into the security world, insights on building AppSec programs in small to mid-sized companies, and the importance of data-driven …
…
continue reading
In which we talk about the controversy surrounding Major League Eating legend Joey Chestnut as well as D.A.N. the perfect man who may be too good to be real. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoye…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People
46:14
46:14
Play later
Play later
Lists
Like
Liked
46:14
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect…
…
continue reading
In which we discuss a woman who got arrested for repeatedly calling 911 and perhaps faking a seizure as well as Alice, the rescued goldfish found on a lawn. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed…
…
continue reading
In which we discuss the method of warfare used by North Korea to torture South Korea as well as an athletic director who exacts his revenge on his principal by using AI. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com I…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
James Berthoty -- Is DAST Dead? And the future of API security
44:56
44:56
Play later
Play later
Lists
Like
Liked
44:56
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security. The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and …
…
continue reading
In which we try to discuss Apple's Top 100 albums of all time as well as the infamous rat hole in Chicago. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed the episode (or didn't) we would love it if you l…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding
42:32
42:32
Play later
Play later
Lists
Like
Liked
42:32
Mark Curphey and Simon Bennetts, join Chris on the podcast to discuss the challenges of funding and sustaining major open source security projects like ZAP. Curphey shares about going fully independent and building a non-profit sustainable model for ZAP. The key is getting companies in the industry, especially companies commercializing ZAP, to prop…
…
continue reading
In which we talk about a lady who tried to use her dead uncle to get a $3400 loan from a bank as well as the first ever AI Beauty Pageant put on by Fanvue. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed …
…
continue reading
Devon Rudnicki, the Chief Information Security Officer at Fitch Group, shares her journey of developing an application security program from scratch and advancing to the CISO role. She emphasizes the importance of collaboration, understanding the organization's business, and using metrics to drive positive change in the security program. Elon Musk …
…
continue reading
In which we talk about perhaps the greatest prank of all time involving pizza as well as a 4 year old boy who was fined $50 for peeing at a park. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed the episod…
…
continue reading
In which we discuss the lawsuit against Mike Tyson for punching a fellow passenger on a plane as well as a social media influencer who claims to be the Chinese Kobe Bryant. A YouTube live recording. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.t…
…
continue reading
In which we talk about a grandmother who was scolded for taking her grandchildren to Epcot as well as a mother who wanted to throw a "fiver" birthday party for her 1 year old. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Dustin Lehr -- Culture Change through Champions and Gamification
45:10
45:10
Play later
Play later
Lists
Like
Liked
45:10
Dustin Lehr, Senior Director of Platform Security/Deputy CISO at Fivetran and Chief Solutions Officer at Katilyst Security, joins Robert and Chris to discuss security champions. Dustin explains the concept of security champions within the developer community, exploring the unique qualities and motivations behind developers becoming security advocat…
…
continue reading
In which we discuss the most clueless Uber rider and the most generous Uber driver as well as a woman who bought the most expensive sandwich at Subway. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed the …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business
38:11
38:11
Play later
Play later
Lists
Like
Liked
38:11
Francesco Cipollone, CEO of Phoenix Security, joins Chris and Robert to discuss security and explain Application Security Posture Management (ASPM). Francesco shares his journey from developer to cybersecurity leader, revealing the origins and importance of ASPM. The discussion covers the distinction between application security and product securit…
…
continue reading
In which we discuss a viral video that claims SNL has never hired a "hot" woman as well as a Filipino villager who has become a local celebrity for his 35th annual crucifixion. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Thing…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Mukund Sarma -- Developer Tools that Solve Security Problems
46:32
46:32
Play later
Play later
Lists
Like
Liked
46:32
Mukund Sarma, the Senior Director for Product Security at Chime, talks with Chris about his career path from being a software engineer to becoming a leader in application security. He explains how he focuses on building security tools that are easy for developers to use and stresses the importance of looking at application security as a part of the…
…
continue reading
In which we discuss a former teacher's OnlyFans account still affecting her career as well as an angry dad who went so far as to involve the police to get his kid out of homework. @twoguystalkingaboutlettuce #twoguystalkingaboutlettuce Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@tw…
…
continue reading
In which we discuss the story of two friends who literally lose their legs to commit fraud as well as an airline nepo baby who can fly anywhere, anytime like a boss. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If yo…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Meghan Jacquot -- Assumed Breach Red Team Engagements for AppSec
40:55
40:55
Play later
Play later
Lists
Like
Liked
40:55
AppSec specialist Megan Jacquot joins Chris and Robert for a compelling conversation about community, career paths, and productive red team exercises. Megan shares her unique cybersecurity origin story, tracing her interest in the field from childhood influences through her tenure as an educator and her formal return to academia to pivot into a tec…
…
continue reading
In which we talk about a a rude guest and a blackmailing host of Airbnb as well as a man who has managed to live in a hotel in Manhattan for the last 5 years for free. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Bill Sempf -- Development, Security, and Teaching the Next Generation
39:44
39:44
Play later
Play later
Lists
Like
Liked
39:44
Robert is joined by Bill Sempf, an application security architect with over 20 years of experience in software development and security. Bill shares his security origins as a curious child immersed in technology, leading to his lifelong dedication to application security. They discuss CodeMash, a developer conference in Ohio, and recount Bill's pre…
…
continue reading
In which we talk about an influencer who deserves a free meal from The Lucky Ramen as well as two men that have a LOT in common on a flight to Thailand. Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed the…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Hendrik Ewerlin -- Threat Modeling of Threat Modeling
33:50
33:50
Play later
Play later
Lists
Like
Liked
33:50
Robert and Chris talk with Hendrik Ewerlin, a threat modeling advocate and trainer. Hendrik believes you can threat model anything, and he recently applied threat modeling to the process of threat modeling itself. His conclusions are published in the document Threat Modeling of Threat Modeling, where he aims to help practitioners, in his own words,…
…
continue reading
In which we talk about a Willy Wonka experience that did not quite live up to expectations as well as Tesla ordering a whole bunch of pies. @thegivingpies Send us a Text Message. Follow Two Guys Two Things on other social platforms: YouTube: https://www.youtube.com/@twoguystwothings Twitter: https://www.twitter.com/2Guys2Things.com If you enjoyed t…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Jason Nelson -- Three Pillars of Threat Modeling Success: Consistency, Repeatability, and Efficacy
53:52
53:52
Play later
Play later
Lists
Like
Liked
53:52
Jason Nelson, an accomplished expert in information security management, joins Chris to share insights on establishing successful threat modeling programs in data-intensive industries like finance and healthcare. Jason presents his three main pillars to consider when establishing a threat modeling program: consistency, repeatability, and efficacy. …
…
continue reading