New THE RAP SHOW AKA RED ANCHOR PROPERTIES: Host Romeo Santos and Kenny Fulton talk shop about the Real Estate Industry and break down the basics
…
continue reading
TWITTER/INSTAGRAM - @DJTINONYC iRec/iMix/iMaster
…
continue reading
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
Prosoundz DJ's LLC.
…
continue reading
1
Steve Wilson -- The Developer's Playbook for Large Language Model Security: Building Secure AI Applications
36:32
36:32
Play later
Play later
Lists
Like
Liked
36:32
Join hosts Chris Romeo and Robert Hurlbut on the Application Security Podcast as they welcome back Steve Wilson, author of 'The Developer's Playbook for Large Language Model Security.' In this episode, they dive into critical topics such as AI hallucinations, trust, and the future of AI. Steve shares insights from his book, discusses the biggest fe…
…
continue reading
1
Jeff Williams -- Application Detection & Response (ADR)
51:28
51:28
Play later
Play later
Lists
Like
Liked
51:28
Join us in this week’s episode of the Application Security Podcast where we sit down with Jeff Williams, a renowned pioneer in the field of application security. Jeff discusses ADR (Application Detection and Response), detailing its potential to revolutionize security in production environments. Listen as he shares stories from his career, includin…
…
continue reading
1
Phillip Wylie -- Pen Testing from Somebody who Knows about Pen Testing
52:08
52:08
Play later
Play later
Lists
Like
Liked
52:08
Join Robert and Chris Romeo as they dive into the world of pen testing with their guest Philip Wiley. In this episode, Philip shares his unique journey from professional wrestling to being a renowned pen tester. Hear some great stories from his wrestling days, in-depth discussions on application security, and good advice on starting a career in cyb…
…
continue reading
1
Steve Springett -- Software and System Transparency
48:13
48:13
Play later
Play later
Lists
Like
Liked
48:13
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome back Steve Springett, an expert in secure software development and a key figure in several OWASP projects. Steve unpacks CycloneDX and the value proposition of various BOMs. He gives us a rundown of the BOM landscape and unveils some new BOM projects t…
…
continue reading
1
Irfaan Santoe -- The Power of Strategy in AppSec
40:14
40:14
Play later
Play later
Lists
Like
Liked
40:14
Join Irfaan Santoe and hosts Chris Romeo and Robert Hurlbut for an in-depth discussion on the maturity and strategy of Application Security programs. They delve into measuring AppSec maturity, return on investment, and communicating technical needs to business leaders. Irfaan shares his unique journey from consulting to becoming an AppSec professio…
…
continue reading
1
Andrew Van Der Stock -- The New OWASP Top Ten
51:51
51:51
Play later
Play later
Lists
Like
Liked
51:51
Join Chris Romeo and Robert Hurlbut as they sit down with Andrew Van Der Stok, a leading web application security specialist and executive director at OWASP. In this episode, Andrew discusses the latest with the OWASP Top 10 Project, the importance of data collection, and the need for developer engagement. Learn about the methodology behind buildin…
…
continue reading
1
Derek Fisher -- Hiring in Cyber/AppSec
1:01:45
1:01:45
Play later
Play later
Lists
Like
Liked
1:01:45
In this episode of the Application Security Podcast, Chris Romeo and Robert Hurlbut welcome back Derek Fisher, an expert in hardware, software, and cybersecurity with over 25 years of experience. Derek shares his advice on cybersecurity hiring, specifically in application security, and dives into the challenges of entry-level roles in the industry.…
…
continue reading
Join us for a conversation with Tanya Janka, also known as SheHacksPurple, as she discusses secure guardrails, the difference between guardrails and paved roads, and how to implement both in application security. Tanya, an award-winning public speaker and head of education at SEMGREP, shares her insights on creating secure software and teaching dev…
…
continue reading
1
Jahanzeb Farooq -- Launching and executing an AppSec program
49:44
49:44
Play later
Play later
Lists
Like
Liked
49:44
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut are joined by Jahanzeb Farooq to discuss his journey in cybersecurity and the challenges of building AppSec programs from scratch. Jahanzeb shares his experience working in various industries, including Siemens, Novo Nordisk, and Danske Bank, highlighting the …
…
continue reading
1
David Quisenberry -- Building Security, People, and Programs
56:54
56:54
Play later
Play later
Lists
Like
Liked
56:54
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut engage in a deep discussion with guest David Quisenberry about various aspects of application security. They cover David's journey into the security world, insights on building AppSec programs in small to mid-sized companies, and the importance of data-driven …
…
continue reading
1
Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People
46:14
46:14
Play later
Play later
Lists
Like
Liked
46:14
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect…
…
continue reading
1
James Berthoty -- Is DAST Dead? And the future of API security
44:56
44:56
Play later
Play later
Lists
Like
Liked
44:56
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security. The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and …
…
continue reading
1
Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding
42:32
42:32
Play later
Play later
Lists
Like
Liked
42:32
Mark Curphey and Simon Bennetts, join Chris on the podcast to discuss the challenges of funding and sustaining major open source security projects like ZAP. Curphey shares about going fully independent and building a non-profit sustainable model for ZAP. The key is getting companies in the industry, especially companies commercializing ZAP, to prop…
…
continue reading
Devon Rudnicki, the Chief Information Security Officer at Fitch Group, shares her journey of developing an application security program from scratch and advancing to the CISO role. She emphasizes the importance of collaboration, understanding the organization's business, and using metrics to drive positive change in the security program. Elon Musk …
…
continue reading
1
Dustin Lehr -- Culture Change through Champions and Gamification
45:10
45:10
Play later
Play later
Lists
Like
Liked
45:10
Dustin Lehr, Senior Director of Platform Security/Deputy CISO at Fivetran and Chief Solutions Officer at Katilyst Security, joins Robert and Chris to discuss security champions. Dustin explains the concept of security champions within the developer community, exploring the unique qualities and motivations behind developers becoming security advocat…
…
continue reading
1
Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business
38:11
38:11
Play later
Play later
Lists
Like
Liked
38:11
Francesco Cipollone, CEO of Phoenix Security, joins Chris and Robert to discuss security and explain Application Security Posture Management (ASPM). Francesco shares his journey from developer to cybersecurity leader, revealing the origins and importance of ASPM. The discussion covers the distinction between application security and product securit…
…
continue reading
1
Mukund Sarma -- Developer Tools that Solve Security Problems
46:32
46:32
Play later
Play later
Lists
Like
Liked
46:32
Mukund Sarma, the Senior Director for Product Security at Chime, talks with Chris about his career path from being a software engineer to becoming a leader in application security. He explains how he focuses on building security tools that are easy for developers to use and stresses the importance of looking at application security as a part of the…
…
continue reading