Application Security Weekly (Video)

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.

Removing Rust, Double Clickjacking, h3i CLI, JWT Mistakes, Reviewing Recursion - ASW #312 01/07/2025

DefectDojo and Bringing Quality Appsec Tools to Small Appsec Teams - Greg Anderson - ASW #312 01/07/2025

Ancient Curl Bug, AWS re:Invent, Malware in NPM, Census III Report, MS OTP - ASW #311 12/16/2024

Applying Usability and Transparency to Security - Hannah Sutor - ASW #311 12/16/2024

AI's Junk Vulns, Web3 Backdoor, LLM CTFs, 5 GenAI Mistakes, Top Ten for LLMs - ASW #310 12/10/2024

Looking Back on 2024 - ASW #310 12/10/2024

Fuzzing Barcodes, Fuzzing with AI, AI vs. Scammers, CWEs, Repo Swatting - ASW #309 12/03/2024

Adding Observability with OpenTelemetry - Adriana Villela - ASW #309 12/03/2024

AI fixes everything, C++ the actual worst, IAM is hard - ASW #308 11/19/2024

Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308 11/19/2024

Typosquatting NPM, vulnerability analysis, and AI challenges - ASW #307 11/12/2024

Modernizing AppSec - Melinda Marks - ASW #307 11/12/2024

Total Recall? LLM finds bug in SQLite, C++ safety failures, zero time for zero privs - ASW #306 11/05/2024

Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306 11/05/2024

Protecting Identity of AI Agents & Standardizing Identity Security for SaaS Apps - Shiven Ramji, Arnab Bose - ASW #305 10/29/2024

Making TLS More Secure, Lessons from IPv6, LLMs Finding Vulns - ASW #305 10/29/2024

JSON Parsing, Email Parsing, CISA's Bad Practices Guide, Abusing Disclosure Policies - ASW #304 10/22/2024

The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 10/22/2024

Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303 10/15/2024

RCE from Iconv + PHP, Fuzzing a Codec, Fuzzing LLMs, Revisiting Recall - ASW #302 10/08/2024

The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 10/08/2024

More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - ASW #301 09/30/2024

Fuzzing for Vulns, GitLab Auth Bypass, JPEG Vulns, Programming Language Ranks - ASW #300 09/24/2024

Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300 09/24/2024

A TLD Takeover, An LLM CTF, A Firmware Flaw, 6 Truths of Cyber Risk - ASW #299 09/17/2024

Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299 09/17/2024

Paying Down Tech Debt, Rust in Firmware, EUCLEAK, Deploying SSO - ASW #298 09/10/2024

Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault 09/02/2024

Apache HTTPD Vulns, Hacking IoT Speakers, Use Cases for WASM, Slack AI Leak - ASW #297 08/27/2024

Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297 08/27/2024