Application Security Weekly Episode Index

Episode Number Air Date Title Topics Guests Status
178 December 20 2021
  1. Let’s Talk About It! – 12:30 PM-01:00 PM
  2. Application News – 01:00 PM-01:30 PM

Dan Guido

Coming Soon

177 December 13 2021
  1. TBD – 12:30 PM-01:00 PM
  2. Application News – 01:00 PM-01:30 PM

No Guest Info

Coming Soon

176 November 29 2021 Cyber Monday – ASW #176
  1. Solving Systemic Risk in Software Development – 12:30 PM-01:00 PM
  2. Bug Bounties in Windows/WebKit, Edge Hardening, OAuth Hardening, & GoDaddy Breach – 01:00 PM-01:30 PM

Chris Wysopal

Published

175 November 22 2021 Max Headroom – ASW #175
  1. wasmCloud – Distributed Computing With WebAssembly – 12:30 PM-01:00 PM
  2. CVEs 4 CSPs, Malicious PyPi, Bounty Programs, Shared Responsibility, & Breach Costs – 01:00 PM-01:30 PM

Liam Randall

Published

174 November 15 2021 Eyes Open – ASW #174
  1. Mobile Application Security – 12:30 PM-01:00 PM
  2. PAN-OS Vuln, ChaosDB, Fuzzing BusyBox, Refactoring in Rust, HTML Smuggling – 01:00 PM-01:30 PM

Ryan Lloyd

Published

173 November 08 2021 Schools of Magic – ASW #173
  1. A Standardized Approach to SBOM – 12:30 PM-01:00 PM
  2. Linux Kernel TIPC RCE, NPM Malware, OTP 2FA Bots, & Security Labels – 01:00 PM-01:30 PM

Dan McKinney

Published

172 November 01 2021 Actual Secrets – ASW #172
  1. Untangling API Security in 2022 – 12:30 PM-01:00 PM
  2. Discourse RCE, Trojan Source, WhatsApp Security, & Privacy Engineering – 01:00 PM-01:30 PM

Peter Klimek

Published

171 October 25 2021 Horror Stories – ASW #171
  1. Security Champions in an Online First World – 12:30 PM-01:00 PM
  2. UAParser.js Malware in NPM, Squirrel Sandbox Escape, Securing CI/CD, & AppSec Videos – 01:00 PM-01:30 PM

Ashish Rajan

Published

170 October 18 2021 Highly Technical – ASW #170
  1. Dev(Sec)Ops Scanning Challenges & Tips – 12:30 PM-01:00 PM
  2. View Source, Bindiff for Vuln Analysis, Bypass with GitHub Actions, & NIST DevSecOps – 01:00 PM-01:30 PM

Nuno Loureiro

Tiago Mendo

Published

169 October 11 2021 Halloween Horror – ASW #169
  1. Modernizing the Management of Your Software Supply Chain – 12:30 PM-01:00 PM
  2. Twitch Breach, HTTPd Path Traversal, Disabling Macros, & Great Cybersecurity Programs – 01:00 PM-01:30 PM

Tom Gibson

Published

168 October 04 2021 Opposite Direction – ASW #168
  1. The Power of Developer-First Security – 12:30 PM-01:00 PM
  2. Prototype Pollution, Funding Open Source Security, Expiring Root CA, Mariana Trench – 01:00 PM-01:30 PM

Hillary Benson

Published

167 September 27 2021 Skills & Knowledge – ASW #167
  1. AppSec Orchestration/Correlation & DevSecOps Efficiency – 12:30 PM-01:00 PM
  2. Exchange’s Great Leak, RCE in VMware, IoT Bug in MQTT, & Chrome’s Memory Safety Nets – 01:00 PM-01:30 PM

Anita D’Amico

Patrick Carey

Published

166 September 20 2021 Don’t Hate the Player, Hate the Game – ASW #166
  1. Transforming Modern Software Development with Developer-First AppSec – 12:30 PM-01:00 PM
  2. OMIGOD, FORCEDENTRY, Code Ownership, Security as a Product, & IoT Device Criteria – 01:00 PM-01:30 PM

Jeff Williams

Published

165 September 13 2021 Drive – ASW #165
  1. Findings From the 2021 AppSec Shift Left Progress Report – 12:30 PM-01:00 PM
  2. OWASP Top 10, CISA Bad Practices, Azurescape, Confluence RCE, & API Security Tokens – 01:00 PM-01:30 PM

Manish Gupta

Published

164 August 30 2021 Magical Forest – ASW #164
  1. A DevOps Perspective on Risk Tolerance & Risk Transfer – 12:30 PM-01:00 PM
  2. ChaosDB, OpenSSL String Bugs, Revealing Locations, & More Top 15 Vulns – 01:00 PM-01:30 PM

Caroline Wong

Published

163 August 23 2021 Strange New Clouds – ASW #163
  1. Challenges in Open Source Application Security – 12:30 PM-01:00 PM
  2. BlackBerry’s BadAlloc, Glibc’s NULL, Backtick Command Injection, & ProxyLogon Details – 01:00 PM-01:30 PM

Shubhra Kar

Published

162 August 16 2021
  1. DevSecOps – Making It Real – 12:30 PM-01:00 PM
  2. Cracked Concatenation, Injection Against DNS, Allstar GitHub, & DEF CON Highlights – 01:00 PM-01:30 PM

Mike Rothman

Published

161 August 09 2021
  1. Securing Modern Web Apps: Development Techniques are Changing – 12:30 PM-01:00 PM
  2. Router Auth Bypass, Weak IoT RNG, HTTP/2 Request Smuggling, & Kindle Fuzzing – 01:00 PM-01:30 PM

Tom Hudson

Published

160 August 02 2021
  1. Platform Firmware Security – 12:30 PM-01:00 PM
  2. PunkSpider, Bug Bounties, RCE in PyPI, Kernel Pwning With eBPF, & Top Vulns From CISA – 01:00 PM-01:30 PM

Magggie Jauregui

Published

159 July 26 2021
  1. Navigating the Seas of Security in Serverless Functions – 12:30 PM-01:00 PM
  2. CWE Top 25, Bugs in Inconstancies, Sequoia Vuln, Twitter Transparency, & Cloud Risks – 01:00 PM-01:30 PM

Peter Klimek

Published

158 July 19 2021 Fall On Our Sword – ASW #158
  1. The Role of Open Source in DevSecOps – 12:30 PM-01:00 PM
  2. Code Comments, Decision Trees, Windows Hello, Telegram Analysis, & Cloud Risks – 01:00 PM-01:30 PM

David DeSanto

Published

157 July 12 2021 Drink Our Own Champagne – ASW #157
  1. Password Mismanager, Trusted Types vs. DOM XSS, PrintNightmare, & Fault Injections – 12:30 PM-01:00 PM
  2. Web App and API Security Needs to Be Modernized: Here’s How – 01:00 PM-01:30 PM

Sean Leach

Published

156 June 28 2021 Everything Looks Crazy – ASW #156
  1. Scaling Your Application Security Program – 12:30 PM-01:00 PM
  2. Semgrep, Microsoft Signs With Rootkits, ATT&CK/D3FEND, & Injured Android – 01:00 PM-01:30 PM

Clint Gibler

Published

155 June 21 2021 Crawling Like a Human – ASW #155
  1. Challenges of DAST Scanners / Adoption by Developers – 12:30 PM-01:00 PM
  2. Supply Chain Integrity, Format Strings, Systemd Bug, Instagram Bounty, & Refactoring – 01:00 PM-01:30 PM

Nuno Loureiro

Tiago Mendo

Published

154 June 14 2021 Dead Simple – ASW #154
  1. OWASP SAMM – Software Assurance Maturity Model – 12:30 PM-01:00 PM
  2. ALPACA, EA Breach, sprintf Lives, Go Fuzzing, K8s Goat, & OT Basics – 01:00 PM-01:30 PM

Sebastian Deleersnyder

Published

153 June 07 2021 Something’s Out There – ASW #153
  1. API Security: Understanding Threats to Better Protect Your Organization – 12:30 PM-01:00 PM
  2. HTTP Goes QUIC, Security & Humans, Amazon Sidewalk Privacy, & Product Abuse – 01:00 PM-01:30 PM

Daniel Hampton

Published

152 May 24 2021 Everybody’s Looking For Something – ASW #152
  1. Bringing AppSec to a Modern CI Pipeline – 12:30 PM-01:00 PM
  2. IIS Bug, Browsers & Androids & Supply Chains Oh My! – 01:00 PM-01:30 PM

Manish Gupta

Published

151 May 17 2021 Hot Potato – ASW #151
  1. Third Party Software Risk on the Web – 07:00 PM-07:30 PM
  2. CNCF Supply Chain, Frag Attacks, Securing Webhooks, & Complexity vs. Security – 07:30 PM-08:00 PM

Aanand Krishnan

Published

150 May 10 2021 Talking Heads – ASW #150
  1. Delivering On the Promise of Application Security – 12:30 PM-01:00 PM
  2. AirTags & Threat Models, Qualcomm Modem Vuln, Exim RCE(s), & Binary Hardening – 01:00 PM-01:30 PM

Ankur Shah

Published

149 May 03 2021 Alert Your Star Destroyers – ASW #149
  1. Why Developers Need to Think Differently About Software Security – 12:30 PM-01:00 PM
  2. BadAlloc Vulns, Gatekeeper Bypass, & More Spectre in Micro-Op Caches – 01:00 PM-01:30 PM

Rey Bango

Published

148 April 26 2021 Minimum Safe Distance – ASW #148
  1. Deceptive Diffs From Subversive Submitters – 12:30 PM-01:00 PM
  2. Signal Aesthetics, AirDrop Privacy, Safety vs. Security, & Data Ordering Attacks – 01:00 PM-01:30 PM

No Guest Info

Published

147 April 19 2021 That Will Bite Ya – ASW #147
  1. Supply Chain Management – 12:30 PM-01:00 PM
  2. Rust in Android, Vuln Disclosure, Postmortems, & BootHole Follow-Up – 01:00 PM-01:30 PM

Doug Barbin

Published

146 April 05 2021 Contortions – ASW #146
  1. Shifting Right: What Security Engineers Can Learn From DevSecOps – 12:30 PM-01:00 PM
  2. Malicious PHP Commits, OAuth Attacks & XML Injection, & Zines For DevSecOps – 01:00 PM-01:30 PM

Leif Dreizler

Published

145 March 29 2021 Grab A Sword – ASW #145
  1. OWASP Top 10 of 2021 – 12:30 PM-01:00 PM
  2. TikTok Analysis, Patching Patches, CI/CD Integrity, Faster Fuzzing, & Slack Safety – 01:00 PM-01:30 PM

Andrew van der Stock

Published

144 March 22 2021 The Cure – ASW #144
  1. Approaching AppSec Like a Hacker – 12:30 PM-01:00 PM
  2. Supply Chains in Azure SDK/Xcode, GitHub Sessions, & GCP VRP – 01:00 PM-01:30 PM

Johanna Ydergard

Roberto Giachetta

Published

143 March 15 2021 Always Interesting – ASW #143
  1. Cloud Native Security Platforms – 12:30 PM-01:00 PM
  2. Unauth’d RCE, “Regexploits”, Post-Spectre Web, & SigStore Signing – 01:00 PM-01:30 PM

John Morello

Published

142 March 08 2021 Check Your Alibis – ASW #142
  1. Privacy, Data Security & Compliance – 12:30 PM-01:00 PM
  2. Security Engineering, Evil Packages, Exchange SSRF, & Observability – 01:00 PM-01:30 PM

Cynthia Burke

Published

141 March 01 2021 New Wave Post Punk Security Hour – ASW #141
  1. Hackable; How to do Application Security Right – 12:30 PM-01:00 PM
  2. JSON, OpenSSL, Educational Resources, & Flaws in CodeQL – 01:00 PM-01:30 PM

Ted Harrington

Published

140 February 22 2021 Goose Egg – ASW #140
  1. Targeting, Exploiting, & Defending Linux – 12:30 PM-01:00 PM
  2. Dependency Confusion, Suspender Falls, Web Shells, & AppSec Scale – 01:00 PM-01:30 PM

Brandon Edwards

Published

139 February 08 2021 Total Recall – ASW #139
  1. Being a Serial Entrepreneur, Business Leader, & Hacker – 12:30 PM-01:00 PM
  2. BBPLR, API Security Trends, Memory Unsafety, & Patching 0-Days – 01:00 PM-01:30 PM

Alissa Knight

Published

138 February 01 2021 The Sound of Silence – ASW #138
  1. Groundhog Day – It’s Time to Reset the Script on Vulnerabilities – 12:30 PM-01:00 PM
  2. Sudo Vuln, Libgcrypt, BlastDoor on iMessage, & AWS Lambda security – 01:00 PM-01:30 PM

John Delaroderie

Published

137 January 25 2021 A Tree of Woe – ASW #137
  1. Reading Industry Analyst Tea Leaves To Predict The Future – 12:30 PM-01:00 PM
  2. KindleDrip, State of Messaging State Machines, DoH, & Data Security Strategies – 01:00 PM-01:30 PM

Taylor McCaslin

Published

136 January 11 2021 Breaking John – ASW #136
  1. Fuzz Testing – 12:30 PM-01:00 PM
  2. Google 2FA Cloning, Speed vs. Security, & “Hack The Army” Bug Bounty 3.0 – 01:00 PM-01:30 PM

Andrei Serban

Published

135 January 04 2021 Pokémon & Synthwave & Hair & Hats – ASW #135
  1. Security By Design – 12:30 PM-01:00 PM
  2. Kubernetes Clusters, Microsoft Solarigate, & Apple’s Security DIY – 01:00 PM-01:30 PM

No Guest Info

Published

134 December 14 2020 Dark & Scary – ASW #134
  1. Freedom From Computing Environments – 12:30 PM-01:00 PM
  2. Atheris Python Fuzzer, Bronze Bit Attack, & FireEye Highlights – 01:00 PM-01:30 PM

Ev Kontsevoy

Published

133 December 07 2020 A Cesspool of Images – ASW #133
  1. Security Web Applications Against Modern Threats – 12:30 PM-01:00 PM
  2. Google Play Bug, GitHub, iPhone Radio Reboots, & Docker Hub Vulns – 01:00 PM-01:30 PM

John Delaroderie

Mike Manrod

Published

132 November 30 2020 Talking Cookies – ASW #132
  1. Security Decisions During Application Development – 12:30 PM-01:00 PM
  2. Top CyberSec Skills for 2021, Xbox Gamertag Bug, & MobileIron RCE Flaw – 01:00 PM-01:30 PM

Tim Mackey

Published

131 November 23 2020 Thunderdome Technique – ASW #131
  1. Threat Modeling Deep Dive – 12:30 PM-01:00 PM
  2. Drupal Flaws, DevSecOps Implementation, & Cloud Native Security White Paper – 01:00 PM-01:30 PM

No Guest Info

Published

130 November 16 2020 Black Friday – ASW #130
  1. Automated Hacker Knowledge – 12:30 PM-01:00 PM
  2. ‘Platypus’ Attack, IDOR DOD Bug, & 2 More Chrome 0-Days – 01:00 PM-01:30 PM

Rickard Carlsson

Published

129 November 09 2020 Snowy Clouds – ASW #129
  1. China’s Top Hacking Contest, GitHub Actions, & Vulnonym – 12:30 PM-01:00 PM
  2. Security Is a Feature – 01:00 PM-01:30 PM

Keith Hoodlet

Published

128 November 02 2020 Exploding Decompression – ASW #128
  1. Azure App Service & Cloud-Native Signal Sciences Deployments – 12:30 PM-01:00 PM
  2. Lax IoT, Adobe Flash Croaks, Link Preview Vulns, & Security Theatre! – 01:00 PM-01:30 PM

Alfred Chung

Published

127 October 26 2020 The Spookiest Month – ASW #127
  1. Cyber Resiliency Through Self-Healing Cloud Infrastructure – 12:30 PM-01:00 PM
  2. Nvidia GeForce Experience Flaws, Firefox ‘Site Isolation’, & Chrome 0-Day Bug – 01:00 PM-01:30 PM

Cesar Rodriguez

Published

126 October 19 2020 Way Over My Head – ASW #126
  1. The Future of Application Security Testing (AST) – 12:30 PM-01:00 PM
  2. Windows “Ping of Death”, SonicWall VPN RCE , & MediaTek BootROM Glitch – 01:00 PM-01:30 PM

Taylor McCaslin

Published

125 October 12 2020 Still Raging – ASW #125
  1. Application Security Best Practices – 12:30 PM-01:00 PM
  2. Fortinet SIEM RCE, Facebook Bug Bounty, & Anti-Virus Vulnerabilities – 01:00 PM-01:30 PM

James Manico

Published

124 October 05 2020 The Laughing Isn’t Helping – ASW #124
  1. Things Every Developer Should Know About Security – 12:30 PM-01:00 PM
  2. DOMOS 5.8 OS Command Injection, API Shield, & TRB245 Vulnerabilities – 01:00 PM-01:30 PM

Chris Romeo

Published

123 September 28 2020 Hot Off the Press – ASW #123
  1. The Difference Between Finding Vulns & Securing Apps – 12:30 PM-01:00 PM
  2. Bypassing TikTok’s MFA, Instragram RCE, & Chrome Security Updates – 01:00 PM-01:30 PM

No Guest Info

Published

122 September 21 2020 One Love, One Fuzz – ASW #122
  1. Visualizing & Detecting Threats For Your Custom Application – 12:30 PM-01:00 PM
  2. Project OneFuzz, Bluetooth Spoofing Bug, & Safeguarding Secrets – 01:00 PM-01:30 PM

Justin Massey

Published

121 September 14 2020 The Wire Stripper – ASW #121
  1. The People & Process of DevOps – 12:30 PM-01:00 PM
  2. RCE via BACKBLAZE, Microsoft Patch Tuesday, & CRYLOGGER – 01:00 PM-01:30 PM

Frank Catucci

Published

120 August 31 2020 Little Bit Too High – ASW #120
  1. Detecting Threats & Avoiding Misconfigs In The Cloud-Age – 12:30 PM-01:00 PM
  2. GitHub to Ruby 2.7, CISO Success, & Lessons From Uber – 01:00 PM-01:30 PM

Marc Tremsal

Published

119 August 24 2020 Heavy Pressure – ASW #119
  1. DevOps-First Application Security For Mid-Markets – 12:30 PM-01:00 PM
  2. ATM Attacks, gcploit, & ClusterFuzz – 01:00 PM-01:30 PM

Sundar Krish

Published

118 August 17 2020 Positive Drift – ASW #118
  1. Immutable Security For Immutable Infrastructure – 12:30 PM-01:00 PM
  2. AWS S3 Crypto SDK, ReVoLTE Attack, & Microsoft Bug Bounties – 01:00 PM-01:30 PM

Cesar Rodriguez

Published

117 August 03 2020 Maximum Isolation – ASW #117
  1. SWVHSC: How Does Sec Live In A DevOps World? – 07:00 PM-07:30 PM
  2. SWVHSC: Amazon GuardDuty, Sandboxing & Workload Isolation, & No More SHA-1 – 07:30 PM-08:00 PM

Mike Rothman

Published

116 July 27 2020 It Makes No Sense – ASW #116
  1. Fixing Vulnerabilities Effectively & Efficiently – 12:30 PM-01:00 PM
  2. TaskRouter JS SDK, EL1/EL3 Vulnerability, & 234 Alexa Skills Store Violations – 01:00 PM-01:30 PM

John Matherly

Published

115 July 20 2020 Back in the 90’s – ASW #115
  1. Cloud Security Posture Management & Governance – 12:30 PM-01:00 PM
  2. SIGRed RCE, Google Cloud ‘Confidential VMs’, & Twitter Hack Crypto Scam – 01:00 PM-01:30 PM

Bhasker Nallapothula

Kris Rajana

Published

114 July 13 2020 Absolutely Useless – ASW #114
  1. DevSecOps – 12:30 PM-01:00 PM
  2. Top Bug Bounty Rankings, Zoom 0-Day, & Firefox Send Malware – 01:00 PM-01:30 PM

Judy Ngure

Published

113 July 06 2020 Crunchy Crunchy! – ASW #113
  1. Protecting Mobile Applications – 12:30 PM-01:00 PM
  2. Guacamole RCE, PAN-OS Flaw, & A Culture of Resilience – 01:00 PM-01:30 PM

Catherine Chambers

Will Hickie

Published

112 June 29 2020 Completely Forgotten – ASW #112
  1. Using IaC to Establish & Analyze Secure Environments – 12:30 PM-01:00 PM
  2. DLL Hijacking, Trust Through Privacy, & Adobe EOL Data – 01:00 PM-01:30 PM

Cesar Rodriguez

Published

111 June 15 2020 The Boy Who Cried Wolf – ASW #111
  1. Data Mapping & Data Value Journey – 12:30 PM-01:00 PM
  2. CallStranger, SMBleedingGhost, & Misconfigured Kubeflow – 01:00 PM-01:30 PM

Michelle Dennedy

Published

110 June 08 2020 Full of Ideas – ASW #110
  1. The Future State of AppSec – 12:30 PM-01:00 PM
  2. Zoom Vulns, Apple 0-Days, & Abandoned Domains – 01:00 PM-01:30 PM

Phillip Maddux

Published

109 June 01 2020 Prohibitively Expensive – ASW #109
  1. How to Prevent Account Takeover Attacks – 12:30 PM-01:00 PM
  2. Apps Are the New Endpoint – 01:00 PM-01:30 PM

Catherine Chambers

John Chirhart

Published

108 May 18 2020 Shake My Head – ASW #108
  1. Using Rate Limiting to Protect Web Apps and APIs – 12:30 PM-01:00 PM
  2. Highlights From the New Open Source Security and Risk Analysis Report – 01:00 PM-01:30 PM

Tim Mackey

Jack Zarris

Published

107 May 11 2020 A Perfect Ten – ASW #107
  1. How Can Security Work TOGETHER, Not Against, Developers – 12:30 PM-01:00 PM
  2. Samsung RCE 0-Click, Whispers, & Compromising Pluton – 01:00 PM-01:30 PM

Joe Garcia

Published

106 May 04 2020 Swiss Cheese – ASW #106
  1. Modern Application Security & Container Security – 12:30 PM-01:00 PM
  2. Psychic Paper, Salt RCE, & Love Bugs – 01:00 PM-01:30 PM

Gareth Rushgrove

Published

105 April 27 2020 Blinky Lights – ASW #105
  1. Nintendo Breach, NSA Advisory, & Security of IoMT
  2. Threat Modeling in AppSec

Avi Douglen

Published

104 April 20 2020 Crabby Code – ASW #104
  1. Building an AppSec Ecosystem
  2. Malicious Ruby Gems & JSON Web Token Bypass

Rebecca Deck

Published

103 April 13 2020 Some Good Meatiness – ASW #103
  1. Making Kubernetes a Hostile Place for Attackers
  2. Zooming Alex Stamos & Building Security TestOps

Brad Geesaman

Published

102 April 06 2020 The Sky Is Falling – ASW #102
  1. You’re (probably) Doing AppSec Wrong
  2. Zoom Flaws, ‘Zombie’ win32k Bug, & Inputscope

Grant Ongers

Published

101 March 23 2020 Syncing of the Minds – ASW #101
  1. Singularity: A Different Take on Container Security
  2. The Benefits of SAST and SCA in Your IDE – Utsav Sanghani

Adam Hughes

Utsav Sanghani

Published

100 March 16 2020 100 Years – ASW #100
  1. Bottlerocket, Supply Chain Casualty, DevOps Sweet Spot
  2. DevSecOps / Scaling Security

No Guest Info

Published

99 March 09 2020 Party Like It’s 99 – ASW #99
  1. CISOs, CVE, DevOps, Gandalf
  2. Guy Podjarny, Snyk

Guy Podjarny

Published

98 March 02 2020 Fabric of Confidence – ASW #98
  1. Ghsotcat, Apache, NeTworks, Starliner
  2. InfoSec World Workshop: DevSecOps and Cultural Transformation

Dan Petit

Published

97 February 24 2020 Really Windy – ASW #97
  1. Application News – RSA Conference News and Activities
  2. Chris Eng Interview – What’s New with Veracode

Chris Eng

Published

96 February 17 2020 Over the Edge – ASW #96
  1. Lessons Learned From The DevSecOps Trenches
  2. SweynTooth, OWASP, CRXcavator, DevSecOps

Doug DePerry

Published

95 February 10 2020 The Toothbrush of Trust – ASW #95
  1. Mitigating at Design Time
  2. WhatsApp Flaw, Dropbox Bug Bounty Program, Investigating Web Shell Attacks

Shaun Lamb

Published

94 February 03 2020 Totally Thrilled – ASW #94
  1. Scaling an AppSec Program
  2. Xbox Bounty Program, Magento Patch, RCE in OpenSMTPD

No Guest Info

Published

93 January 27 2020 Running Out of Fingers – ASW #93
  1. Dynamically Protecting Mobile Applications With RASP
  2. Pwn2Own In Miami, Cloud Vuln., Deconstructing Web Cache Deception Attacks

John Butler

Published

92 January 20 2020 Warm & Fuzzy – ASW #92
  1. Crypto Bugs, IoT Planes and Application Inspectors, Oh My!
  2. Protecting Data in Apps and Protecting Apps from Data

No Guest Info

Published

91 January 13 2020 Carrot in the Cliff – ASW #91
  1. Application News
  2. The Evolution of DevSecOps and AppSec Trends in 2020

Hillel Solow

Published

90 January 06 2020 Learn & Improve – ASW #90
  1. Application News
  2. Privacy by Design

No Guest Info

Published

89 December 16 2019 Backup & Restore – ASW #89
  1. API Security
  2. Binary Planting, GitLab, and DevOps Pipelines

Dave Ferguson

Dave Ferguson

Published

88 December 09 2019 Dad Jokes – ASW #88
  1. Software Bill of Materials (SBOM)
  2. The World Runs On Open-Source, But Who’s Paying For Gas?

Allan Friedman

Published

87 December 02 2019 Low Hanging Fruit – ASW #87
  1. Bot Management
  2. Facebook, Twitter, & Firefox

Sandy Carielli

Published

86 November 25 2019 Snarky Ways – ASW #86
  1. Application News
  2. Development Decisions Affect The Security Of Any Application

Tim Mackey

Published

85 November 18 2019 Notoriously Targeted – ASW #85
  1. Mirantis’ Docker, CISOs, & End of Life Dates
  2. Sysdig Secure 3.0

Pawan Shankar

Published

84 November 12 2019 Destroying Your Tree – ASW #84
  1. Application News
  2. Security Testing

No Guest Info

Published

83 November 04 2019 Disrupting the Office – ASW #83
  1. Application News
  2. Teaching Security In Software Development

Daniel Lowrie

Justin Dennison

Published

82 October 28 2019 The Scary World – ASW #82
  1. Application News
  2. Bug Bounties, Pentesting, & Scanners

No Guest Info

Published

81 October 21 2019 Exceedingly Happy – ASW #81
  1. Application News
  2. Doug Coburn, Signal Sciences

Doug Coburn

Published

80 October 14 2019 Spaghetti Code – ASW #80
  1. Application News
  2. Francois Lascelles, Ping Identity –
  3. Francois Lascelles, Ping Identity – ASW #80

Francois Lascelles

Published

79 October 07 2019 A Sea of Orange – ASW #79
  1. Application News
  2. Cloud Security for Small Teams

No Guest Info

Published

78 September 30 2019 The Notorious Bucket – ASW #78
  1. Application News
  2. Information Disclosure Vulnerabilities

Ryan Kelso

Published

77 September 23 2019 Something Should Exist – ASW #77
  1. Application News
  2. Training For Developers
  3. Training For Developers – Nicolas Valc\u00e1rcel – ASW #77

Nicolas Valcárcel

Published

76 September 16 2019 Pick Your Example – ASW #76
  1. Bugs, Breaches, & More
  2. OWASP Application Security Verification Standard – ASW #76
  3. OWASP Application Security Verification Standard

Jay Durga

Published

75 September 09 2019 The Man With A Plan – ASW #75
  1. Bugs, Breaches, & More
  2. Tools in the DevOps Pipeline: Ty Sbano, Sisense – ASW #75
  3. Tools in the DevOps Pipeline: Ty Sbano, Sisense

Ty Sbano

Published

74 August 26 2019 Still Alive – ASW #74
  1. Black Hat Interviews – WhiteSource and Venafi
  2. Container Security With Sysdig Secure 2.4

Pawan Shankar

Published

73 August 19 2019 The Dark Data – ASW #73
  1. Ping Identity, Cequence, & NowSecure
  2. Bugs, Breaches, and More!

No Guest Info

Published

72 August 12 2019 Highly Distributed – ASW #72
  1. Application News
  2. Hacker Summer Camp Round-UP

No Guest Info

Published

71 July 29 2019 Off Guard – Application Security Weekly #71
  1. Application News
  2. Container Security

Murray Goldschmidt

Published

70 July 22 2019 Help Us! – Application Security Weekly #70
  1. News
  2. Secure App Deployment With Unikernels

No Guest Info

Published

69 July 15 2019 Paving the Road – Application Security Weekly #69
  1. News
  2. Securing Multi-Cloud Environments

No Guest Info

Published

68 July 08 2019 Wise Words – Application Security Weekly #68
  1. News
  2. Cloud Native

No Guest Info

Published

67 July 01 2019 Everybody Learns Differently – Application Security Weekly #67
  1. Application News
  2. Security Training for Devs

No Guest Info

Published

66 June 24 2019 Breaking Down the Walls – Application Security Weekly #66
  1. API Security
  2. Application News

No Guest Info

Published

65 June 17 2019 Buzzword Bingo – Application Security Weekly #65
  1. News
  2. Interview

No Guest Info

Published

64 June 10 2019 Everyone Looks Smart – Application Security Weekly #64
  1. DevSecOps and Securing Software Supply Chains
  2. News

No Guest Info

Published

63 June 03 2019 Rainbows – Application Security Weekly #63
  1. News
  2. Topic

No Guest Info

Published

62 May 20 2019 Third Degree Sunburns – Application Security Weekly #62
  1. News
  2. Interview

No Guest Info

Published

61 May 13 2019 The Right Direction – Application Security Weekly #61
  1. news
  2. DevSecOps and Securing Software Supply Chains

No Guest Info

Published

60 May 07 2019 Defense In Depth – Application Security Weekly #60
  1. News
  2. Application News – Application Security Weekly #60
  3. Interview
  4. Sven Morgenroth, Netsparker – Application Security Weekly #60

No Guest Info

Published

59 April 30 2019 The Other Side – Application Security Weekly #59
  1. News
  2. Interview

No Guest Info

Published

58 April 22 2019 Hacking for Lazy People – Application Security Weekly #58
  1. News
  2. Interview

No Guest Info

Published

57 April 15 2019 Containers and Kubernetes – ASW#57
  1. News
  2. Topic

No Guest Info

Published

56 April 08 2019 Underlying Capabilities – Application Security Weekly #56
  1. News
  2. Falco

No Guest Info

Published

55 March 26 2019 Until Next Time – Application Security Weekly #55
  1. News
  2. Where the wins and challenges are in appsec
  3. Wins & Challenges In AppSec , Square – Application Security Weekly #55

No Guest Info

Published

54 March 19 2019 A Bittersweet Ending – Application Security Weekly #54
  1. Application News
  2. Interview

No Guest Info

Published

53 March 12 2019 Spot On – Application Security Weekly #53
  1. News
  2. RSA Conference

No Guest Info

Published

52 February 25 2019 Lose Weight – Application Security Weekly #52
  1. Application News
  2. Interview

No Guest Info

Published

51 February 18 2019 Level of Trust – Application Security Weekly #51
  1. news
  2. Interview

No Guest Info

Published

50 February 12 2019 The World Traveler – Application Security Weekly #50
  1. News
  2. Interview

No Guest Info

Published

49 February 05 2019 The Golden Generation – Application Security Weekly #49
  1. news
  2. The Current State of Privacy and Software Development
  3. Privacy & Software Development – Application Security Weekly #49
  4. The Current State of Privacy & Software Development – Application Security Weekly #49

No Guest Info

Published

48 January 29 2019 The Human Brain – Application Security Weekly #48
  1. News
  2. Interview

No Guest Info

Published

47 January 22 2019 Different Checkpoints – Application Security Weekly #47
  1. News
  2. Bugs, Breaches, and More – Application Security Weekly #47
  3. The Human Element of Application Security Training and Testing

No Guest Info

Published

46 January 14 2019 The Wind Beneath My Wings – Application Security Weekly #46
  1. news
  2. Interview

No Guest Info

Published

45 January 08 2019 The Iceberg Problem – Application Security Weekly #45
  1. Approaching AppSec the Right Way
  2. News

No Guest Info

Published

44 December 18 2018 In Flames – Application Security Weekly #44
  1. Harry Sverdlove, Edgewise –
  2. Harry Sverdlove, Edgewise – Application Security Weekly #44
  3. Signal App, Jenkins Servers, & WordPress –

No Guest Info

Published

43 December 11 2018 Top Secret – Application Security Weekly #43
  1. Chris Elgee, Counter Hack Challenge –
  2. Kubernetes, Firefox, & WordPress –

No Guest Info

Published

42 December 04 2018 Stuck In My Teeth – Application Security Weekly #42
  1. Aleksei Tiurin, Acunetix –
  2. NSA Malware, AFL Fuzzer, & Firecracker –

No Guest Info

Published

41 November 26 2018 Good Ol’ Days – Application Security Weekly #41
  1. Brent Dukes –
  2. Drupalgeddon, USPS, & JavaScript –
  3. Drupalgeddon, USPS, & JavaScript – Application Security Weekly #41

No Guest Info

Published

40 November 19 2018 Buffet Overflow – Application Security Weekly #40
  1. Instagram, Kraken, GitMiner –
  2. John Kinsella, Layered Insight –

No Guest Info

Published

39 November 12 2018 Boston Accent – Application Security Weekly #39
  1. Brian Kelly, CyberArk –
  2. ColdFusion, Destroying Logs, & Tracing Meme’s –

No Guest Info

Published

38 November 06 2018 Ultimate Nirvana – Application Security Weekly #38
  1. ‘Stalkerware’, DHCPv6 Packets , & Python –
  2. Daniel Cuthbert, Banco Santander –

No Guest Info

Published

37 October 29 2018 Eggplant Volcanoes – Application Security Weekly #37
  1. Airline Hacks, MicroTik Bug, & WordPress –
  2. Johnny Xmas, Kasada.io –

No Guest Info

Published

36 October 22 2018 Two Phones – Application Security Weekly #36
  1. Bugs, Breaches, and More! –
  2. Cryptocurrency, Disney, and Adobe –

No Guest Info

Published

35 October 16 2018 Git On That – Application Security Weekly #35
  1. Garrett Gross, Rapid7 –
  2. Git Project, Google+, & Facebook –

No Guest Info

Published

34 October 01 2018 Bring Yoga Pants – Application Security Weekly #34
  1. Bugs, Breaches, and More –
  2. Landing a Job in Application Security –

No Guest Info

Published

33 September 24 2018 Don’t Hit Me Up – Application Security Weekly #33
  1. Newegg, Ticketmaster, & iOS 12 –
  2. Ron Gula, Gula Tech Adventures –

No Guest Info

Published

32 September 17 2018 Sharks With Laser Beams – Application Security Weekly #32
  1. April Wright, ArchitectSecurity.org –
  2. April Wright, ArchitectSecurity.org – Application Security Weekly #32
  3. Bluebox-ng, Stock Data Breaches, and CommitStrip-
  4. Bluebox-ng, Stock Data Breaches, and CommitStrip- Application Security Weekly #32

No Guest Info

Published

31 September 10 2018 Around the World – Application Security Weekly #31
  1. Microsoft, Equifax, MacOS, and Bug Bounties –
  2. Zane Lackey, Signal Sciences –

No Guest Info

Published

30 August 27 2018 A Mixture of Spices – Application Security Weekly #30
  1. Fortnite, Netflix, & Black Hat –
  2. Fortnite, Netflix, & Black Hat – Application Security Weekly #30
  3. The Apache Struts2 RCE Vulnerability –
  4. The Apache Struts2 RCE Vulnerability – Application Security Weekly #30

No Guest Info

Published

29 August 21 2018 Always More to Learn – Application Security Weekly #29
  1. Matt Alderman & Paul Asadoorian, Def Con 2018 –
  2. Matt Alderman & Paul Asadoorian, Def Con 2018 – Application Security Weekly #29
  3. Tom McLaughlin, ServerlessOps –
  4. Tom McLaughlin, ServerlessOps – Application Security Weekly #29

No Guest Info

Published

28 August 14 2018 Don’t Trust Them – Application Security Weekly #28
  1. Alibaba Cloud Security, Comcast, and Facebook –
  2. Alibaba Cloud Security, Comcast, and Facebook – Application Security Weekly #28
  3. Secure Coding Practices –
  4. Secure Coding Practices – Application Security Weekly #28

No Guest Info

Published

27 August 06 2018 We Do Not Discriminate – Application Security Weekly #27
  1. Galen Hunt, Microsoft –
  2. Galen Hunt, Microsoft – Application Security Weekly #27
  3. Resources, Bugs, Breaches, and Learning Tools –
  4. Resources, Bugs, Breaches, and Learning Tools – Application Security Weekly #27

No Guest Info

Published

26 July 31 2018 Wu-Tang for Life – Application Security Weekly #26
  1. Jessica Rozhin, Marqueta –
  2. Jessica Rozhin, Marqueta – Application Security Weekly #26
  3. Spectre, OWASP, and iGoat –
  4. Spectre, OWASP, and iGoat – Application Security Weekly #26

No Guest Info

Published

25 July 23 2018 A Friendly Tip – Application Security Weekly #25
  1. Joe Garcia, CyberArk –
  2. Joe Garcia, CyberArk – Application Security Weekly #25
  3. Venmo, Oracle, & Linux –
  4. Venmo, Oracle, & Linux – Application Security Weekly #25

No Guest Info

Published

24 July 16 2018 The World of History – Application Security Weekly #24
  1. AppSec Solutions in a DevOps World –
  2. AppSec Solutions in a DevOps World – Application Security Weekly #24
  3. iOS Bugs, Burp Suite, & DevSecOps –
  4. iOS Bugs, Burp Suite, & DevSecOps – Application Security Weekly #24

No Guest Info

Published

23 July 10 2018 Uncle Teeth – Application Security Weekly #23
  1. Facebook, Google, & GitLab –
  2. The Hardest Problem in Application Security –

No Guest Info

Published

22 July 03 2018 A Bunch Of Robots – Application Security Weekly #22
  1. PHPMyAdmin, GitHub, and VS Code –
  2. PHPMyAdmin, GitHub, and VS Code – Application Security Weekly #22
  3. Thomas GX, Yelda –
  4. Thomas GX, Yelda – Application Security Weekly #22

No Guest Info

Published

21 June 25 2018 Close The Pod Bay Doors – Application Security Weekly #21
  1. Dan Kuykendall, Rapid7 –
  2. Microsoft, JavaScript, AI Can Fire –

No Guest Info

Published

20 June 18 2018 It”s All Working – Application Security Weekly #20
  1. Ron Gula, Gula Tech Adventures –
  2. Windows, Smart Lock, & iPhone Hackers –

No Guest Info

Published

19 June 12 2018 Off The Cuff – Application Security Weekly #19
  1. FireFox, Windows 10, DevOps, and BitHubLab –
  2. Peter Chestna, Veracode –

No Guest Info

Published

18 June 05 2018 Eyeballs Everywhere – Application Security Weekly #18
  1. Agile vs. DevOps –
  2. GitHub, Oracle, & GDPR –

No Guest Info

Published

17 May 21 2018 Just Go With It – Application Security Weekly #17
  1. James Wickett, Signal Sciences – Application Security Weekly #17
  2. Nest, Node.js, & F.Secure – Application Security Weekly #17

No Guest Info

Published

16 May 15 2018 Happy Dances – Application Security Weekly #16
  1. Adam Gordon, ITProTV – Application Security Weekly #16
  2. Text Bombs, Black Dots of Death, and Azure – Application Security Weekly #16

No Guest Info

Published

15 May 08 2018 Creating An Awesome Dish – Application Security Weekly #15
  1. Building Your AppSec Program – Application Security Weekly #15
  2. Twitter, Meltdown, & RSAC – Application Security Weekly #15

No Guest Info

Published

14 May 01 2018 Save The Developers Time – Application Security Weekly #14
  1. Building Your AppSec Program: Getting Started – Application Security Weekly #14
  2. FDA, Microsoft, & Android – Application Security Weekly #14

No Guest Info

Published

13 April 30 2018 Bigger Than My Home – Application Security Weekly #13
  1. Drupal, RSAC, & Facebook – Application Security Weekly #13
  2. Rami Sass, CEO & Co-Founder of WhiteSource – Application Security Weekly #13

No Guest Info

Published

12 April 13 2018 Classy and Illustrious – Application Security Weekly #12
  1. Open Source Software – Application Security Weekly #12
  2. Windows, MacOS, & Javascript – Application Security Weekly #12

No Guest Info

Published

11 April 06 2018 Don’t Pull My Nerd Card – Application Security Weekly #11
  1. Intel, Slack, Spectre, & NASA – Application Security Weekly #11
  2. One Language to Rule Them All – Application Security Weekly #11

No Guest Info

Published

10 March 30 2018 Coming Up 7’s – Application Security Weekly #10
  1. Cloudflare, Facebook, & Red Team Wisdom – Application Security Weekly #10
  2. DevOps or DevSecOps? – Application Security Weekly #10

No Guest Info

Published

9 March 19 2018 More Crypto, More Problems – Application Security Weekly #09

No Topics

No Guest Info

Published

9 March 16 2018
  1. AMD, MailChimp, & Equifax – Application Security Weekly #9
  2. Personal Development in Application Security – Application Security Weekly #9

No Guest Info

Published

8 March 12 2018 Early Bird Gets The Worm – Application Security Weekly #08

No Topics

No Guest Info

Published

8 March 09 2018
  1. AppSec Development Partnership – Application Security Weekly #8
  2. AppSec\/Development Partnership – Application Security Weekly #8
  3. Ethereum, Kali Linux, & Creepy Alexa – Application Security Weekly #8

No Guest Info

Published

7 March 05 2018 Everything Old Is New Again – Application Security Weekly #07

No Topics

No Guest Info

Published

7 March 02 2018
  1. DigiCert, GitHub, & Black Panther – Application Security Weekly #7
  2. Facebook Malware Scan – Application Security Weekly #7

No Guest Info

Published

6 February 16 2018 It’s Just Beautiful – Application Security Weekly #06

No Topics

No Guest Info

Published

6 February 16 2018
  1. Bitcoin, Salon, Oxford Comma Dispute, and Amazon – Application Security Weekly #6
  2. Topic: Bug Bounties – Application Security Weekly #6

No Guest Info

Published

5 February 09 2018 Jim Carrey Hacked My Facebook – Application Security Weekly #05
  1. NSA, Google, & Microsoft – Application Security Weekly #05
  2. OWASP ASVS pt. 2 – Application Security Weekly #05

No Guest Info

Published

4 February 02 2018 Stay Classy -\u00a0Application Security Weekly #04
  1. Intel, CloudFair, & Lenovo – Application Security Weekly #04
  2. OWASP Application Security Verification Standard – Application Security Weekly #04

No Guest Info

Published

3 January 26 2018 The Doctor’s Here – Application Security Weekly #03
  1. Facebook, RedHat, & Russian Twitterbots – Application Security Weekly #03
  2. Matias Madou, Secure Code Warrior – Application Security Weekly #03

No Guest Info

Published

2 January 19 2018 Punishing Trojan Horses – Application Security Weekly #02
  1. Google, Oracle, and Apple – Application Security Weekly #02
  2. Top 10 OWASP pt.2 – Application Security Weekly #02

No Guest Info

Published

1 January 15 2018 Pushing To Master – Application Security Weekly #01

No Topics

No Guest Info

Published

1 January 12 2018
  1. NVIDIA, Oracle, Coinbase, and Bitcoin – Application Security Weekly #1
  2. OWASP Top 10 (2017) Overview – Application Security Weekly #1

No Guest Info

Published

January 05 2018 Where’s My Starbucks – Application Security Weekly #00
  1. Google, Intel, Mozilla, and Starbucks – Application Security Weekly #00
  2. Rise of Application Security – Application Security Weekly #00

No Guest Info

Published