HTTP Goes QUIC, Security & Humans, Amazon Sidewalk Privacy, & Product Abuse – ASW #153

This week in the AppSec News, Tyler Robinson joins Mike & John to discuss: HTTP/3 and QUIC, bounties for product abuse, Amazon Sidewalk security & privacy, security & human behavior, authentication bypass postmortem, M1RACLES, & more! Visit for all the latest episodes!

Full Episode Show Notes

HTTP Goes QUIC, Security & Humans, Amazon Sidewalk Privacy, & Product Abuse


John Kinsella

John Kinsella – Chief Architect at Accurics


John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema – Product Security Lead at Square


Mike Shema is the Product Security Lead of Square

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security


As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.


  • Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit to submit your presentation & register for the early registration price before it expires!

  • Join us on June 10 at 11am ET for our technical training on insider risk to learn how to quickly mitigate data exposure risks. Then join us June 24 at 11 AM ET to learn how web application firewalls can help mitigate exposure in a complex threat landscape. Visit to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at