))
New THE RAP SHOW AKA RED ANCHOR PROPERTIES: Host Romeo Santos and Kenny Fulton talk shop about the Real Estate Industry and break down the basics
…
continue reading
TWITTER/INSTAGRAM - @DJTINONYC iRec/iMix/iMaster
…
continue reading
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Prin ...
…
continue reading
Prosoundz DJ's LLC.
…
continue reading
1
Jeff Williams -- Application Detection & Response (ADR)
51:28
51:28
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
51:28
Join us in this week’s episode of the Application Security Podcast where we sit down with Jeff Williams, a renowned pioneer in the field of application security. Jeff discusses ADR (Application Detection and Response), detailing its potential to revolutionize security in production environments. Listen as he shares stories from his career, includin…
…
continue reading
1
Phillip Wylie -- Pen Testing from Somebody who Knows about Pen Testing
52:08
52:08
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
52:08
Join Robert and Chris Romeo as they dive into the world of pen testing with their guest Philip Wiley. In this episode, Philip shares his unique journey from professional wrestling to being a renowned pen tester. Hear some great stories from his wrestling days, in-depth discussions on application security, and good advice on starting a career in cyb…
…
continue reading
1
Steve Springett -- Software and System Transparency
48:13
48:13
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
48:13
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome back Steve Springett, an expert in secure software development and a key figure in several OWASP projects. Steve unpacks CycloneDX and the value proposition of various BOMs. He gives us a rundown of the BOM landscape and unveils some new BOM projects t…
…
continue reading
1
Irfaan Santoe -- The Power of Strategy in AppSec
40:14
40:14
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
40:14
Join Irfaan Santoe and hosts Chris Romeo and Robert Hurlbut for an in-depth discussion on the maturity and strategy of Application Security programs. They delve into measuring AppSec maturity, return on investment, and communicating technical needs to business leaders. Irfaan shares his unique journey from consulting to becoming an AppSec professio…
…
continue reading
1
Andrew Van Der Stock -- The New OWASP Top Ten
51:51
51:51
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
51:51
Join Chris Romeo and Robert Hurlbut as they sit down with Andrew Van Der Stok, a leading web application security specialist and executive director at OWASP. In this episode, Andrew discusses the latest with the OWASP Top 10 Project, the importance of data collection, and the need for developer engagement. Learn about the methodology behind buildin…
…
continue reading
1
Derek Fisher -- Hiring in Cyber/AppSec
1:01:45
1:01:45
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:01:45
In this episode of the Application Security Podcast, Chris Romeo and Robert Hurlbut welcome back Derek Fisher, an expert in hardware, software, and cybersecurity with over 25 years of experience. Derek shares his advice on cybersecurity hiring, specifically in application security, and dives into the challenges of entry-level roles in the industry.…
…
continue reading
1
Tanya Janca -- Secure Guardrails
1:04:50
1:04:50
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
1:04:50
Join us for a conversation with Tanya Janka, also known as SheHacksPurple, as she discusses secure guardrails, the difference between guardrails and paved roads, and how to implement both in application security. Tanya, an award-winning public speaker and head of education at SEMGREP, shares her insights on creating secure software and teaching dev…
…
continue reading
1
Jahanzeb Farooq -- Launching and executing an AppSec program
49:44
49:44
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
49:44
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut are joined by Jahanzeb Farooq to discuss his journey in cybersecurity and the challenges of building AppSec programs from scratch. Jahanzeb shares his experience working in various industries, including Siemens, Novo Nordisk, and Danske Bank, highlighting the …
…
continue reading
1
David Quisenberry -- Building Security, People, and Programs
56:54
56:54
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
56:54
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut engage in a deep discussion with guest David Quisenberry about various aspects of application security. They cover David's journey into the security world, insights on building AppSec programs in small to mid-sized companies, and the importance of data-driven …
…
continue reading
1
Matt Rose -- Software Supply Chain Security Means Many Different Things to Different People
46:14
46:14
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
46:14
In this episode of the Application Security Podcast, hosts Chris Romeo and Robert Hurlbut welcome Matt Rose, an experienced technical AppSec testing leader. Matt discusses his career journey and significant contributions in AppSec. The conversation delves into the nuances of software supply chain security, exploring how different perceptions affect…
…
continue reading
1
James Berthoty -- Is DAST Dead? And the future of API security
44:56
44:56
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
44:56
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security. The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and …
…
continue reading
1
Mark Curphey and Simon Bennetts -- Riding the Coat Tails of ZAP, without Open Source Funding
42:32
42:32
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
42:32
Mark Curphey and Simon Bennetts, join Chris on the podcast to discuss the challenges of funding and sustaining major open source security projects like ZAP. Curphey shares about going fully independent and building a non-profit sustainable model for ZAP. The key is getting companies in the industry, especially companies commercializing ZAP, to prop…
…
continue reading
1
Devin Rudnicki -- Expanding AppSec
35:57
35:57
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
35:57
Devon Rudnicki, the Chief Information Security Officer at Fitch Group, shares her journey of developing an application security program from scratch and advancing to the CISO role. She emphasizes the importance of collaboration, understanding the organization's business, and using metrics to drive positive change in the security program. Elon Musk …
…
continue reading
1
Dustin Lehr -- Culture Change through Champions and Gamification
45:10
45:10
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
45:10
Dustin Lehr, Senior Director of Platform Security/Deputy CISO at Fivetran and Chief Solutions Officer at Katilyst Security, joins Robert and Chris to discuss security champions. Dustin explains the concept of security champions within the developer community, exploring the unique qualities and motivations behind developers becoming security advocat…
…
continue reading
1
Francesco Cipollone -- Application Security Posture Management and the Power of Working with the Business
38:11
38:11
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
38:11
Francesco Cipollone, CEO of Phoenix Security, joins Chris and Robert to discuss security and explain Application Security Posture Management (ASPM). Francesco shares his journey from developer to cybersecurity leader, revealing the origins and importance of ASPM. The discussion covers the distinction between application security and product securit…
…
continue reading
1
Mukund Sarma -- Developer Tools that Solve Security Problems
46:32
46:32
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
46:32
Mukund Sarma, the Senior Director for Product Security at Chime, talks with Chris about his career path from being a software engineer to becoming a leader in application security. He explains how he focuses on building security tools that are easy for developers to use and stresses the importance of looking at application security as a part of the…
…
continue reading
1
Meghan Jacquot -- Assumed Breach Red Team Engagements for AppSec
40:55
40:55
Прослушать позже
Прослушать позже
Списки
Нравится
Нравится
40:55
AppSec specialist Megan Jacquot joins Chris and Robert for a compelling conversation about community, career paths, and productive red team exercises. Megan shares her unique cybersecurity origin story, tracing her interest in the field from childhood influences through her tenure as an educator and her formal return to academia to pivot into a tec…
…
continue reading
