The Application Security Podcast cover image

The Application Security Podcast

Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Principal Application Security Architect focused on Threat Modeling at Aquia.

Latest episodes

Jan 25, 2019 • 44min

Bill Wilder -- Running Azure Securely

Bill Wilder joins Chris and Robert to talk about Running Azure Securely. You can find Bill on Twitter @codingoutloudFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jan 18, 2019 • 36min

Matt Konda -- OWASP Glue

Matt Konda joins Chris and Robert to talk about what Glue is.You can find Matt on Twitter @mkondaOWASP GlueFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jan 11, 2019 • 31min

Josh Grossman, Avi Douglen, and Ofer Maor -- AppSec in Israel and Three Talks to watch from AppSec USA

Josh Grossman, Avi Douglen, and Ofer Maor at AppSec USA join Chris. They discuss the AppSec group in Israel and a few critical talks you should watch from AppSec USA this year.You can find Josh on Twitter @JoshCGrossmanYou can find Avi on Twitter @sec_tiggerYou can find Ofer on Twitter @OferMaorFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jan 1, 2019 • 45min

Daniel Miessler -- OWASP IoT Top 10

Daniel Miessler joins Chris and Robert to talk about the upcoming Top 10 list for IoT.You can find Daniel on Twitter @DanielMiesslerIoT ProjectFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dec 18, 2018 • 22min

Travis McPeak -- SecOps Makes Developers Lives Easier

Travis McPeak joins Chris to talk about SecOps and how it can help make a developer's life easier. You can find Travis on Twitter @travismcpeakFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dec 10, 2018 • 32min

Chris Romeo -- Security Culture Hacking: Disrupting the Security Status Quo

We listen in on the #AppSecUSA talk by Chris about Security Culture Hacking. You can find Chris on Twitter @edgeroute FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dec 3, 2018 • 30min

Jim Manico -- The Extremely Unabridged History of SQLi and XSS

Jim Manico joins again to talk about how AppSec has changed over the years and gives us an in-depth look at the history of SQL Injection and XSS. You can find Jim on Twitter @manicodeFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nov 27, 2018 • 44min

Jeff Williams -- The History of OWASP

Chris talks with Jeff Williams about the History of OWASP and where it came from. You can find Jeff on Twitter @planetlevelFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nov 19, 2018 • 37min

Bjorn Kimminich -- The Joy of the Vulnerable Web: JuiceShop

Bjorn Kimminich joins to talk about JuiceShop. He dives into what JuiceShop is and some of its use cases. You can find Bjorn on Twitter @bkimminich FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nov 13, 2018 • 28min

Swaroop Yermalkar -- iGoat and iOS Mobile Pen Testing

Chris is at AppSec USA and is joined by Swaroop to talk about iGoat. They discuss how iGoat relates to WebGoat and how they can be used for pen testing. You can find Swaroop on Twitter @swaroopsyFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner