The Application Security Podcast cover image

The Application Security Podcast

Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Principal Application Security Architect focused on Threat Modeling at Aquia.

Latest episodes

Nov 5, 2018 • 36min

Adam Bacchus and Jon Bottarini -- Two Sides to a Bug Bounty: The Researcher and The Program

Chris and Robert talk with Adam and John from HackerOne about Bug Bounty. They dive into bug bounty from the programming and security researcher sides to show how you can combine these pieces with being successful with a bug bounty. You can find Adam on Twitter @SushiHack and Jon @jon_bottariniFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oct 30, 2018 • 31min

Erlend Oftedal -- What You Require, You Must Also Retire

Chris talks with Erlend Oftedal about the Norway Chapter of OWASP and continues on to what retire.js is and how it works.You can find Erlend on Twitter @webtonullFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oct 23, 2018 • 28min

Abhay Bhargav -- Threat Modeling as Code

Abhay Bhargav joins Robert to talk about threat modeling as code. He dives into how this can help you in your threat models. You can find Abhay on Twitter @abhaybhargavFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oct 16, 2018 • 31min

Tony UV -- Threat Libraries in the Cloud

Tony UV joins Robert to discuss all things threat libraries in the cloud. You can find Tony on Twitter @t0nyuvFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oct 9, 2018 • 37min

Aaron Rinehart -- Chaos Engineering and #AppSec

Chris and Robert talk to Aaron Rinehart about how the security community can embrace chaos engineering. You can find Aaron on Twitter @aaronrinehartFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oct 1, 2018 • 35min

Jessica Robinson and Vandana Verma-- WIA: Women in #AppSec

Jessie and Vandana join Chris from Women in #AppSec to discuss the project! They dive into what the project is and how the numerous OWASP Chapters around the world can participate! You can find them on Twitter @InfosecVandana and @jessrobin96FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sep 25, 2018 • 17min

Karen Staley -- A Conversation with Karen

This week we're joined by Karen Staley, the Executive Director of the OWASP Foundation. She dives into what's happening on OWASP and what we can look forward to in the future. You can find her on Twitter @owaspedFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sep 18, 2018 • 27min

Mohammed Imran -- Back to the Lab Again with a DevOps

Mohammed Imran joins us to discuss the DevSecOps Studio and more about the beautiful world of DevOps. You can find him on Twitter @secfigoFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sep 11, 2018 • 29min

Niels Tanis -- A Slice of the Razor with ASP.Net Core

Niels Tanis joins to talk about Razor and ASP.Net Core versus General.You can find Niels on Twitter @nielstanisFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sep 4, 2018 • 27min

Ofer Maor -- A Pen Testers Transition to #AppSec: #VoteForOfer

Chris is joined by Ofer Maor to talk about his journey of transitioning into the world of #AppSec from the world of Pen Testing. You can find him on Twitter @OferMaorFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner