The Application Security Podcast
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Principal Application Security Architect focused on Threat Modeling at Aquia.
Podcasting since 2016 • 281 episodes
The Application Security Podcast
Latest Episodes
Mehran Koushkebaghi -- Security as a Systemic Concern: How to develop Anti-Requirements
Mehran Koushkebaghi, a seasoned engineering expert, delves into the intricacies of systemic security. He draws parallels between civil engineering and IT systems, and explains the importance of holistic thinking in security design. Discover the...
•
Season 12
•
Episode 3
•
45:08
Kalyani Pawar -- Shaping AppSec at Startups
Kalyani Pawar shares critical strategies for integrating security early and effectively in AppSec for startups. She recommends that startups begin focusing on AppSec around the 30-employee mark, with an ideal ratio of one AppSec professional pe...
•
Season 12
•
Episode 2
•
39:52
Milan Williams -- AppSec Metrics
Milan Williams discusses the importance of application security metrics and how to make them both meaningful and actionable. She explains that metrics are crucial for tracking progress in what can often feel like an overwhelming security landsc...
•
Season 12
•
Episode 2
•
36:16
MO Sadek -- Building an AppSec Program from Scratch
Mo Sadek shares his unique journey of building an Application Security program from scratch at Roblox. Mo discusses his unconventional path, including temporarily joining the infrastructure team to truly understand engineering challenges. He em...
•
Season 12
•
Episode 1
•
48:50
Brett Crawley -- Threat Modeling Gameplay with EoP
Brett Crawley discusses the Elevation of Privilege (EoP) card game, a powerful tool for threat modeling in software development. The discussion explores recent extensions to the game including privacy-focused suits and TRIM (Transfer, Retention...
•
Season 11
•
Episode 29
•
45:28
Contributors
Podcasts we love
Check out these other fine podcasts recommended by us, not an algorithm.
The Security Table
Izar Tarandach, Matt Coles, and Chris Romeo