Absolute AppSec
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
- Update frequency
- every 10 days
- Episodes
- 297
- Years Active
- 2018 - 2025
Episode 116: Lewis Ardern and Pwnfunction - Client-Side JavaScript Security
Lewis Ardern (@LewisArdern) and Pwnfunction (@pwnfunction) join Seth and Ken to talk client-side JavaScript security and their recent Vue JS blog post. https://portswigger.net/research/evading-defenc…
Tue 24 Nov 2020
Episode 115: Clint Gibler - Static Analysis with Semgrep
Clint Gibler (@clintgibler) joins Seth and Ken to talk about Static Analysis with Semgrep. Demonstrations of writing rules within Semgrep and how to use it.
Tue 17 Nov 2020
Episode 114: Account Enumeration, Github Actions
Seth and Ken discuss account enumeration vulnerabilities and open source tools that take advantage of them. Discussion about the recent Github Actions vulnerability.
Tue 10 Nov 2020
Episode 113: Jacob Salassi - Modeling Threats, Risk Assessment
Jacob Salassi (@JacobSalassi) joins us to discuss his developer-driven, standardized, threat modeling process. Also discussions on developer empathy, risk assessment, and other topics.
Tue 27 Oct 2020
Episode 112: Mark Feferman - Static Analysis Tools
Mark Feferman (@mfeferman) joins Seth and Ken to throw down about automated static analysis tools. Discussion of applictaion security talent (or lack thereof) and 'shifting left'.
Tue 20 Oct 2020
Episode 111: Bug Bounties, Detection as Code
Seth and Ken dig into strange requests when running bug bounty programs, recent revelations on Apple security research, and detection as code.
Tue 13 Oct 2020
Episode 110: Reserved Words, Authentication, Developer Patterns
Back at it like a phrack addict to talk reserved words, authentication flaws in apps and Grindr, and recognizing insecure patterns during development.
Tue 06 Oct 2020
Episode 109: Threat Modeling, Social Media, Imposter Syndrome
We are back with a Seth and Ken only episode to talk about the evolution of threat modeling, the documentary "The Social Dilemma", mental health, and imposter syndrome.
Tue 22 Sep 2020
Episode 108: Sean Poris - Bug Bounties and H1-2010
Sean Poris (@skp00) joins Absolute AppSec to talk about The Paranoids virtual bug bounty hacking event H1-2010, staying sane, managing a virtual team, and advice for running a bug bounty program.
Tue 15 Sep 2020
Episode 107: Markus Schirp - Ruby and Dynamic Languages
Markus Schirp (@_m_b_j_) joins Seth and Ken to talk about Ruby and other dynamic languages. Mutation testing, TDD weaknesses, and meta programming.
Tue 01 Sep 2020
Episode 106: Justin Massey - Logging and Monitoring
Justin Massey from Data Dog joins us to talk Application Logging.
Tue 25 Aug 2020
Episode 105: Laura Migus - Diversity and Inclusion
Seth and Ken chat with Laura Migus who is an expert in the realm of Diversity and Inclusion to learn more about the topic and how to support diversity and inclusion efforts.
Tue 18 Aug 2020
Episode 104: Leif Dreizler - Authentication and SCIM
Leif Drezler joins Seth and Ken to talk about recent projects, including authentication, SCIM, and how to embed within a development team.
Wed 05 Aug 2020
Episode 103: Secrets Management, Oded Hareven, and akeyless.io
Oded Hareven from AKEYLESS joins Seth and Ken to discuss the idea behind AKEYLESS as well as give us a chance to learn a little bit more about Oded.
Tue 21 Jul 2020
Episode 102: Popular Programming Languages, TikTok, OWASP
Seth and Ken talk about the popularity of various programming languages, TikTok app issues, and new changes at OWASP.
Tue 30 Jun 2020
Episode 101: Mike McCabe, Ken Toler, Cloud Security
Seth and Ken are joined by Mike McCabe (@mccabe615) and Ken Toler (@relotnek) to break down their talk on Cloud Security. Discussions revolves around cloud security, but touches legacy systems, appli…
Tue 23 Jun 2020
Episode 100: Virtual Conferences, Bots, DDoS, Ebay
Seth and Ken break the 100 episode barrier by talking about virtual conferences. Discussions about bots, distributed denial of service attacks, and Ebay stalking of a newsletter.
Tue 16 Jun 2020
Episode 99: Contact Tracing, GnuTLS, Breaches
Seth and Ken are back to security and technology this week. Discussions about contact tracing applications, privacy and freedom vs. security, the GnuTLS CVE, and possible Honda breach.
Tue 09 Jun 2020
Episode 98: Bug Bounty Programs, Work when World is Crazy
Seth and Ken go full rant mode about bug bounties and trying to work while the world goes insane.
Tue 02 Jun 2020
Episode 97: Stefan Edwards and Brian Glas - Threat Modeling
Stefan (@lojikil) and Brian (@infosecdad) are back to talk about threat modeling with Seth and Ken. Discussion covers risk assessment, threat modeling, asset inventory, and software maturity.
Tue 26 May 2020
Disclaimer: The podcast and artwork embedded on this page are the property of Ken Johnson and Seth Law. This content is not affiliated with or endorsed by eachpod.com.