Absolute AppSec
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
- Update frequency
- every 10 days
- Episodes
- 297
- Years Active
- 2018 - 2025
Episode 277 - w/ Kyle Rippee - AppSec Support, Security Red Flags, Getting Into AppSec
Kyle Rippee, currently staff product security engineer at Tines, joins Seth and Ken for another episode of Absolute AppSec. Kyle has over a decade of experience both managing and working for Applicat…
Tue 25 Feb 2025
Episode 276 - w/ Myles Borins - NPM
Myles is currently Product Lead for Developer Platform at Snowflake. Previously, he directed project management at GitHub, overseeing projects like GitHub Copilot Workspace for PRs, Codespaces, npm,…
Tue 18 Feb 2025
Episode 275 - OpenGrep Summary, Secure By Design, Confusion Attacks
Ken and Seth are back for another episode that starts with a summary of the Semgrep and OpenGrep break. This is followed by Google's recent article titled Secure By Design: Google's Blueprint for a H…
Tue 11 Feb 2025
Episode 274 - Semgrep/OpenGrep, Saying "No" in Security
Seth and Ken return for another week to review current articles and happenings in the application security world. Specifically, they spend some time reacting to the news that the Semgrep Community ve…
Tue 04 Feb 2025
Episode 273 - Josh Larsen - Ghost Security
Josh Larsen, co-founder of CTO of Ghost Security, joins Seth Law and Ken Johnson on January 28th at 12 Noon Eastern time. Before Ghost Security, Josh was a co-founder and CEO of Darkbit and before th…
Tue 28 Jan 2025
Episode 272 - New AI Tools, True Cost of False Positives
Ken and Seth start with a demo and discussion on some newer tools that use integrated AI in both the code and workflow spaces. Specifically, use for code review and understanding is improving. This i…
Tue 21 Jan 2025
Episode 271 - Top 10 2024 Web Hacking Techniques, Research Techniques, AppSec Careers
Seth and Ken return once again to talk through the overall effectiveness and purpose of Portswigger's Top 10 Web Hacking Techniques and how it benefits the community. A short discussion on some of th…
Fri 17 Jan 2025
Episode 270 - 2025 AppSec Predictions
Ken and Seth return for 2025 to review the accuracy of their predictions from 2024 and make a few new ones for this new year. Some hits and misses for last year, but overall the generic predictions f…
Tue 07 Jan 2025
Episode 269 - Security Conferences, What Sucks in (App)Sec
The dynamic duo is back for another holiday special. Not that they reference the holidays, but dig into complaints about security conferences and how to build a conference network. Followed by a disc…
Tue 17 Dec 2024
Episode 268 w/ Clint Gibler - Curating a Newsletter, Secure Defaults
Seth and Ken are happy to announce that Clint Gibler (@clintgibler), the force behind TL;DRSec (tldrsec.com) and head of Security Research at Semgrep, will be coming on as a guest again on the Absolu…
Tue 10 Dec 2024
Episode 267 - w/ Kinnaird McQuade - Building a Security Product
Join us for an episode of Absolute AppSec with Kinnaird McQuade, founder and CTO of NightVision. Kinnaird developed NightVision as a security testing tool that combines codebase analysis with DAST fe…
Tue 19 Nov 2024
Episode 266 - Scope of Penetration Testing, Attack Modeling
Seth (@sethlaw) and Ken (@cktricky) return for an in-depth discussion on penetration testing expectations, driven by recent posts and slack activity from Andrew Wilson. Essentially, certain clients e…
Tue 05 Nov 2024
Episode 265 - w/ Scott Norberg - Static Analysis
Scott Norberg joins Ken Johnson and Seth Law for an episode of Absolute AppSec all about SAST. Scott is an ASP.NET Security Consultant, Author, Researcher and Speaker. In addition to running his Oppe…
Tue 29 Oct 2024
Episode 264 - w/ Jeremy Long - Software Composition Analysis
Jeremy Long (@ctxt on social media), Principal Security Engineer at Service Now and project founder and lead for the OWASP Dependency Check project joins Ken Johnson (@cktricky) and Seth Law (@sethla…
Thu 17 Oct 2024
Episode 263 - WebApp Fuzzing, Mobile Testing, Secrets Management
Ken and Seth return for Episode #263 and start with a discussion around web application fuzzing and the deficiencies of vulnerability and exploit-focused dynamic testing, a common thread in Seth's ra…
Tue 08 Oct 2024
Episode 262 - w/ Ariel Shin - Building a Security Program
Ariel Shin joins Ken Johnson (@cktricky on social media) and Seth Law (@sethlaw) for a special episode of Absolute AppSec. Ariel is currently a Security Engineering Manager at Datadog after a three-y…
Mon 30 Sep 2024
Episode 261 - Security Economy, Password Resets, Vendor Consolidation
Ken (@cktricky) and Seth (@sethlaw) are back to review this weeks news and commiserate about industry happenings. First up are their thoughts on the current economic climate and how it has affected t…
Wed 25 Sep 2024
Episode 260 w/ Darren Meyer of Endor Labs - Dependency Management
Absolute AppSec welcomes Darren Meyer (@DarrenPMeyer on infosec.exchange and X platform) from Endor Labs as a guest on the show to discuss Endor Lab’s newly released 2024 Dependency Management Report…
Fri 20 Sep 2024
Episode 259 - Special Melbourne Australia Edition w/Paul McCarty and Daniel Ting
Seth and Ken take the podcast global this week while traveling to Melbourne, Australia. The duo is joined this episode are joined by Paul McCarty and Daniel Ting, both involved in the local applicati…
Thu 12 Sep 2024
Episode 258 - Engaging Developers, ALBeast, Dangerous TLDs
Seth (@sethlaw) and Ken (@cktricky) are back this week with some hot takes on the recent cancellation of OWASP's San Francisco Developer Days that were running alongside Global AppSec San Francisco. …
Tue 03 Sep 2024
Disclaimer: The podcast and artwork embedded on this page are the property of Ken Johnson and Seth Law. This content is not affiliated with or endorsed by eachpod.com.