Absolute AppSec
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
- Update frequency
- every 10 days
- Episodes
- 297
- Years Active
- 2018 - 2025
Episode 236 - Memory Safe Languages, LLM Supply Chain Security
Seth and Ken review the recent Whitehouse report on going back to the basics for software security and vulnerabilities. Specifically, how is the use of memory unsafe languages like C and C++ affectin…
Tue 05 Mar 2024
Episode 235 - 2023 Top 10 Web Hacking Techniques, LLM Agent Hacking
Podcast viewers will be familiar with Portswigger's annual list of Web Hacking Techniques. Ken and Seth take some time to digest the list and recommend reviewing not only the top 10, but also the nom…
Tue 20 Feb 2024
Episode 234 - Password Analysis, GitHub Copilot
Ken and Seth comment on their recent use of the same passwords across multiple organizations. Errr, or wait. That's administrators in some instances, according to recently published analysis from Lar…
Tue 13 Feb 2024
Episode 233 - Scammers, Deep Fakes, Data Exposure
Seth and Ken return to the podcast to talk about fraud scammers based on a recent article from Cory Doctorow and what AppSec can do to protect their apps and themselves. Crocs and Socks. The use of d…
Tue 06 Feb 2024
Episode 232 - Security Jobs, Surveillance, Prompt Injection
Ken and Seth start out with a lengthy discussion about application security jobs, training, and getting into the security space due to an article based on someone's experience moving from IT to pente…
Tue 30 Jan 2024
Episode 231 - FlowMate, State of Software Supply Chain Security
Seth and Ken are back after a weeks hiatus and start by demonstrating FlowMate, a newly released Burp Extension for building context of the parameters used by an application. This is followed by in-d…
Tue 23 Jan 2024
Episode 230 - False Positives vs. Negatives, Scaling Vuln Management
Ken and Seth return to settle the age old question of whether false positives or false negatives are better when dealing with security tools. Tears are shed as stories of wasted efforts ring through …
Tue 09 Jan 2024
Episode 229 - Software Supply Chain Security, 2024 Predictions
Seth and Ken kick off a new year talking about recent news, including improvements in security process for software supply chains. This is followed by security predictions for 2024, including LLMs, d…
Tue 02 Jan 2024
Episode 228 w/ Chime Security Engineering - Monocle
David Trejo (@[email protected]) and Paul Kuliniewicz, security engineers at Chime join Seth (@sethlaw on x) and Ken (@cktricky) to discuss the ins and outs of challenges and successes in a wid…
Tue 19 Dec 2023
Episode 227 - Token Leakage, Cybersecurity Isn't Special
Ken and Seth return to discuss current news. First up is a discussion about token leakage based on the recent discovery of AI tokens on Github and Cloud tokens on Hugging Face's repository. The strug…
Thu 14 Dec 2023
Episode 226 - Security Reviews, CVE-2023-46214
Ken and Seth decide whether the idea of security reviews are dead, spurred on by a recent blog post by Frank Wang on doing away with the current perception of reviews. This is followed by a walkthrou…
Tue 05 Dec 2023
Episode 225 w/ Brian C Reed
We are excited to have Brian C Reed, chief mobility office at NowSecure, as a special guest on the Absolute AppSec podcast. Brian has specialized in mobile security, and his company NowSecure works t…
Tue 28 Nov 2023
Episode 224 w/ Jeevan Singh
Jeevan Singh (@askjeevansingh) returns to join Ken Johnson (cktricky on Twitter) and Seth Law (sethlaw) as a guest on the podcast! Jeevan is currently with Rippling, was previously the Director of Pr…
Tue 14 Nov 2023
Episode 223 w/Stefan Edwards - OWASP, Privacy
When cktricky is away, the lojis will play. Stefan Edwards co-hosts an episode with Seth in what ends up bypassing the AI hype to discuss the current state of OWASP. In short, things are murky but th…
Tue 07 Nov 2023
Episode 222 w/ Leif Dreizler
Ken Johnson (cktricky) and Seth Law (@sethlaw) welcome Leif Dreizler back on the show! Leif recently became a Senior Manager of Software Engineering at Semgrep (semgrep.dev) , spent the better part o…
Mon 23 Oct 2023
Episode 221 - Interviews, Breach, AI Tools
Seth and Ken are back to review some recent news and community discussions. Specifically, the duo talks about the use of coding requirements and projects during interviews for application security. B…
Thu 19 Oct 2023
Episode 220 w/ Erik Cabetas (Include Security)
Erik Cabetas, founder and managing partner of Include Security joins Ken Johnson (@cktricky on twitter) and Seth Law (@sethlaw). Erik has been running Include Security for the last decade, and before…
Tue 10 Oct 2023
Episode 219 w/Jason Haddix - Discovery Tools, Security Research
Seth and Ken are joined last minute by Jason Haddix (@jhaddix). Conversion about DEF CON talks, use of LLMs in research, and recently released tools.
Tue 03 Oct 2023
Episode 218 w/ Cole Cornford - Security Startups, Developer Training
Ken (cktricky on Twitter) and Seth (sethlaw) welcome Cole Cornford (https://www.colecornford.com) to Absolute AppSec for a discussion on running a security startup and the future of security training…
Tue 19 Sep 2023
Episode 217 w/ Shlomi Shaki - Security Tooling
Shlomi is back! Shlomi Shaki, GitHub’s head of Asia-Pacific-Japan advanced security sales and all around thoughtful observer of the world of application security is back on the podcast with Ken Johns…
Thu 07 Sep 2023
Disclaimer: The podcast and artwork embedded on this page are the property of Ken Johnson and Seth Law. This content is not affiliated with or endorsed by eachpod.com.