Shows
The Application Security PodcastDan Küykendall -- Why All Application Security Products SuckDan Küykendall visits The Application Security Podcast to discuss his series "Why All AppSec Products Suck" and explain why software companies should understand the uses and limitations of any security tool. The series aims to highlight the limitations of each tool and to help users make informed decisions when selecting the right tools for their needs. In this field, there is no such thing as an expert; there is always something new to learn.Dan, Chris, and Robert remember the late Kevin Mitnick, a well-known figure in the cybersecurity community. They share their personal experiences with M...2023-08-2249 minThe Application Security PodcastTony Quadros -- The Life of an AppSec VendorTony Quadros, the AppSec Lumberjack, shares the unique career path that led him to find his passion in Application Security. The discussion delves into the work of an AppSec vendor, with Tony explaining his role and the responsibilities it entails. He emphasizes the importance of understanding the needs and environment of the customer, and whether the product he represents can fulfill their requirements. Tony also shares his philosophy of sales, centered around solving problems and providing business value.Tony reveals the challenges salespeople face in the cybersecurity industry, particularly the pressure to meet quotas and the need...2023-08-0845 minThe Application Security PodcastOWASP Top 10 2021 Peer ReviewRobert and I break down the OWASP Top 10 2021 Peer Review Edition. We walk through and give you our insights and highlights of the things that stand out to us and our questions. We feel it brings value to our audience's understanding of the OWASP Top 10 2021 and what it will likely look like when it comes out. We encourage you to go and do your own peer review of the document, submit your own poll requests, provide your feedback and issues on Github because together as a community, this is how we make this document better. Enjoy!FOLLOW...2021-09-1729 minThe Application Security PodcastIzar Tarandach and Matt Coles-- Threat Modeling: A Practical Guide for Development TeamsIn this episode of the Application Security Podcast, we're joined by friends Izar and Matt, authors of the book "Threat Modeling: A Practical Guide for Development Teams." Izar is currently the Squarespace Principal Security Engineer. He lives in NY, where he enjoys telling people who separate security from development to get off his lawn. Matt is currently a Product & Application Security Engineer at Dell Technologies. Matt lives in Massachusetts, is an avid gamer, and enjoys time with his family when not thinking or talking to others about security. We discuss why they wrote the book, what it covers, the...2021-04-2350 min
Application Security PodCastIzar Tarandach and Matt Coles-- Threat Modeling: A Practical Guide for Development TeamsIn this episode of the Application Security Podcast, we're joined by friends Izar and Matt, authors of the book "Threat Modeling: A Practical Guide for Development Teams." Izar is currently the Squarespace Principal Security Engineer. He lives in NY, where he enjoys telling people who separate security from development to get off his lawn. Matt is currently a Product & Application Security Engineer at Dell Technologies. Matt lives in Massachusetts, is an avid gamer, and enjoys time with his family when not thinking or talking to others about security. We discuss why they wrote the...2021-04-2350 min
The Application Security PodcastChris Romeo — DevSecOps FailsFor this episode, Robert and I decided to talk about an article I wrote called "DevOps security culture: 12 fails your team can learn from". We hope you enjoy this walkthrough of the 12 fails. If we missed any, hit us up on Twitter and let us know what we should add to the list.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2021-02-1727 min
Application Security PodCastChris Romeo — DevSecOps FailsFor this episode, Robert and I decided to talk about an article I wrote called "DevOps security culture: 12 fails your team can learn from". We hope you enjoy this walkthrough of the 12 fails. If we missed any, hit us up on Twitter and let us know what we should add to the list.
The post Chris Romeo — DevSecOps Fails appeared first on Security Journey Podcasts.2021-02-1727 min
The Application Security PodcastThe Threat Modeling Manifesto – Part 2This is part two of the story of a diverse group of security and privacy people that love threat modeling and gathered to define threat modeling, encourage people to threat model, help them succeed, and change the world. This is our story of the Threat Modeling Manifesto. In this episode, we move on from definition to working through the values and principles that make up threat modeling, and then we ship the product.The working group of the Threat Modeling Manifesto consists of individuals with years of experience in threat modeling for security or privacy.Zoe...2020-11-2424 min
The Application Security PodcastThe Threat Modeling Manifesto – Part 1This is part one of the story of a diverse group of security and privacy people that love threat modeling and gathered to define threat modeling, encourage people to threat model, help them succeed, and change the world. This is our story of the Threat Modeling Manifesto. Our intention is to share a distilled version of our collective threat modeling knowledge in a way that should inform, educate, and inspire other practitioners to adopt threat modeling as well as improve security and privacy during development.We developed this Manifesto after years of experience thinking about, performing, teaching, a...2020-11-1725 minApplication Security PodCastChris and Robert: A Taste of Hi-5As the hosts of the Application Security Podcast, we get the opportunity from time to time to mix it up. This week we gather a few security articles, share a summary, and offer our opinions (for what our opinions are worth). The source of the articles is Hi-5, a weekly newsletter containing five security articles [...]
The post Chris and Robert: A Taste of Hi-5 appeared first on Security Journey Podcasts.2019-12-0100 min
The Application Security PodcastChris and Robert: A Taste of Hi-5As the hosts of the Application Security Podcast, we get the opportunity from time to time to mix it up. This week we gather a few security articles, share a summary, and offer our opinions (for what our opinions are worth). The source of the articles is Hi-5, a weekly newsletter containing five security articles that are worth your time. We scour the Interwebs looking for the best articles on application and product security and share those with you. You can subscribe to Hi-5 on the Security Journey website.Hit us up on Twitter and let us k...2019-12-0127 minApplication Security PodCastElissa Shevinsky — Be Kind, Security People — 5 Minute AppSecRobert asks Elissa Shevinsky, why should people be nice, or why is niceness important in security?
The post Elissa Shevinsky — Be Kind, Security People — 5 Minute AppSec appeared first on Security Journey Podcasts.2019-08-1400 min
The Application Security PodcastElissa Shevinsky — Be Kind, Security People — 5 Minute AppSecRobert asks Elissa Shevinsky, why should people be nice, or why is niceness important in security?FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-08-1402 minApplication Security PodCastErez Yalon and Liora Herman – The Application Security Village @ DefConErez Yalon and Liora Herman are both passionate security professionals. They joined forces to create the AppSec Village, an event at DefCon in Las Vegas. If you are in Vegas for BH/DC, stop by the village and say hi to Robert, who will be in attendance as well.
The post Erez Yalon and Liora Herman – The Application Security Village @ DefCon appeared first on Security Journey Podcasts.2019-07-3000 min
The Application Security PodcastErez Yalon and Liora Herman – The Application Security Village @ DefConErez Yalon and Liora Herman are both passionate security professionals. They joined forces to create the AppSec Village, an event at DefCon in Las Vegas. If you are in Vegas for BH/DC, stop by the village and say hi to Robert, who will be in attendance as well.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-07-3022 min
The Application Security PodcastJon McCoy — Hacker outreachJon McCoy is a security engineer, a developer, and a hacker; and a passionate OWASP advocate. Maybe even a hacker first. Jon has a passion to connect people and break down barriers between hackers and corporate folks. Jon explains the idea of hacker outreach and breaks down what we can expect if we venture to the DefCon event in Las Vegas. Jon also remembered a cautionary tale of Robert’s Fitbit out at a DefCon event. Jon is someone we can all learn from about giving back to our community.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSe...2019-05-0624 minApplication Security PodCastSimon Bennetts — OWASP ZAP: past, present, and futureSimon Bennetts is the project leader for OWASP ZAP. Simon joined Robert at CodeMash to talk about the origin of ZAP, the new heads up display, and ZAP API. ZAP is an OWASP FlagShip Project and is available here: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
The post Simon Bennetts — OWASP ZAP: past, present, and future appeared first on Security Journey Podcasts.2019-04-1300 min
The Application Security PodcastSimon Bennetts — OWASP ZAP: past, present, and futureSimon Bennetts is the project leader for OWASP ZAP. Simon joined Robert at CodeMash to talk about the origin of ZAP, the new heads up display, and ZAP API. ZAP is an OWASP FlagShip Project and is available here: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_ProjectFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-04-1325 minApplication Security PodCastBill Sempf — Growing AppSec People and KidzMashRobert meets up with Bill Sempf at the CodeMash conference and discusses how to grow AppSec people. Developers can transform into application security people. They also cover how to inspire the next generation of cybersecurity people (kids) through the example of KidzMash.
The post Bill Sempf — Growing AppSec People and KidzMash appeared first on Security Journey Podcasts.2019-04-0800 min
The Application Security PodcastBill Sempf — Growing AppSec People and KidzMashRobert meets up with Bill Sempf at the CodeMash conference and discusses how to grow AppSec people. Developers can transform into application security people. They also cover how to inspire the next generation of cybersecurity people (kids) through the example of KidzMash.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-04-0820 minApplication Security PodCastGeorgia Weidman — Mobile, IoT, and Pen TestingGeorgia Weidman (@georgiaweidman) met with Robert at CodeMash to discuss her origin story, mobile, IoT, penetration testing, and details about her various companies. If you've never seen Georgia's book on penetration testing, we recommend you grab a copy. http://www.nostarch.com/pentesting To sign up for the newsletter mentioned at the start of this week's show, visit [...]
The post Georgia Weidman — Mobile, IoT, and Pen Testing appeared first on Security Journey Podcasts.2019-03-3100 min
The Application Security PodcastGeorgia Weidman — Mobile, IoT, and Pen TestingGeorgia Weidman (@georgiaweidman) met with Robert at CodeMash to discuss her origin story, mobile, IoT, penetration testing, and details about her various companies. If you've never seen Georgia's book on penetration testing, we recommend you grab a copy. http://www.nostarch.com/pentesting To sign up for the newsletter mentioned at the start of this week's show, visit https://info.securityjourney.com/hi5signupFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-03-3118 minApplication Security PodCastRapid Threat Model Prototyping Process (S04E26)On this episode, Chris and Robert are joined by Geoff Hill to talk about Rapid Threat Model Prototyping Process. You can find Geoff on Twitter @Tutamantic_Sec
The post Rapid Threat Model Prototyping Process (S04E26) appeared first on Security Journey Podcasts.2019-02-0200 min
The Application Security PodcastGeoff Hill -- Rapid Threat Model Prototyping ProcessGeoff Hill joins Chris and Robert to talk about Rapid Threat Model Prototyping Process. You can find Geoff on Twitter @Tutamantic_SecFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-02-0247 min
The Application Security PodcastBill Wilder -- Running Azure SecurelyBill Wilder joins Chris and Robert to talk about Running Azure Securely. You can find Bill on Twitter @codingoutloudFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-01-2544 minApplication Security PodCastRunning Azure Securely (S04E25)On this episode, Chris and Robert are joined by Bill Wilder to talk about Running Azure Securely. You can find Bill on Twitter @codingoutloud
The post Running Azure Securely (S04E25) appeared first on Security Journey Podcasts.2019-01-2500 min
The Application Security PodcastMatt Konda -- OWASP GlueMatt Konda joins Chris and Robert to talk about what Glue is.You can find Matt on Twitter @mkondaOWASP GlueFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-01-1835 minApplication Security PodCastOWASP Glue (S04E24)On this episode, Chris and Robert are joined by Matt Konda to talk about what Glue is. You can find Matt on Twitter @mkonda OWASP Glue
The post OWASP Glue (S04E24) appeared first on Security Journey Podcasts.2019-01-1800 min
The Application Security PodcastDaniel Miessler -- OWASP IoT Top 10Daniel Miessler joins Chris and Robert to talk about the upcoming Top 10 list for IoT.You can find Daniel on Twitter @DanielMiesslerIoT ProjectFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2019-01-0144 minApplication Security PodCastOWASP IoT Top 10 (S04E22)On this episode, Chris and Robert are joined by Daniel Miessler to talk about the upcoming Top 10 list for IoT. You can find Daniel on Twitter @DanielMiessler IoT Project
The post OWASP IoT Top 10 (S04E22) appeared first on Security Journey Podcasts.2019-01-0100 min
The Application Security PodcastAdam Bacchus and Jon Bottarini -- Two Sides to a Bug Bounty: The Researcher and The Program Chris and Robert talk with Adam and John from HackerOne about Bug Bounty. They dive into bug bounty from the programming and security researcher sides to show how you can combine these pieces with being successful with a bug bounty. You can find Adam on Twitter @SushiHack and Jon @jon_bottariniFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-11-0536 minApplication Security PodCastTwo Sides to a Bug Bounty: The Researcher and The Program (S04E15)On this episode, Chris and Robert talk with Adam and John from HackerOne about Bug Bounty. They dive into bug bounty from the programming side and the security researcher side to show how you can put these pieces together to be successful with bug bounty. You can find Adam on Twitter @SushiHack and Jon @jon_bottarini [...]
The post Two Sides to a Bug Bounty: The Researcher and The Program (S04E15) appeared first on Security Journey Podcasts.2018-11-0500 min
The Application Security PodcastAbhay Bhargav -- Threat Modeling as CodeAbhay Bhargav joins Robert to talk about threat modeling as code. He dives into how this can help you in your threat models. You can find Abhay on Twitter @abhaybhargavFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-10-2328 minApplication Security PodCastThreat Modeling as Code (S04E13)Abhay Bhargav joins Robert this week to talk about threat modeling as code. He dives into how this can help you in your own threat models. You can find Abhay on Twitter @abhaybhargav
The post Threat Modeling as Code (S04E13) appeared first on Security Journey Podcasts.2018-10-2300 min
The Application Security PodcastTony UV -- Threat Libraries in the CloudTony UV joins Robert to discuss all things threat libraries in the cloud. You can find Tony on Twitter @t0nyuvFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-10-1630 minApplication Security PodCastThreat Libraries in the Cloud (S04E12)Tony UV joins Robert on this weeks episode to discuss all things threat libraries in the cloud. You can find Tony on Twitter @t0nyuv
The post Threat Libraries in the Cloud (S04E12) appeared first on Security Journey Podcasts.2018-10-1600 min
The Application Security PodcastAaron Rinehart -- Chaos Engineering and #AppSecChris and Robert talk to Aaron Rinehart about how the security community can embrace chaos engineering. You can find Aaron on Twitter @aaronrinehartFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-10-0936 minApplication Security PodCastChaos Engineering and #AppSec (S04E11)On this episode, Chris and Robert talk to Aaron Rinehart about how the security community can embrace chaos engineering. You can find Aaron on Twitter @aaronrinehart
The post Chaos Engineering and #AppSec (S04E11) appeared first on Security Journey Podcasts.2018-10-0900 min
The Application Security PodcastMartin Knobloch -- OWASP, Reach Out; We Are Known and MisunderstoodMartin Knobloch joins Chris and Robert to discuss all things OWASP. They dive into the history of OWASP and some of the plans for the future. You can find Martin on Twitter @knoblochmartin.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-06-0530 minApplication Security PodCastOWASP, Reach Out; We Are Known and Misunderstood (S03E20) – Application Security PodCastChris and Robert are joined by Martin Knobloch to discuss all things OWASP. They dive into the history of OWASP and some of the plans for the future. You can find Martin on Twitter @knoblochmartin.
The post OWASP, Reach Out; We Are Known and Misunderstood (S03E20) – Application Security PodCast appeared first on Security Journey Podcasts.2018-06-0500 minApplication Security PodCastMalicious User Stories (S03E18) – Application Security PodCastOn this episode, Robert speaks with Apollo Clark about Malicious User Stories and DevOps. He discusses how to properly handle user stories in a world being taken over by DevOps. You can find Apollo on Twitter @apolloclark
The post Malicious User Stories (S03E18) – Application Security PodCast appeared first on Security Journey Podcasts.2018-05-2200 min
The Application Security PodcastApollo Clark -- Malicious User StoriesIn this episode, Robert speaks about Malicious User Stories and DevOps with Apollo Clark. He discusses how to properly handle user stories in a world being taken over by DevOps. You can find Apollo on Twitter @apolloclarkFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-05-2222 min
The Application Security PodcastMegan Roddie -- Neurodiversity in SecurityMegan Roddie joins Robert at the SOURCE Conference in Boston. She talks about how neurodiverse people can truly help an organization. You can find her on Twitter @megan_roddieFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-05-1518 minApplication Security PodCastNeurodiversity in Security (S03E17) – Application Security PodCastOn this episode, Robert is joined by Megan Roddie at the SOURCE Conference in Boston. She talks about the how neurodiverse people can truly help an organization. You can find her on Twitter @megan_roddie
The post Neurodiversity in Security (S03E17) – Application Security PodCast appeared first on Security Journey Podcasts.2018-05-1500 min
The Application Security PodcastSteven Wierckx -- The #OWASP Threat Modeling ProjectSteven Wierckx joins Robert and Chris this week to talk about the #OWASP Threat Modeling project that he’s involved in. You can find Steven on Twitter @ihackforfun https://open-security-summit.org/FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2018-04-0632 minApplication Security PodCastThe #OWASP Threat Modeling Project (S03E12) – Application Security PodCastSteven Wierckx joins Robert and Chris this week to talk about the #OWASP Threat Modeling project that he’s involved in. You can find Steven on Twitter @ihackforfun https://open-security-summit.org/
The post The #OWASP Threat Modeling Project (S03E12) – Application Security PodCast appeared first on Security Journey Podcasts.2018-04-0600 minApplication Security PodCast#AppSec Recommendations (S03E08) – Application Security PodCastChris and Robert go over a plethora of recommendations they have accumulated over their years of experience in the industry. Chris’s recommendations 1. Book: Agile Application Security: Enabling Security in a Continuous Delivery Pipeline by Laura Bell (Author), Michael Brunton-Spall (Author), Rich Smith (Author), Jim Bird (Author) https://amzn.com/1491938846 2. Website: Iron Geek Adrian Crenshaw records [...]
The post #AppSec Recommendations (S03E08) – Application Security PodCast appeared first on Security Journey Podcasts.2018-03-0900 min
The Application Security PodcastChris and Robert -- #AppSec RecommendationsChris and Robert go over a plethora of recommendations they have accumulated over their years of experience in the industry.Chris’s recommendations1. Book: Agile Application Security: Enabling Security in a Continuous Delivery Pipelineby Laura Bell (Author), Michael Brunton-Spall (Author), Rich Smith (Author), Jim Bird (Author)https://amzn.com/14919388462. Website: Iron GeekAdrian Crenshaw records many major, non-commercial security conferences and posts the talks to Youtubehttp://www.irongeek.com/3. Book: The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Techn...2018-03-0929 min
The Application Security PodcastChris and Robert -- Security ChampionsSecurity champions are the hands and feet of any well-equipped product security team. Robert and Chris introduce security champions, where to find them, why you need them, and how to set up a beginning champion program from scratch.Here are a few other resources that we’ve written about Security Champions:Do you have Security Champions in your company?Information security needs community: 6 ways to build up your teamsFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks...2018-01-2626 minApplication Security PodCastSecurity Champions (S03E02) – Application Security PodCastSecurity champions are the hands and feet of any well-equipped product security team. Robert and Chris introduce security champions, where to find them, why you need them, and how to set up a beginning champion program from scratch. Here are a few other resources that we’ve written about Security Champions: Do you have Security Champions [...]
The post Security Champions (S03E02) – Application Security PodCast appeared first on Security Journey Podcasts.2018-01-2600 minApplication Security PodCastShifting left (S03E01) – Application Security PodCastWelcome to season 3 of the podcast. In this episode, Robert and Chris interview Kevin Greene from Mitre. We discuss an article Kevin wrote about shifting left and explore codifying intuitions and new projects at Mitre that will bolster the knowledge of your developers and testers. Kevin brings up the lack of true results from [...]
The post Shifting left (S03E01) – Application Security PodCast appeared first on Security Journey Podcasts.2018-01-1900 min
The Application Security PodcastKevin Greene -- Shifting leftRobert and Chris interview Kevin Greene from Mitre. We discuss an article Kevin wrote about shifting left and exploring codifying intuitions and new projects at Mitre that will bolster the knowledge of your developers and testers. Kevin brings up the need for accurate results from the SAST and DAST tools on the market. He brings an exciting perspective, focusing on research and development at DHS.Kevin’s article on Dark ReadingCAWEATT&CKFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.yout...2018-01-1933 minApplication Security PodCastContainers Again (S02E20) – Application Security PodCastThis is the final interview from the #AppSecUSA Conference in Orlando, and Chris and Robert are joined by Brian Andrzejewski. He talks about containers, their usage within #AppSec, and about orchestrations. Rate us on iTunes and provide a positive comment, please!
The post Containers Again (S02E20) – Application Security PodCast appeared first on Security Journey Podcasts.2017-10-2400 min
The Application Security PodcastBrian Andrzejewski -- Containers AgainThis is the final interview from the #AppSecUSA Conference in Orlando, and Brian Andrzejewski joins Chris and Robert.He talks about containers, their usage within #AppSec, and orchestrations.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-10-2429 minApplication Security PodCastModSecurity and #AppSec (S02E19) – Application Security PodCastOn this weeks episode of the #AppSec Podcast, Robert and Chris are joined by Tin Zaw, an advocate for ModSecurity. He dives into its background, the use of rules, and the many advantages. Rate us on iTunes and provide a positive comment, please!
The post ModSecurity and #AppSec (S02E19) – Application Security PodCast appeared first on Security Journey Podcasts.2017-10-1700 min
The Application Security PodcastTin Zaw -- ModSecurity and #AppSecTin Zaw, an advocate for ModSecurity, joins Robert and Chris.He dives into its background, the use of rules, and the many advantages.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-10-1722 minApplication Security PodCastThe Exploitation of IoT (S02E18) – Application Security PodCastOn this weeks episode of the #AppSec Podcast, Robert and Chris are joined by Aditya Gupta. They speak with him about the many facets of IoT and some of its effects with pen testing, training, and mobile application security. Rate us on iTunes and provide a positive comment, please!
The post The Exploitation of IoT (S02E18) – Application Security PodCast appeared first on Security Journey Podcasts.2017-10-1000 min
The Application Security PodcastAditya Gupta -- The Exploitation of IoTAditya Gupta joins Robert and Chris.They speak with him about the many facets of IoT and some of its effects on pen testing, training, and mobile application security.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-10-1023 minApplication Security PodCastThe Future of the OWASP Proactive Controls (S02E17) – Application Security PodCastOn this episode of the Application Security Podcast, Chris and Robert talk to Jim Manico and Katy Anton about the OWASP Proactive Controls project. This is something we have talked about before, and they are looking for feedback on the update coming soon. Rate us on iTunes and provide a positive comment, please!
The post The Future of the OWASP Proactive Controls (S02E17) – Application Security PodCast appeared first on Security Journey Podcasts.2017-10-0300 min
The Application Security PodcastJim Manico and Katy Anton -- The Future of the OWASP Proactive ControlsChris and Robert talk to Jim Manico and Katy Anton about the OWASP Proactive Controls project. We have discussed this before, and they are looking for feedback on the upcoming update.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-10-0319 minApplication Security PodCastThreat Modeling (S02E15) – Application Security PodCastOn this weeks episode of the #AppSec Podcast, Chris and Robert are at #AppSecUSA. We hear a conference talk done by Robert on the topic of Threat Modeling. He goes more in depth than ever before on the show, and we hope you enjoy! Rate us on iTunes and provide a positive comment, please!
The post Threat Modeling (S02E15) – Application Security PodCast appeared first on Security Journey Podcasts.2017-09-1900 min
The Application Security PodcastRobert Hurlbut -- Threat ModelingOn this week's episode of the #AppSec Podcast, Chris and Robert are at #AppSecUSA.We hear a conference talk done by Robert on the topic of Threat Modeling. He goes more in-depth than ever before on the show.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-09-1947 min
The Application Security PodcastChris and Robert -- Passwords, Identity, and #AppSecRobert and Chris talk about Passwords, something we all are familiar with.They dive into specifics with passwords and threats that can occur with them. They also talk about how passwords interact with Identity and AppSec.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-09-1332 minApplication Security PodCastPasswords, Identity, and #AppSec (S02E14) – Application Security PodCastOn this episode, Robert and Chris talk about Passwords, something we all are familiar with. They dive into specifics with passwords and threats that can occur with them. They also talk about how passwords interact with Identity and AppSec. Rate us on iTunes and provide a positive comment, please!
The post Passwords, Identity, and #AppSec (S02E14) – Application Security PodCast appeared first on Security Journey Podcasts.2017-09-1300 min
The Application Security PodcastTanya Janca and Nicole Becher -- Hacking APIs and Web Services with DevSlopTanya and Nicole join Chris and Robert. They talk about what APIs are, how they are used, and some of the threats involved with them. They also look at what DevSlop and ZAP are in combination with APIs. FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-09-0534 minApplication Security PodCastHacking APIs and Web Services with DevSlop (S02E13) – Application Security PodCastOn this weeks episode, Chris and Robert are joined by Tanya and Nicole. They talk about what APIs are, how they are used, and some of the threats involved with them. They also look at what DevSlop and ZAP are in combination with APIs. As always, thanks for listening, and enjoy!
The post Hacking APIs and Web Services with DevSlop (S02E13) – Application Security PodCast appeared first on Security Journey Podcasts.2017-09-0500 minApplication Security PodCastAgile #AppSec (S02E12) – Application Security PodCastOn this week’s episode, Robert and Chris speak with Jon Mccoy and Jonathan Marcil about using Agile #AppSec in the Secure Development Lifecycle. They dive deeper into what is agile, how it can be used, some practical applications using security champions, and much more. Rate us on iTunes and provide a positive comment, please!
The post Agile #AppSec (S02E12) – Application Security PodCast appeared first on Security Journey Podcasts.2017-08-2900 min
The Application Security PodcastJon Mccoy and Jonathan Marcil -- Agile #AppSecRobert and Chris speak with Jon Mccoy and Jonathan Marcil about using Agile #AppSec in the Secure Development Lifecycle.They dive deeper into what agile is, how it can be used, some practical applications using security champions, and much more.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-08-2944 minApplication Security PodCastDocker Security and AppSec (S02E11) – Application Security PodCastA listener asked for a recommendation for a PodCast or Blog post about Docker security. We looked, couldn’t find one, so we decided to create one. Robert interviews Jay Beale from Inguardians and asks what is docker, what threats does it introduce, and what are the specific tie-ins with AppSec. Enjoy!
The post Docker Security and AppSec (S02E11) – Application Security PodCast appeared first on Security Journey Podcasts.2017-08-2200 min
The Application Security PodcastJay Beale -- Docker Security and AppSecA listener asked for a recommendation for a PodCast or Blog post about Docker security. We looked but couldn’t find one, so we created one. Robert interviews Jay Beale from Inguardians and asks what docker is, what threats it introduces, and the specific tie-ins with AppSec.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-08-2244 minApplication Security PodCastProactive Controls, AppSec USA, and Gartners MQ on AppSec Testing (S02E10) – Application Security PodCastRobert and I try a new format talking about a few topics per episode. We talk about changes with the Proactive Controls, AppSecUSA, and the Gartner Magic Quadrant for Application Security Testing. We mentioned the link to OWASP Proactive Controls to review the draft and suggest updates.
The post Proactive Controls, AppSec USA, and Gartners MQ on AppSec Testing (S02E10) – Application Security PodCast appeared first on Security Journey Podcasts.2017-08-1700 min
The Application Security PodcastChris and Robert -- Proactive Controls, AppSec USA, and Gartners MQ on AppSec TestingRobert and I try a new format for discussing a few topics per episode. We discuss changes with the Proactive Controls, AppSecUSA, and the Gartner Magic Quadrant for Application Security Testing. We mentioned the link to OWASP Proactive Controls to review the draft and suggest updates.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-08-1722 minApplication Security PodCastBlackhat Security Conference (S02E09) – Application Security PodCastOn this episode of the AppSec Podcast. We talk with Robert about his experiences at the Blackhat Security Conference. He’s going to explain some of the AppSec focused parts of the conference, and more about the Alec Stamos Keynote. Rate us on iTunes and provide a positive comment, please!
The post Blackhat Security Conference (S02E09) – Application Security PodCast appeared first on Security Journey Podcasts.2017-08-0800 min
The Application Security PodcastRobert Hurlbut -- Blackhat Security ConferenceWe talk with Robert about his experiences at the Blackhat Security Conference.He will explain some of the AppSec-focused parts of the conference and more about the Alec Stamos Keynote.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~2017-08-0821 minApplication Security PodCastControversy within the OWASP Top 10 RC (S02E02) – Application Security PodCastOn this episode of the application security podcast, Robert and I jump over a wall. Just kidding. This isn’t Top Gear. This is our second episode of season two of the #AppSec PodCast. Robert and I talk about the OWASP Top 10 2017 release candidate. We walk through what is the OWASP Top 10, and what [...]
The post Controversy within the OWASP Top 10 RC (S02E02) – Application Security PodCast appeared first on Security Journey Podcasts.2017-05-3000 min
The Application Security PodcastChris and Robert -- Controversy within the OWASP Top 10 RCOn this episode of the application security podcast, Robert and I jump over a wall. Just kidding. This isn’t Top Gear.This is our second episode of season two of the #AppSec PodCast. Robert and I talk about the OWASP Top 10 2017 release candidate. We walk through what the OWASP Top 10 is and what some of the controversies surround the changes made for this year.Rate us on iTunes and provide a positive comment, please!FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube...2017-05-3031 minApplication Security PodCastSecurity in the Design and Architecture (S02E01) – Application Security PodCastWelcome to the second season of the #AppSec PodCast. Robert and I are back at it, interviewing experts from across the world of application security. This episode is an interview Robert and I did with Brook Schoenfield (@BrkSchoenfield) during the RSA Conference 2017. Brook S.E. Schoenfield is a Distinguished Engineer at Intel Security Group. At Intel [...]
The post Security in the Design and Architecture (S02E01) – Application Security PodCast appeared first on Security Journey Podcasts.2017-05-2300 minThe Application Security PodcastBrook S.E. Schoenfield -- Security in the Design and ArchitectureThis episode is an interview Robert and I did with Brook Schoenfield (@BrkSchoenfield) during the RSA Conference 2017.Brook S.E. Schoenfield is a Distinguished Engineer at Intel Security Group. At Intel Security (including the former McAfee), Mr. Schoenfield is the senior technical leader for delivering software products that protect themselves and Intel Security’s customers. He has been a security architecture leader at global technology companies for over 15 years of his 30+ years in high tech. He is a founding member of IEEE’s Center For Secure Design.We discuss secure design, architecture, and threat modeling. Broo...2017-05-2354 min
The Application Security PodcastRafal Los, James Jardine, and Michael Santarcangelo -- #DtSR and What Makes a Good Security Consultant?Greetings all! We have a treat for you in this episode. The crew joins Robert and me from the Down the Security Rabbit Hole Podcast. This includes Rafal Los (@wh1t3rabbit), James Jardine (@jardinesoftware), and Michael Santarcangelo (@catalyst). This is a unique conversation for me because the AppSec PodCast was born from my first interview with #DtSR. I was featured on DtSR Episode 204 in July 2016 after a friend suggested me to Raf on Twitter. (Thanks, Nigel!) The DtSR episode was entitled “On Changing Culture.” I had listened to these guys on and off for years and now had the c...2017-01-1237 minApplication Security PodCastInterview: #DtSR and What Makes a Good Security Consultant? (S01E17) – Application Security PodCastGreetings all! We have a treat for you this episode. Robert and I are joined by the crew from the Down the Security Rabbit Hole Podcast. This includes Rafal Los (@wh1t3rabbit), James Jardine (@jardinesoftware), and Michael Santarcangelo (@catalyst). This is a special conversation for me, because the AppSec PodCast was born from the first interview [...]
The post Interview: #DtSR and What Makes a Good Security Consultant? (S01E17) – Application Security PodCast appeared first on Security Journey Podcasts.2017-01-1200 minApplication Security PodCastInterview: Think like an Attacker or Accountant? (S01E16) – Application Security PodCastOn this episode, Robert and I are joined by Adam Shostack (@adamshostack). Adam is a well known speaker and thought leader in the world of application security. We speak with Adam about how to connect with development teams. This all started about a year ago, when Adam tackled the issue of thinking like a hacker, [...]
The post Interview: Think like an Attacker or Accountant? (S01E16) – Application Security PodCast appeared first on Security Journey Podcasts.2017-01-0400 min
The Application Security PodcastAdam Shostack -- Think like an Attacker or Accountant?On this episode, Robert and I are joined by Adam Shostack (@adamshostack). Adam is a well-known speaker and thought leader in application security. We speak with Adam about how to connect with development teams. This all started about a year ago when Adam tackled the issue of thinking like a hacker and why he wanted people to think differently. We dive deep into this issue, but many other exciting nuggets also fall out in conversation.FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Than...2017-01-0428 minApplication Security PodCastInterview: Natural Paranoia as a Career Path? A Transition to Security (S01E13) – Application Security PodCastOn this episode, Robert and I are joined by Tracy Maleeff. Tracy is an InfoSec enthusiast with a MLIS degree. She has mad research and organizational skills. She co-hosts the PVCSec podcast. You can find Tracy on Twitter @InfoSecSherpa. Tracy is in the midst of a career transition. She began her career in Library Sciences, [...]
The post Interview: Natural Paranoia as a Career Path? A Transition to Security (S01E13) – Application Security PodCast appeared first on Security Journey Podcasts.2016-12-0600 min
The Application Security PodcastTracy Maleeff -- Natural Paranoia as a Career Path? A Transition to SecurityIn this episode, Robert and I are joined by Tracy Maleeff. Tracy is an InfoSec enthusiast with an MLIS degree. She has mad research and organizational skills. She co-hosts the PVCSec podcast. You can find Tracy on Twitter @InfoSecSherpa.Tracy is in the midst of a career transition. She began her career in Library Sciences and is moving into Information Security. We discussed the challenges of transition, how to network and connect, a process for transition, and three actionable things for those that want to make a transition. Enjoy!FOLLOW OUR SOCIAL MEDIA: ➜Tw...2016-12-0637 minApplication Security PodCastFoundations: Security Community at Any Scale (S01E12) – Application Security PodCastOn this episode, Robert interviews Chris about security community. Chris talks about the experiences he’s had doing security community at a large organization for 5+ years. Robert keeps pushing Chris to make this applicable for small companies as well. You’ll hear best practices for how you can build security community in your org, including monthly [...]
The post Foundations: Security Community at Any Scale (S01E12) – Application Security PodCast appeared first on Security Journey Podcasts.2016-11-2900 min
The Application Security PodcastChris Romeo -- Security Community at Any ScaleIn this episode, Robert interviews Chris about the security community. Chris talks about his experiences doing security community at a large organization for 5+ years. Robert keeps pushing Chris to make this applicable to small companies as well. You’ll hear best practices for building a security community in your org, including monthly training sessions, lunch and learns, and even an internal security conference. Chris also offers the profound statement that “everyone eats lunch.”FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listenin...2016-11-2927 min
The Application Security PodcastMike Landeck -- Security Must Meet the Needs of the BusinessMike Landeck joins Robert and me. Mike is a Cyber security evangelist, AppSec junky & Docker Security geek, and can be found on Twitter @MikeLandeck.We interviewed Mike in person at the ISC2 Security Congress event in Orlando, Florida. We discussed his latest talk on breach fatigue, the need to reach outside the echo chamber of security, Twitter as a news source for security, secure coding, and many other things.Please enjoy, and search for something you can apply directly into your day-to-day life!FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The...2016-10-2536 minApplication Security PodCastInterview: Security Must Meet the Needs of the Business (S01E08) – Application Security PodCastRobert and I are joined by Mike Landeck. Mike is a Cyber security evangelist, AppSec junky & Docker Security geek, and can be found on twitter @MikeLandeck. We interviewed Mike in person at the ISC2 Security Congress event in Orlando, Florida. We discussed his latest talk on breach fatigue, the need to reach outside the [...]
The post Interview: Security Must Meet the Needs of the Business (S01E08) – Application Security PodCast appeared first on Security Journey Podcasts.2016-10-2500 min
The Application Security PodcastDaniel Ramsbrock -- Web Application Pen Testing – Part 2On this two-part episode of the Application Security PodCast, Robert and I speak with Daniel Ramsbrock about Web App Penetration testing. In part two, we focus on the process of pen testing and web app pen testing.I (Chris) connected with Daniel through the RVASec security conference in Richmond, Virginia. Daniel has been in security for over ten years, focusing most of that time on application security. He spent two years as a full-time consultant at Cigital and is now doing independent AppSec consulting through his company, Enigma Technologies. We hope you enjoy it!FOLLOW...2016-10-1831 minApplication Security PodCastFoundations: Web Application Pen Testing – Part 2 (S01E07) – Application Security PodCastOn this two part episode of the Application Security PodCast, Robert and I speak with Daniel Ramsbrock about Web App Penetration testing. In part two, we focus on the process of pen testing and web app pen testing. I (Chris) connected with Daniel through the RVASec security conference in Richmond, Virginia. Daniel has been in [...]
The post Foundations: Web Application Pen Testing – Part 2 (S01E07) – Application Security PodCast appeared first on Security Journey Podcasts.2016-10-1800 minApplication Security PodCastFoundations: Web Application Pen Testing – Part 1 (S01E06) – Application Security PodCastOn this two part episode of the Application Security PodCast, Robert and I speak with Daniel Ramsbrock about Web App Penetration testing. In part one, we focus on the difference between pen testing and web app pen testing, where pen testing fits in you development methodology (waterfall, agile, and DevOps) and why someone should care [...]
The post Foundations: Web Application Pen Testing – Part 1 (S01E06) – Application Security PodCast appeared first on Security Journey Podcasts.2016-10-1800 min
The Application Security PodcastDaniel Ramsbrock -- Web Application Pen Testing – Part 1On this two-part episode of the Application Security PodCast, Robert and I speak with Daniel Ramsbrock about Web App Penetration testing. In part one, we focus on the difference between pen testing and web app pen testing, where pen testing fits your development methodology (waterfall, agile, and DevOps), and why someone should care about it.I (Chris) connected with Daniel through the RVASec security conference in Richmond, Virginia. Daniel has been in security for over ten years, focusing most of that time on application security. He spent two years as a full-time consultant at Cigital and is...2016-10-1831 min
The Application Security PodcastMatt Clapham -- Development Security MaturityRobert and I are joined today by Matt Clapham. Matt “makes products more secure” I mean, hey, his Twitter handle is @ProdSec.The topic of this interview is what Matt calls development security maturity. This concept is based on Matt’s research and his talk at RSA. Matt created a simple process to measure the maturity of development security by looking at five key behaviors. We cover the what and why of development security, the five key behaviors, and scoring and reporting. In conclusion, we discuss how to make the results of an assessment actionable.Matt’s...2016-10-1148 minApplication Security PodCastFoundations: Development Security Maturity (S01E05) – Application Security PodCastRobert and I are joined today by Matt Clapham. Matt “makes products more secure”, I mean, hey, his Twitter handle is @ProdSec. The topic of this interview is what Matt calls development security maturity. This concept is based on Matt’s research and also a talk he delivered at RSA. Matt created a simple process to [...]
The post Foundations: Development Security Maturity (S01E05) – Application Security PodCast appeared first on Security Journey Podcasts.2016-10-1100 min