Absolute AppSec

By: Ken Johnson and Seth Law
Listen for free

  • Summary

  • A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
    Show More Show Less
Show More Show Less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • Episode 265 - w/ Scott Norberg - Static Analysis

    Episode 265 - w/ Scott Norberg - Static Analysis
    Oct 29 2024
    Scott Norberg joins Ken Johnson and Seth Law for an episode of Absolute AppSec all about SAST. Scott is an ASP.NET Security Consultant, Author, Researcher and Speaker. In addition to running his Opperis Technologies consultancy, Scott has recently begun working as lead application security architect at CDW. Before that he worked as Lead Application Security engineer at Gallagher and was a Senior Consultant with the AppSec team at Coalfire. He has been a web security specialist for nearly two decades, and holds several certifications, including Microsoft Certified Technology Specialist (MCTS), certifications for ASP.NET and SQL Server, and a Certified Information Systems Security Professional (CISSP) and CCSP certification. He also has an MBA from Indiana University. To find out more about Scott check out his website https://scottnorberg.com/ as well as his 2020 book Advanced ASP NET Core Security Vulnerabilities.
    Show More Show Less
    Less than 1 minute
  • Episode 264 - w/ Jeremy Long - Software Composition Analysis

    Episode 264 - w/ Jeremy Long - Software Composition Analysis
    Oct 17 2024
    Jeremy Long (@ctxt on social media), Principal Security Engineer at Service Now and project founder and lead for the OWASP Dependency Check project joins Ken Johnson (@cktricky) and Seth Law (@sethlaw). Jeremy spent a decade and a half as a lead application security engineer and principal engineer at Wells Fargo before joining ServiceNow. He has spent years developing processes for automated security analysis of software libraries and techniques for improving real-time application protection (RTAP) systems. Make sure to set time aside for a discussion on Jeremy's insights into improving security systems through dependency analysis and managing industry projects.
    Show More Show Less
    Less than 1 minute
  • Episode 263 - WebApp Fuzzing, Mobile Testing, Secrets Management

    Episode 263 - WebApp Fuzzing, Mobile Testing, Secrets Management
    Oct 8 2024
    Ken and Seth return for Episode #263 and start with a discussion around web application fuzzing and the deficiencies of vulnerability and exploit-focused dynamic testing, a common thread in Seth's ranting. This is followed by a discussion on mobile testing and attempting to control security through client-side controls, spurred by an article that compares security in the McDonald's Android app to various banking apps. The final topic is around secrets management and use of the dotenv (.env) file for storing secrets.
    Show More Show Less
    Less than 1 minute

What listeners say about Absolute AppSec

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.co.uk reviews

Amazon reviews
No Reviews are Available