Absolute AppSec

Written by: Ken Johnson and Seth Law
Listen for free

  • Summary

  • A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
    Show more Show less
Show more Show less
Episodes
  • Episode 275 - OpenGrep Summary, Secure By Design, Confusion Attacks

    Episode 275 - OpenGrep Summary, Secure By Design, Confusion Attacks
    Feb 11 2025
    Ken and Seth are back for another episode that starts with a summary of the Semgrep and OpenGrep break. This is followed by Google's recent article titled Secure By Design: Google's Blueprint for a High-Assurance Web Framework. Google is focused on protections within the browser, given their products and business, but the controls and overall process are relevant to most application security programs. Finally, a discussion of Orange Tsai's research on Confusion Attacks within Apache that was number one in Portswigger's Top 10 Web Hacking Techniques of 2024.
    Show more Show less
    Less than 1 minute
  • Episode 274 - Semgrep/OpenGrep, Saying "No" in Security

    Episode 274 - Semgrep/OpenGrep, Saying "No" in Security
    Feb 4 2025
    Seth and Ken return for another week to review current articles and happenings in the application security world. Specifically, they spend some time reacting to the news that the Semgrep Community version has been forked as Opengrep by a number of vendors. This occurs as a result of Semgrep changing the licenses on their open source rules to prevent use in competitor products. Also a discussion spurred by Rami McCarthy's recent article on how "No" is still appropriate and security shouldn't be a rubber stamp for any organization.
    Show more Show less
    Less than 1 minute
  • Episode 273 - Josh Larsen - Ghost Security

    Episode 273 - Josh Larsen - Ghost Security
    Jan 28 2025
    Josh Larsen, co-founder of CTO of Ghost Security, joins Seth Law and Ken Johnson on January 28th at 12 Noon Eastern time. Before Ghost Security, Josh was a co-founder and CEO of Darkbit and before that of the Blackfin Security Group. Larsen led the GTM strategy for both startups, and Darkbit and Blackfin Security Group were acquired by Aqua Security and Symantec Corporation, respectively. Ghost Security (https://ghostsecurity.com/) was founded so development shops and AppSec teams had a tool to perform autonomous application security using Agentic AI with the goal of helping teams discover, test, and mitigate risks in real time. Josh (joshlarsen on Linked In, @josh_larsen on X/Twitter) has been in the industry for 25 years working as a security program manager and consultant as well as building products that improve the security landscape. Be sure to tune in as Seth and Ken talk through his experiences in the field as well as gleaning his insights about the future of AppSec.
    Show more Show less
    Less than 1 minute

What listeners say about Absolute AppSec

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.ca reviews

Amazon Reviews
No reviews are available