The Application Security Podcast
Chris Romeo and Robert Hurlbut
Publishing Details
About This Podcast
Chris Romeo and Robert Hurlbut dig into the tips, tricks, projects, and tactics that make various application security professionals successful. They cover all facets of application security, from threat modeling and OWASP to DevOps+security and security champions. They approach these stories in an educational light, explaining the details in a way those new to the discipline can understand. Chris Romeo is the CEO of Devici and a General Partner at Kerr Ventures, and Robert Hurlbut is a Principal Application Security Architect focused on Threat Modeling at Aquia.
Podcasting 2.0 Features
Social Media
Explore Statistics
Recent Episodes
S13E5 Josh Grossman--AI & SAST: Is it a match?
AI coding tools are accelerating development fast, but they’re also exposing the limits of traditional AppSec tooling. Josh Grossman, CTO of Bounce Security and longtime AppSec consultant, joins the…
S13E4 Dwayne McDaniel -- Secrets Sprawl and How AI is Impacting Secrets
GitGuardian found 29 million hard-coded secrets leaked in public GitHub commits in a single year, a 34% jump and the biggest spike they've ever recorded. Dwayne McDaniel joins to break down why AI…
S13E3 Tanya Janca - Secure Vibe Coding
AI isn’t just helping developers anymore; it’s writing the code, and that changes everything. In this episode, Tanya Janca breaks down “vibe coding,” the hidden security risks behind it, and how…
S13E2 Caroline Wong--The AI Cybersecurity Handbook
Caroline Wong, author of The AI Cybersecurity Handbook and Chief Strategy Officer at Axari, is back! Caroline shares how AI is rapidly changing AppSec, driving massive increases in code, accelerating…
S13E1 Steve Wilson--OpenClaw and Advanced AI Agents
In this episode of the Application Security Podcast, Chris Romeo and Robert Hurlbut welcome back Steve Wilson, a global leader in AI security and Chief AI and Product Officer at Exabeam, as well as…
S12E20 Brad Geesaman - Redefining AppSec with AI: Shrinking Toil, Expanding Impact - How LLMs are able to reduce toil in triage-heavy AppSec workflows
Brad Geesaman, Principal Security Engineer at Ghost, joins the podcast today to explore how AI and large language models are transforming the world of application security. The discussion starts with…
S12E19 OWASP Candidate Debate - 2025 Edition
In this special episode of the Application Security Podcast we meet nine of the OWASP Board of Directors candidates. Each candidate discusses their unique qualifications, experiences, and vision for…
S12E18 Francesco Cipollone - Agentic AI Manifesto
Francesco Cipollone, the CEO of Phoenix Security, shares his extensive experience in AI and security, discussing the crucial difference between true AI agents and glorified chatbots. Learn why…
S12E17 Simon Gibbs & Devika Gibbs -- Building Bridges with Games
Simon and Devika Gibbs, the innovative minds behind Cybersec Games, join us on the episode today. Discover how the Gibbs duo are revolutionizing the way we teach and learn security concepts through…
S12E16 Akansha Shukla - Modern AppSec: Securing APIs with Threat Modeling and DevSecOps
Our guest today is Akansha Shukla, an information security professional with over 10 years of experience in application security, DevSecOps, and API security. We’re discussing why API security…
S12E15 Getting Ready for the EU CRA
The European Union's Cyber Resilience Act is set to revolutionize how we approach product security worldwide. In this episode, we sit down with application security expert Nariman Aga-Tagiyev to…
S12E13 Marisa Fagan - Measuring Security Culture
Marisa Fagan, Head of Product at Katilyst and veteran security culture expert joins us today to share practical strategies for building and scaling security champions programs that actually work,…
S12E12 Aram Hovsepyan -- Your Security Dashboard is Lying to You: The Science of Metrics
Aram Hovsepyan joins the podcast today to chat about the misconceptions behind common security metrics. Aram tells us how total vulnerability counts and CVSS scores can be misleading and he…
S12E11 Sean Varga -- OWASP Top 10 for AppSec Sales
We’re discussing the intersections of application security (AppSec) and sales strategy with our guest, Sean Varga. Sean shares the unique challenges and best practices in AppSec sales, like the…
S12E10 Sarah-Jane Madden -- What AI means for AppSec
Sarah Jane Madden joins us to discuss the evolving role of AI in software development. We reflect on the changes and challenges posed by AI, including the potential for over-reliance and the…
S12E9 Dag Flachet -- Kaizen for your Appsec Program
Dag Flachet joins us to discuss the concept of Kaizen and its application in improving application security. Dag shares his journey into the world of security, emphasizing the importance of…
S12E8 Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications
Andra Lezza and Javan Rasokat discuss the complexities of securing AI and LLM applications. With years of experience in Application Security (AppSec), Andra and Javan share their journey and lessons…
S12E7 Jim Routh -- The CISO Transition to the rest of life
Former CISO Jim Routh discusses his perspective on retirement and career fulfillment in cybersecurity. Rather than viewing retirement as simply stopping work, Routh describes his three-filter…
S12E6 Henrik Plate -- OWASP Top 10 Open Source Risks
Henrik Plate joins us to discuss the OWASP Top 10 Open Source Risks, a guide highlighting critical security and operational challenges in using open source dependencies. The list includes risks like…
S12E5 Tanya Janca -- A Secure SDLC from a Developer's Perspective
Security expert Tanya Janca discusses her new book "Alice and Bob Learn Secure Coding" and shares insights on making security accessible to developers. In this engaging conversation, she explores how…
Frequently Asked Questions
The Application Security Podcast has published 301 episodes since September 2016, covering topics in Education, How To.
The Application Security Podcast is currently highly active with new episodes every 2 weeks. Average episode length is 37m.
Similar Podcasts
Cup Of Justice
LUNASHARK
188 episodes
Wholesaling Inc with Brent Daniels
Find distressed properties for pennies on the dollar and turn them for huge profits!
1,872 episodes
How to Buy a Home: The #1 First Time Home Buyer Podcast
David Sidoni
496 episodes
Mac Geek Gab — Apple Tips, Tricks, and Troubleshooting
Dave Hamilton, Pilot Pete & Adam Christianson
1,145 episodes
Programming Throwdown
Patrick Wheeler and Jason Gauci
188 episodes
Programming Throwdown
Patrick Wheeler and Jason Gauci
188 episodes