In this episode of The Hacker’s Cache, Kyser Clark interviews John Kounelis, a Senior Product Security Engineer with a background in software development and AppSec. John shares how discovering vulnerabilities in his own code led him to a full-time role in application security, and explains the key differences in AppSec across defense, biotech, and SaaS industries. They discuss the realities of bug bounty hunting, the limitations of CTFs, how developers unintentionally introduce vulnerabilities, and why understanding vulnerability chaining is critical for advanced web app testing. Whether you're transitioning from development to security or looking to sharpen your real-world pentesting skills, this episode delivers practical insight into what it truly takes to thrive in AppSec.

Connect with John Kounelis on LinkedIn: https://www.linkedin.com/in/john-k-765b42148/

Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY


Music by Karl Casey @ White Bat Audio

Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.

Opinions are my own and may not represent the positions of my employer.