Absolute AppSec cover art

Absolute AppSec

Absolute AppSec

By: Ken Johnson and Seth Law
Listen for free

About this listen

 A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
activate_mytile_page_redirect_t1
Episodes
  • Episode 285 - easyjson, Software Dependencies, Breaches

    Episode 285 - easyjson, Software Dependencies, Breaches
    May 13 2025
    News this week has been dominated by dependency issues and attribution towards unwanted nation states and actors. Specifically, easyjson is developed by a Russian firm that is under sanctions. The podcast duo discuss the implications and how to protect apps from sub-dependency threats. This leads to a deep dive into breaches and whether a breach has an effect on the industry, company, or individual. Current regulations and certifications can be lost, but does not always have the effect we would expect.
    Show More Show Less
    Less than 1 minute
  • Episode 284 - BSidesSF/RSA Recap, Vibe Coding, WebAuthN

    Episode 284 - BSidesSF/RSA Recap, Vibe Coding, WebAuthN
    May 6 2025
    Back after a hiatus for both BSidesSF and RSA, Seth and Ken recap their experience at both conferences. TL;DR - BSidesSF is great for technical security content and community, RSA focuses on sales for mostly large organizations and budgets. Two sides of the security industry coin and depends on preferences for which makes the most sense for career or business growth. This is followed by a short discussion on vibe coding educational security tools. Episode wraps with an article on MFA phishing and how WebAuthN helps prevent accidental exposure.
    Show More Show Less
    Less than 1 minute
  • Episode 283 - Intentionally-Vulnerable MCP Server, Hallucinating Software Packages

    Episode 283 - Intentionally-Vulnerable MCP Server, Hallucinating Software Packages
    Apr 22 2025
    Ok, so vulnerable MCP tools are a thing now? Ken demonstrates installing and running an intentionally vulnerable MCP server with a bunch of example issues. Following is a discussion of the recent article and research around hallucinations of 3rd party dependencies/libraries in AI-Generated Python and JavaScript. New attack targets all dependent on how creative the LLM is allowed to be. A short aside on why we talk about AI and LLMs so much.
    Show More Show Less
    Less than 1 minute

What listeners say about Absolute AppSec

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com.au reviews

Amazon Reviews
No Reviews are Available
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.