The Elephant in AppSec
By The Elephant in AppSec
Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Image by The Elephant in AppSec
Category: Technology
Open in Apple Podcasts
Open RSS feed
Open Website
Rate for this podcast
Subscribers: 1
Reviews: 0
Episodes: 88
Description
Time to discuss AppSec issues no one talks about.
| Episode | Date |
|---|---|
|
Why Security Loses Influence in High-Growth Companies (And What to Do About It) with Kavia Venkatesh
|
May 20, 2026 |
|
The Lethal Trifecta or why your AI agent knows too much - Jason Fernandes
|
May 11, 2026 |
|
25 years of the same problem in Application Security - Sam Stepanyan
|
Apr 22, 2026 |
|
Should security belong in every AI strategy meeting? with Amol Deshpande
|
Dec 29, 2025 |
|
What Mindset Shift Developers Need to Break Into Security? with Aleksandra Kornecka
|
Dec 24, 2025 |
|
Is the AI–API interaction the biggest security blind spot? with Gowtham Sundar
|
Dec 20, 2025 |
|
What best drives the adoption of secure software practices? with Enrique Larios Vargas
|
Dec 11, 2025 |
|
Why AppSec Needs More Than Just a Checkbox ⎢ Marcos Vinicius Cassel
|
Dec 03, 2025 |
|
The Supply Chain Crisis We Created: How AI, Extensions, and Dependencies Became the New Attack Surface with Aamiruddin Syed
|
Nov 26, 2025 |
|
Why AppSec Is breaking: Vibe Coding, DevSecOps backlogs & the new OWASP Top 10 (with Tanya Janca)
|
Nov 13, 2025 |
|
Secure by Design: Who’s Really Responsible? with Abhijeth Dugginapeddi
|
Nov 04, 2025 |
|
The Pressure of Security Leadership: What SLAs Actually Work? with Terry O'Daniel
|
Oct 19, 2025 |
|
Can We Make AI Agents Smarter Than Security Teams? with Anshuman Bhartiya
|
Sep 25, 2025 |
|
Why DevSecOps isn't enough without deep cloud context with Anjali Singh Shukla
|
Sep 24, 2025 |
|
Decoding a Healthy Security Program: What Does "Healthy" Even Mean? with Maxwell Zhou
|
Sep 18, 2025 |
|
Why SAP Security Can be a Hidden Weakness for Enterprises with Oumaima Baira
|
Sep 12, 2025 |
|
Latin America’s AppSec Culture: What’s Lost (and Found) in Translation?
|
Sep 05, 2025 |
|
OWASP SAMM vs BSIMM: Which Maturity Model Reigns Supreme?
|
Aug 27, 2025 |
|
Security Culture: When Are We Really Creating Change? with Marisa Fagan
|
Aug 21, 2025 |
|
Security Wins Only When Institutionalized – Here’s Why!⎜Kevan Bard
|
Aug 15, 2025 |
|
Why Your Security Program Might Be Failing Before It Even Starts with Sean Finley
|
Aug 08, 2025 |
|
The Future of Pentesting: Can AI Replace Human Expertise?
|
Jul 29, 2025 |
|
How to Fix the Lack of Clear Guidance in Building Effective Security Programs | Luís Fontes
|
Jul 17, 2025 |
|
AI Security: Do You Need a Dedicated Vendor? | Insights with James Berthoty
|
Jul 10, 2025 |
|
Why AppSec isn’t just for tech — Surprising Insights ⎜ Olga Dzięgielewska
|
Jun 17, 2025 |
|
Are Traditional WAFs Dead? The Impact of OpenAPI Specs on Web Security with Nathan Byrd
|
Jun 06, 2025 |
|
Finding AppSec tools that developers love — is it possible? with Linda Fay
|
May 30, 2025 |
|
What Most Security Teams Miss: An Engineering Manager’s Take on AppSec with Desmond Lamptey
|
May 27, 2025 |
|
Compliance in Cyber: Can Regulation and Innovation coexist?⎜Chris Hughes
|
May 23, 2025 |
|
The Future of Product Security: Quality Engineering or something more? with Michael Novack
|
May 16, 2025 |
|
Should We Fix All Bad Code? with Eitan Worcel
|
May 09, 2025 |
|
AI, Speed, and Startup Chaos: Is ‘Minimum Viable Security’ the Fix? ⎜ Kalyani Pawar
|
May 02, 2025 |
|
Security IDE Plugins: Can They Really Boost Your Coding Security? ⎜Jamie Scott
|
Apr 18, 2025 |
|
DAST Tools: Can We Change the AppSec Community Perception? with Chris Lindsey
|
Apr 09, 2025 |
|
Secure Coding — Can we make it happen? with Tanya Janca
|
Apr 03, 2025 |
|
How Psychology Really Shapes AppSec Wins & Fails ⎢ Curtis Koenig
|
Mar 28, 2025 |
|
The Open Source Security Crisis: Is Trust the Weakest Link in Supply Chain? with François Proulx
|
Mar 19, 2025 |
|
Are we truly managing Third-Party risks, or just playing security theater? ⎢Rachel Curran
|
Mar 14, 2025 |
|
Hyped or Helpful? The Truth About Reachability & Developer Buy-In ⎢ Nir Valtman
|
Mar 06, 2025 |
|
DevSecOps vs. Reality: What You REALLY Need to Succeed!
|
Feb 28, 2025 |
|
Unpacking Opengrep—A Deep Dive with Its Backing Teams
|
Feb 19, 2025 |
|
Is There a Secret to Mastering Threat Modeling at Scale? Ashwini Siddhi (GoDaddy)
|
Feb 14, 2025 |
|
Can You Really Quantify AppSec ROI? Here’s the Truth! ⎜Irfaan Santoe
|
Feb 03, 2025 |
|
How to Fix API Security Before It’s Too Late ⎜ Confidence Staveley
|
Jan 28, 2025 |
|
The Untold Benefits of Continuous Threat Modeling You Didn’t Know About ⎜Izar Tarandach
|
Jan 20, 2025 |
|
What does “collaborate with engineering” actually mean in AppSec? ⎜Koen Hendrix (Zendesk)
|
Jan 15, 2025 |
|
Is your organization mature enough for its first AppSec hire?⎢Akira Brand
|
Dec 24, 2024 |
|
Are we overlooking Kubernetes security in the race to deploy applications - Raunaq Arora
|
Dec 19, 2024 |
|
Is it actually realistic to see everyone as the greatest ally in security? - Alina Yakubenko
|
Dec 16, 2024 |
|
Can DevSecOps Maturity Models Fail? The Hidden Gaps in AppSec Programs ⎜Timo Pagel
|
Dec 11, 2024 |
|
Risk, Product Management, and Supply Chain Security: Is There a Connection? ⎜Jesus Cuadrado
|
Dec 04, 2024 |
|
How hard is it to make DevSecOps work in a Hybrid Cloud? ⎜Michael Tayo
|
Dec 02, 2024 |
|
Is It Possible to Maximize the Effectiveness of Security Champions? ⎜ Magdalena Modric
|
Nov 25, 2024 |
|
Hacker Turned Policy Builder: What They Don’t Want You to Know
|
Nov 15, 2024 |
|
Why Is Transforming Company Culture for Product Security So Challenging? ⎜ Ariel Shin
|
Oct 30, 2024 |
|
The API Governance Problem: Why Your API Security Is at Risk (And How to Fix It) ⎜Akansha Shukla
|
Oct 23, 2024 |
|
AI Chatbots: Security Disaster or Can We Build Them Securely? ⎜Ante Gojsalic & Benjamin Dulieu
|
Oct 15, 2024 |
|
Open Source vs. Commercial Software: The Ultimate Showdown⎜Kyle Kelly
|
Oct 10, 2024 |
|
Privacy vs. Application Security: Can They Truly Coexist? | Kim Wuyts
|
Oct 01, 2024 |
|
From PhD to AppSec: How to Bridge the Gap Between Research & Security Tools | Diego Sempreboni
|
Sep 24, 2024 |
|
AppSec for Startups: Critical or Overlooked? | Rob Picard
|
Sep 20, 2024 |
|
What are the risks associated with open source? | Kaiwen Jiang
|
Sep 12, 2024 |
|
Season 2 The Elephant in AppSec Podcast Trailer
|
Sep 06, 2024 |
|
AI Security - How hard is it to develop secure AI? ⎪Rob van der Veer
|
Jul 07, 2024 |
|
We Don’t Let the Bad Guys Win: Is It Possible with All Third-Party Apps in Oil & Gas? ⎜Catharina "DD" Budiharto
|
Jun 20, 2024 |
|
Why “shift-left” isn’t good enough ⎪Chris Romeo
|
Jun 07, 2024 |
|
What are the Non-Human Identity challenges? ⎪Andrew Wilder and Amir Shaked
|
May 23, 2024 |
|
API Security: Are Vendors Just Blowing Smoke? ⎪David Homoney
|
May 21, 2024 |
|
The Truth About Software Supply Chain Risks ⎪Cassie Crossley
|
May 10, 2024 |
|
How secure are your digital wallets? ⎪Max Imbiel (Bitpanda)
|
Apr 29, 2024 |
|
How security research can earn you $20m in tokens ⎪Swan Beaujard
|
Apr 29, 2024 |
|
Securing cloud native applications: how hard is it? ⎪Mihir Shah
|
Apr 12, 2024 |
|
Are custom security tests a product security superpower? ⎜Keshav Malik (LinkedIn)
|
Apr 01, 2024 |
|
The art and science of product security ⎥Jacob Salassi (Snowflake)
|
Mar 21, 2024 |
|
Security Consultant vs. In-House Engineer: The Showdown⎜Ric Campo
|
Mar 05, 2024 |
|
Developers and security training: can they co-exist?⎜Laura Bell Main
|
Feb 29, 2024 |
|
Adversarial machine learning: what is it and are we ready? ⎜Anmol Agarwal
|
Feb 23, 2024 |
|
AppSec vendors and CISOs: a love - hate relationship? ⎜Olivia Rose
|
Feb 15, 2024 |
|
Pentesting: What are the actual benefits?⎥Harsh Modi
|
Feb 08, 2024 |
|
Security champion program: A must or completely useless? ⎥Dustin Lehr
|
Feb 01, 2024 |
|
Is Gen AI your new AppSec weapon?
|
Jan 26, 2024 |
|
Security training: Necessary investment or overrated expense?⎥Mel Reyes
|
Jan 26, 2024 |
|
What is ASPM: A breakdown of the current state and its future
|
Jan 11, 2024 |
|
SCADA systems: How secure are the systems running our infrastructure? ⎥Malav Vyas
|
Jan 04, 2024 |
|
Threat modeling: the future of cybersecurity or another buzzword⎥Derek Fisher
|
Dec 21, 2023 |
|
Security experience: top-down vs bottom-up⎥Jeevan Singh (Rippling, Twilio)
|
Dec 13, 2023 |
|
Lack of effective DAST tools⎥Aleksandr Krasnov (Meta, Thinkific, Dropbox)
|
Nov 30, 2023 |
|
The Elephant in AppSec Podcast Trailer | Escape
|
Nov 29, 2023 |