Farshad Abasi

The AppSec Insiders

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs.  If you’re an AppSec professional looking for an opportunity to work with some of the best in the industry, or a developer with an interest in cybersecurity, be sure to check out our careers page at...

Auteur

Farshad Abasi

Catégorie

Business

Site du podcast

www.buzzsprout.com

Dernier épisode

21 mars 2026

Où écouter ?

Les podcasts dans l'appli Replaio Radio Bientôt disponible

Les podcasts arrivent très bientôt dans l'appli. Installe-la dès maintenant et découvre en avant-première une toute nouvelle façon de vivre les podcasts

Télécharger sur Google Play Installe-la gratuitement Android 5 M+ de téléchargements · note de 4,8 iOS bientôt

Épisodes

The Leakiest Year Ever: A Deep Dive into the 2026 State of Secret | The AppSec Insiders Podcast Ep.20 21.03.2026

In this episode, we sit down with Dwayne McDaniel, Principal Developer Advocate at GitGuardian, to discuss the alarming rise of secret sprawl in 2025. With over 28 million hard-coded secrets leaked on public GitHub last year alone — a 34% increase year-over-year — 2025 is officially the leakiest year on record. We dig into why it's getting worse, how AI coding tools like Claude Code are contr...

LLM Vulnerabilities and Prompt Injection: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.19 28.10.2025

In this episode, we explore the emerging security risks of AI and LLMs in modern applications. Iman shares real-world experiences bypassing AI guardrails like LlamaGuard and OpenAI Shield, while the team discusses prompt injection attacks, system prompt exposure, excessive agency vulnerabilities, and data poisoning. Learn about the OWASP Top 10 for LLMs, why AI usage policies are critical, and how...

Fake Extensions to AI Bug Hunters: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.18 26.09.2025

In this episode of The AppSec Insiders Podcast , we dive into two major security stories making headlines: a fake Solidity extension that drained a developer’s crypto wallets, and Google’s AI-powered tool “Big Sleep” uncovering a critical Chrome vulnerability. From malicious packages to AI-driven defenses, we break down what these cases reveal about today’s evolving AppSec landscape.

SQL Injection to RCE: Fortinet's Critical Vulnerability Exposed | The AppSec Insiders Podcast Ep. 17 27.08.2025

On this episode of The AppSec Insiders Podcast, we dive into CVE-2025-25257 , a Fortinet FortiWeb Fabric Connector SQL injection vulnerability that escalates to RCE. We break down how this exploit works, why it’s so impactful, and what lessons organizations can learn, from proper network segmentation to the importance of SAST in your pipeline.  We also touch on broader trends, from IoT security is...

Prompt Injection to RCE: When AI Gets Compromised | The AppSec Insiders Ep.16 25.07.2025

In this episode, we unpack CVE-2025-49596 , where prompt injection, CSRF, and localhost access were chained to achieve RCE in the MCP Inspector AI tool. Learn how the exploit worked, what it reveals about LLM security risks, and how to defend against similar threats with sandboxing, access controls, and DevSecOps monitoring.  

What Existing AWS Services are Important to AppSec? (Part 1 of 2) | The AppSec Insiders Ep.14 30.10.2024

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs...

What Existing AWS Services are Important to AppSec? (Part 2 of 2) | The AppSec Insiders Ep.15 30.10.2024

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs...

2023 Year-End Review 21.12.2023

In this episode, we discuss 2023 Security Threats & Newcomers Recap

The AppSec Insiders Ep. 11 - Flipper Zero and IoT Security 16.11.2023

In this episode, we discuss the Flipper Zero and IoT Security.  

Exploring the Challenges of Testing Against the ASVS Standard - Part 4 27.10.2023

In this episode, we return to the topic from the previous episodes and continue explore the challenges of testing against the ASVS standard.

Exploring the Challenges of Testing Against the ASVS Standard - Part 3 27.09.2023

In this episode, we explore the challenges of testing against the ASVS standard - Part 3

Exploring the Challenges of Testing Against the ASVS Standard - Part 2 08.09.2023

In this episode, we continue to explore the challenges of testing against the ASVS standard.

Software Composition Analysis (SCA) & Supply Chain Security feat. Oscar van der Meer from MergeBase 22.07.2023

In this episode, we sit down with Oscar van der Meer, Founder and CEO of MergeBase to discuss Software Composition Analysis (SCA) and why it is important for supply chain security.

Azure Security: Raising Alarms and Reducing the Blast Radius 05.07.2023

In this episode we explore Azure Security: Raising Alarms and Reducing the Blast Radius.

AWS SRA (Secure Reference Architecture) 24.06.2023

In this episode we explore AWS SRA (Secure Reference Architecture).

Exploring the Challenges of Testing Against the ASVS Standard 24.05.2023

In this episode, we explore the challenges of testing against the ASVS standard.

ChatGPT and the Future of Application Security 10.05.2023

In this episode, we dive deep into the world of ChatGPT and AI technology. What does this mean for application security?

Attacks on the CI/CD Pipeline (Part 1) 10.05.2023

In this episode, we explore OWASP Top 10 and the potential attacks on the CI/CD (part 1).

Attacks on the CI/CD Pipeline (Part 2) 10.05.2023

In this episode, we continue our discussion about OWASP Top 10 and attacks on the CI/CD pipeline.

Écoute le podcast The AppSec Insiders sur Replaio

La radio et les podcasts dans une seule appli - gratuite, sans inscription. Installe-la dès aujourd'hui et ne rate pas le lancement

Télécharger sur Google Play

Replaio n'est pas éditeur de podcasts ; les noms des émissions, les visuels et l'audio appartiennent à leurs auteurs et sont diffusés via des flux RSS publics