Farshad Abasi

The AppSec Insiders

Business EN ↓ 19 episodes

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs.  If you’re an AppSec professional looking for an opportunity to work with some of the best in the industry, or a developer with an interest in cybersecurity, be sure to check out our careers page at...

Author

Farshad Abasi

Category

Business

Podcast website

www.buzzsprout.com

Latest episode

Mar 21, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

The Leakiest Year Ever: A Deep Dive into the 2026 State of Secret | The AppSec Insiders Podcast Ep.20 21.03.2026

In this episode, we sit down with Dwayne McDaniel, Principal Developer Advocate at GitGuardian, to discuss the alarming rise of secret sprawl in 2025. With over 28 million hard-coded secrets leaked on public GitHub last year alone — a 34% increase year-over-year — 2025 is officially the leakiest year on record. We dig into why it's getting worse, how AI coding tools like Claude Code are contr...

LLM Vulnerabilities and Prompt Injection: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.19 28.10.2025

In this episode, we explore the emerging security risks of AI and LLMs in modern applications. Iman shares real-world experiences bypassing AI guardrails like LlamaGuard and OpenAI Shield, while the team discusses prompt injection attacks, system prompt exposure, excessive agency vulnerabilities, and data poisoning. Learn about the OWASP Top 10 for LLMs, why AI usage policies are critical, and how...

Fake Extensions to AI Bug Hunters: AppSec News Deep Dive | The AppSec Insiders Podcast Ep.18 26.09.2025

In this episode of The AppSec Insiders Podcast , we dive into two major security stories making headlines: a fake Solidity extension that drained a developer’s crypto wallets, and Google’s AI-powered tool “Big Sleep” uncovering a critical Chrome vulnerability. From malicious packages to AI-driven defenses, we break down what these cases reveal about today’s evolving AppSec landscape.

SQL Injection to RCE: Fortinet's Critical Vulnerability Exposed | The AppSec Insiders Podcast Ep. 17 27.08.2025

On this episode of The AppSec Insiders Podcast, we dive into CVE-2025-25257 , a Fortinet FortiWeb Fabric Connector SQL injection vulnerability that escalates to RCE. We break down how this exploit works, why it’s so impactful, and what lessons organizations can learn, from proper network segmentation to the importance of SAST in your pipeline.  We also touch on broader trends, from IoT security is...

Prompt Injection to RCE: When AI Gets Compromised | The AppSec Insiders Ep.16 25.07.2025

In this episode, we unpack CVE-2025-49596 , where prompt injection, CSRF, and localhost access were chained to achieve RCE in the MCP Inspector AI tool. Learn how the exploit worked, what it reveals about LLM security risks, and how to defend against similar threats with sandboxing, access controls, and DevSecOps monitoring.  

What Existing AWS Services are Important to AppSec? (Part 1 of 2) | The AppSec Insiders Ep.14 30.10.2024

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs...

What Existing AWS Services are Important to AppSec? (Part 2 of 2) | The AppSec Insiders Ep.15 30.10.2024

Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know    For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs...

2023 Year-End Review 21.12.2023

In this episode, we discuss 2023 Security Threats & Newcomers Recap

The AppSec Insiders Ep. 11 - Flipper Zero and IoT Security 16.11.2023

In this episode, we discuss the Flipper Zero and IoT Security.  

Exploring the Challenges of Testing Against the ASVS Standard - Part 4 27.10.2023

In this episode, we return to the topic from the previous episodes and continue explore the challenges of testing against the ASVS standard.

Exploring the Challenges of Testing Against the ASVS Standard - Part 3 27.09.2023

In this episode, we explore the challenges of testing against the ASVS standard - Part 3

Exploring the Challenges of Testing Against the ASVS Standard - Part 2 08.09.2023

In this episode, we continue to explore the challenges of testing against the ASVS standard.

Software Composition Analysis (SCA) & Supply Chain Security feat. Oscar van der Meer from MergeBase 22.07.2023

In this episode, we sit down with Oscar van der Meer, Founder and CEO of MergeBase to discuss Software Composition Analysis (SCA) and why it is important for supply chain security.

Azure Security: Raising Alarms and Reducing the Blast Radius 05.07.2023

In this episode we explore Azure Security: Raising Alarms and Reducing the Blast Radius.

AWS SRA (Secure Reference Architecture) 24.06.2023

In this episode we explore AWS SRA (Secure Reference Architecture).

Exploring the Challenges of Testing Against the ASVS Standard 24.05.2023

In this episode, we explore the challenges of testing against the ASVS standard.

ChatGPT and the Future of Application Security 10.05.2023

In this episode, we dive deep into the world of ChatGPT and AI technology. What does this mean for application security?

Attacks on the CI/CD Pipeline (Part 1) 10.05.2023

In this episode, we explore OWASP Top 10 and the potential attacks on the CI/CD (part 1).

Attacks on the CI/CD Pipeline (Part 2) 10.05.2023

In this episode, we continue our discussion about OWASP Top 10 and attacks on the CI/CD pipeline.

Listen to the The AppSec Insiders podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.