1

ep2024-12 Tanya Janca: Happy Holidays are Secure Code

Dec 23, 2024

60:13

2

ep2024-10 Don't be Scared, It's just a Pen Test with Brad Causey

Oct 31, 2024

37:19

3

ep2024-09 Threat Modeling with Takaharu

Sep 25, 2024

36:19

4

ep2024-08 OWASP Projects Roundup

Aug 30, 2024

36:19

5

ep2024-07 Safety belts for AppSec with Lisa Plaggemier

Jul 12, 2024

32:04

6

ep2023-09 Vulnerable Data Gathering for AI with Arturo Buanzo Busleiman

Oct 2, 2023

32:38

7

ep2023-08 Finding Next Gen Cybersecurity Professionals with Brad Causey

Aug 31, 2023

32:48

8

ep2023-07 What's Audit got to do with IT

Jul 31, 2023

33:40

9

SBOMS, CycloneDX and Dependency Track: Automation for Survival with Steve Springett

Jun 27, 2023

29:32

10

AppSec at 40,000 feet

May 22, 2023

44:02

11

2023-04 Rethinking WAFs: OWASP Coraza

Apr 30, 2023

29:14

12

2023-03 Point of Scary - the POS ecosystem

Mar 28, 2023

34:46

13

2023-02 Isolation is just PEACHy

Mar 1, 2023

33:54

14

OWASP Ep 2023-01: Audit, Compliance and automation, Oh my!

Jan 31, 2023

27:35

15

2022 Year in Review

Dec 30, 2022

14:19

16

You've got some Kubernetes in my AppSec!

Nov 28, 2022

41:44

17

Little Zap of Horrors

Oct 31, 2022

33:09

18

Breaching the wirefall with community

Sep 29, 2022

39:35

19

Going Way Beyond 2FA

Aug 31, 2022

30:45

20

Getting Lean and Mean in the DefectDojo

Jul 20, 2022

30:44

21

Giving a jot about JWTs: JWT Patterns and Anti-Patterns - OWASP Podcast e002

Jun 29, 2022

33:22

22

Threat Modeling using the Force with Adam Shostack - OWASP Podcast e001

May 26, 2022

47:35

23

The Void: Verica Open Incident Database

Apr 5, 2022

43:43

24

Fast Times at SBOM High with Wendy Nather and Matt Tesauro

Mar 24, 2022

42:36

25

SAFe or UnSAFe at Any Speed

Mar 12, 2022

32:11

26

Tanya Janca - She Hacks Purple

Feb 28, 2022

48:24

27

New Ideas. New Voices. New Hosts.

Feb 1, 2022

18:21

28

The InfoSec Color Wheel with Jasmine Henry

Jan 10, 2022

27:50

29

CYA - Cover Your Assets with Chris Roberts

Aug 9, 2021

44:16

30

OWASP Flagship Projects - Episode 02

Jun 16, 2021

25:05

31

OWASP Flagship Projects - Episode 01

Jun 4, 2021

22:22

32

The Cyber Defense Matrix Project with Sounil Yu

Apr 21, 2021

22:56

33

2021 OWASP Top 10 with Andrew van der Stock

Mar 26, 2021

15:06

34

The Ops Side of DevSecOps w/ Damon Edwards

Jan 29, 2021

24:20

35

A Note from the Executive Producer

Jan 27, 2021

3:14

36

A New Vision for the Future of OWASP, with Executive Director, Andrew van der Stock

Jul 18, 2020

30:10

37

Exploring the LinkedIn Algorithm

May 11, 2020

41:21

38

The Demise of Symantec by Richard Stiennon

Mar 20, 2020

14:14

39

Equifax and the Road Ahead w/ Bryson Koehler

Mar 4, 2020

23:19

40

Making Everyone Visible in Tech - Jaclyn Damiano

Feb 7, 2020

38:15

41

How to Engage 4000 Developers in One Day

Nov 14, 2019

17:33

42

Code Rush, DevOps and Google: Software in the Fast Lane

Oct 17, 2019

28:31

43

The Unicorn Project w/ Gene Kim

Oct 16, 2019

44:02

44

DevOps, DevSecOps and the Year Ahead w/ Sacha Labourey

Oct 7, 2019

33:10

45

Is it time to trust Equifax again? You decide.

Sep 17, 2019

35:51

46

2019 Global AppSec Conference DC w/ Ben Pick

Aug 23, 2019

20:48

47

2019 State of the Software Supply Chain Report

Jun 27, 2019

33:28

48

The Vanity of Diversity

May 15, 2019

26:35

49

Create and Manage Internal Tech Conferences

May 8, 2019

37:23

50

Securing the Software Supply Chain - Live Panel for International Conference on Cyber Engagement

May 6, 2019

88:48

51

Tel Aviv and the 2019 Global AppSec Conference

May 1, 2019

18:56

52

Persectives on the "Sec" in DevSecOps w/ Tanya Janca

Apr 16, 2019

44:57

53

2019 Open Security Summit Preview

Apr 9, 2019

19:58

54

What is an SBOM and Why Should You Care? w/ Allan Friedman

Apr 2, 2019

33:11

55

What is Chaos Engineering, an Interview with Casey Rosenthal

Mar 18, 2019

29:27

56

Ladies of London Hacking Society w/ Eliza-May Austin

Mar 13, 2019

30:10

57

Anticipating Failure through Threat Modeling w/ Adam Shostack

Feb 12, 2019

33:29

58

We Are All Special Snowflakes with Chris Roberts

Feb 7, 2019

35:45

59

A Concise Introduction to DevSecOps

Jan 18, 2019

26:43

60

What's In Store for the AppSec Cali Conference w/ Richard Greenberg

Jan 15, 2019

19:34

61

Epic Failures in DevSecOps w/ Aubrey Stearn

Jan 10, 2019

41:33

62

Strategic Asymetry - Leveling the Playing Field w/ Chetan Conikee

Jan 2, 2019

34:42

63

Threat Modeling - A Disaster Story with Edwin Kwan

Dec 18, 2018

18:05

64

The DevSecOps Unicorn Rodeo w/ Stefan Streichsbier

Dec 14, 2018

23:24

65

The DevSecOps Experiment

Dec 10, 2018

14:22

66

Open Source Vulnerabilities - Who is Ultimately Responsible

Dec 3, 2018

46:31

67

event-stream: Analysis of a Compromised npm Package

Nov 27, 2018

21:36

68

Spy vs Spy in Application Security: Harvesting Adversaries

Nov 2, 2018

16:13

69

Moving from Projects to Products w/ Mik Kersten

Oct 31, 2018

39:24

70

The Journey to Open Source at Capital One w/ Tapabrata "Topo" Pal

Oct 29, 2018

19:44

71

The Future of Software and DevOps / with Sacha Labourey

Sep 17, 2018

23:22

72

How to Build Chapter Engagement at OWASP

Sep 17, 2018

16:26

73

A Message from the Executive Producer

Jul 15, 2018

2:51

74

2018 AppSec EU London - Conference Preview

Jun 19, 2018

22:17

75

Steps to Responsible Disclosure with Bas van Schaik,Man Yue Mo and Brian Fox

Mar 20, 2018

30:45

76

RSAC 2018 - Preview of Opening Session for DevOps Connect: DevSecOps Day

Feb 26, 2018

35:27

77

HackNYC 2018: Preview with Kevin E. Greene

Feb 7, 2018

18:08

78

HackNYC 2018: Preview with Dr. Bill Curtis

Feb 1, 2018

32:56

79

The OpenChain Project with Shane Coughlan

Jan 12, 2018

17:07

80

Expanding Community Engagement at OWASP w/ Greg Anderson

Nov 30, 2017

23:12

81

Thoughts on Security in the Modern Software Supply Chain

Nov 16, 2017

64:45

82

Security Processes at the Apache Software Foundation w/ Mark Thomas and Brian Fox

Sep 15, 2017

27:05

83

Struts2 Vulnerabilities: Who Is Responsible?

Sep 14, 2017

30:36

84

What you should know about the latest Struts2 vulnerability announcement

Sep 7, 2017

24:44

85

OWASP Hacker Kids in Bangalore

Aug 29, 2017

15:45

86

Less than 10 Minutes Series: OWASP DockerHub with Simon Bennetts

Aug 8, 2017

8:39

87

Less than 10 Minutes Series - ModSecurity Core Rule Set Project

May 12, 2017

8:01

88

Less than 10 Minutes Series: OWASP Summit 2017

May 11, 2017

7:23

89

Less than 10 Minutes Series: WebGoat Project

May 11, 2017

7:59

90

Less than 10 Minutes Series: Vicnum Project

May 11, 2017

8:10

91

Less than 10 Minutes Series: Defect Dojo Project

May 10, 2017

6:48

92

Less than 10 Minutes Series: Virtual Village Project

May 10, 2017

9:17

93

Less than 10 Minutes Series: The Juice Shop Project

May 10, 2017

7:45

94

AppSec EU 2017, Belfast Keynote Preview with Jaya Baloo

Mar 22, 2017

17:47

95

Struts 2 Vulnerability Analysis

Mar 10, 2017

20:12

96

AppSec EU 2017 Belfast - What to Expect

Feb 18, 2017

20:50

97

Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World

Feb 15, 2017

36:58

98

Shannon Lietz - Keynote Preview for AppSec EU 2017, Belfast

Jan 17, 2017

9:05

99

2016 AppSec USA - An Update on the WebGoat Project

Nov 30, 2016

13:56

100

2016 AppSec USA: The Core Rule Set Project w/ Chaim Sanders

Oct 12, 2016

9:52

101

The Future of DevSecOps w/ Shannon Lietz and Chris Swan, Live From IP Expo London

Oct 9, 2016

57:23

102

2016 Board Election Interviews - Part Four of Four - Members, Projects, Conferences, Chapters

Sep 19, 2016

16:33

103

2016 Board Election Interviews - Part Three of Four - Most Important Issues

Sep 18, 2016

18:17

104

2016 Board Election Interviews - Part Two of Four - Vendor Neutrality

Sep 15, 2016

19:43

105

2016 OWASP Board Election Interviews - Part One of Four - Developer Participation

Sep 14, 2016

20:12

106

AppSec USA 2016 Pre-Conference Update

Sep 9, 2016

16:46

107

Security as Part of Continuous Delivery with Sacha Labourey

Aug 18, 2016

17:58

108

Unicorns on an Aircraft Carrier: DevOps Security at Scale with Sanjeev Sharma

Jul 21, 2016

22:54

109

2016 State of the Software Supply Chain Report with Derek Weeks

Jul 11, 2016

16:24

110

Security as Part of DevOps and Development with Jason Schmitt

Jul 6, 2016

28:25

111

2016 AppSecEU - Update On The ASVS Project with Andrew van der Stock

Jul 5, 2016

14:18

112

2016 AppSecEU - The University Challenge

Jul 1, 2016

11:40

113

Jim Manico's 100th Episode, featuring Mark Miller, Executive Producer of OWASP 24/7

Jun 29, 2016

38:43

114

AppSec Europe 2016 - What To Expect

May 25, 2016

11:04

115

Communication Patterns in Open Source Component Supply Chains

Apr 15, 2016

12:16

116

Active Deception as a Methodology for Cybersecurity w/ Lawrence Pingree from Gartner

Mar 21, 2016

18:35

117

DevOps, Security and Engineering at Slack

Mar 2, 2016

9:17

118

Security War Games with Sam Guckenheimer at Rugged DevOps RSAC 2016

Feb 29, 2016

22:13

119

Guns, Germs and Steel at RSAC 2016 with John Willis

Feb 26, 2016

14:12

120

Equal Respect: Women in Technology with Chenxi Wang

Feb 25, 2016

13:37

121

DevOps: Politics, People and Process with Paula Thrasher

Feb 24, 2016

14:40

122

OWASP Top 10 Proactive Controls Project with Jim Manico and Katy Anton

Feb 9, 2016

21:56

123

The OWASP WebGoat Project, version 7.0, with Bruce Mayhew

Feb 1, 2016

17:00

124

Johanna Curiel on the Growing Pains of OWASP and Management of Project Reviews

Jan 27, 2016

26:46

125

2016 - What's in Store for the OWASP 24/7 Podcast Series

Jan 21, 2016

4:14

126

OWASP Shark Tank - Could You Convince Someone to Invest in Your Project?

Nov 25, 2015

24:13

127

OWASP Application Security Verification Standard Project w/ Andrew van der Stock

Oct 1, 2015

8:23

128

OWASP Benchmark Project w/ Dave Wichers

Sep 30, 2015

14:49

129

OWASP Security Shepherd Project w/ Mark Denihan and Paul McCann

Sep 29, 2015

13:23

130

DevOps, Security and Development w/ Matt Tesauro, Shannon Lietz and Jez Humble

Sep 28, 2015

42:47

131

OWASP Board Candidate Interview - Abbas Naderi, Michael Coates, Jonathan Carter

Sep 3, 2015

48:57

132

OWASP Board Candidate Interview - Bil Corry and Josh Sokol

Sep 3, 2015

39:49

133

OWASP Board Candidate Interview - Milton Smith, Tobias Gondrom, Tom Brennan

Sep 3, 2015

43:05

134

OWASP Security Knowledge Framework Project w/ Glenn Ten Cate

Jul 27, 2015

23:51

135

OWASP Summer of Code Sprint 2015 with Fabio Cerullo

Jul 15, 2015

21:05

136

OWASP Project Funding Part 2 w/ Johanna Curiel and Claudia Casanovas

Jul 2, 2015

50:53

137

OWASP Project Funding w/ Josh Sokol, Dinis Cruz and Andrew van der Stock

Jun 29, 2015

47:53

138

The OWASP Online Academy with John Patrick Lita and Jerry Hoff

Jun 25, 2015

18:04

139

AppSec USA 2015 Overview with Ben Hagen and Michael Coates

Jun 24, 2015

18:44

140

Paul Ritchie, Executive Director, Talks Present, Past and Future of OWASP

May 28, 2015

22:00

141

OWASP Offensive Web Testing Framework with Bharadwaj Machiraju and Abraham Aranguren

Apr 15, 2015

20:01

142

Tobias Gondrom on the OWASP Strategic Goals for 2015

Apr 3, 2015

23:16

143

2015 AppSecEU Pre Conference Update

Mar 31, 2015

19:38

144

OWASP Project Reviews with Johanna Curiel

Feb 25, 2015

20:51

145

2015 OWASP Project Summit in NYC with Tom Brennan

Feb 24, 2015

10:33

146

Seba Deleersnyder Discusses SAMM (Software Assurance Maturity Model) Summit in Dublin, Ireland

Feb 19, 2015

17:52

147

2015 AppSec California Post Mortem with Richard Greenberg and Neil Matatall

Feb 17, 2015

25:00

148

John Melton and the OWASP AppSensor Project

Feb 13, 2015

18:57

149

Moxie Marlinspike on Open Source Security for Mobile Devices

Jan 5, 2015

43:34

150

Dibbe Edwards - DevOps and Open Source at IBM

Dec 11, 2014

30:05

151

The WebGoat Project with Rick Lawson and Jason White

Nov 5, 2014

14:47

152

Kevin E. Greene on OWASP and the SWAMP Project

Oct 17, 2014

26:58

153

AppSec USA 2014, Denver - Damon Edwards, Matt Tesauro, Eoin Keary, Martin Knobloch

Sep 19, 2014

13:01

154

OWASP Board Candidate Interviews - Mateo Martinez

Sep 19, 2014

17:10

155

OWASP Board Candidate Interviews - Jim Manico, Timur Khrotko

Sep 16, 2014

36:14

156

OWASP Board Candidate Interviews - Andrew van der Stock, Nigel Phair, Abbas Naderi

Sep 16, 2014

39:46

157

OWASP 2014 Board Candidate Interviews - Israel Bryski, Matt Konda, Bil Corry and Tahir Khan

Sep 16, 2014

46:06

158

Jonathan Carter - OWASP and Mobile Security

Aug 15, 2014

22:00

159

Sarah Baso - The Final Interview

Jul 29, 2014

22:48

160

Wait! Wait! Don't pwn me! from AppSec Europe 2014

Jul 18, 2014

32:13

161

Eoin Keary on Women in Security and Growing an OWASP Chapter

Jul 14, 2014

6:52

162

Achim Hoffmann and the o-Saft Project for Scanning SSL Connections

Jul 1, 2014

7:28

163

OWASP Top 10 Privacy Risks Project with Florian Stahl and Stefan Burgmair

Apr 29, 2014

16:42

164

The Run Up to a Massive Cyber Security Month with Tom Brennan

Apr 25, 2014

20:01

165

Wolfgang Goerlich on a Real World Example of The Phoenix Project in Action

Apr 17, 2014

25:10

166

Dwayne Melancon - What InfoSec Can Learn from Video Games

Apr 8, 2014

4:39

167

Melissa Elliot on the HeartBleed Bug at Yahoo

Apr 8, 2014

3:49

168

2014 AppSec APAC - Post Mortem (English)

Apr 1, 2014

18:53

169

The OWASP Hacky Easter Challenge with Ivan Bütler

Mar 27, 2014

6:24

170

The OWASP Top Ten Proactive Controls Project with Jim Bird

Mar 24, 2014

14:20

171

The OWASP Cornucopia Project with Colin Watson

Mar 21, 2014

15:34

172

The OWASP WebSpa Project with Yiannis Pavlosoglou and Jim Manico

Mar 3, 2014

32:55

173

2014 AppSec APAC - History and Overview (Japanese and English)

Feb 20, 2014

17:58

174

AppSec Europe 2014 - What To Expect with Host Adrian Winckles

Feb 19, 2014

7:54

175

AppSec USA 2013 – Mark Arnold Talks about the Boston OWASP Chapter

Feb 18, 2014

10:42

176

OWASP Statement on the Security of the Internet 2014

Jan 31, 2014

14:14

177

AppSec APAC 2014 with Tobias Gondrom – What To Expect

Jan 14, 2014

7:09

178

AppSec USA 2013 - Larry Conklin and the Code Review Book Project

Jan 13, 2014

10:46

179

AppSec USA 2013: Jim Manico - Life after OWASP Podcasting

Jan 7, 2014

13:01

180

AppSec USA 2013 - Abbas Naderi and the OWASP PHP Security Project

Dec 19, 2013

11:23

181

AppSec USA 2013: Zed Attack Proxy Project with Simon Bennetts

Dec 13, 2013

10:48

182

AppSec USA 2013 - Michael Coates on the AppSensor Project

Dec 10, 2013

11:09

183

AppSec USA 2013 - The OWASP Application Security CISO Guide with Marco Morana and Tobias Gondrom

Dec 2, 2013

27:35

184

AppSec USA 2013 - The Purpose of OWASP, an Interview with Co-Founder Dennis Groves

Nov 26, 2013

18:23

185

AppSec USA 2013 - OWASP Panel on Using Components with Known Vulnerabilities

Nov 26, 2013

48:58

186

AppSec USA 2013 - Wait, Wait... Don't Pwn Me!

Nov 25, 2013

41:29

187

Tom Brennan - What to expect at AppSecUSA 2013

Nov 8, 2013

14:58

188

Kelly Santalucia - Growing OWASP and the Outreach Programs

Nov 7, 2013

12:12

189

Kate Hartmann - The Future of Virtual Chapter Meetings

Nov 5, 2013

14:26

190

Sarah Baso - What does it take to support 43,000 members in 100+ countries?

Oct 31, 2013

20:02

191

Samantha Groves - Getting the Most from OWASP Projects

Oct 30, 2013

17:23

All Episodes