Rephonic
Artwork for Application Security Weekly

Application Security Weekly (Audio)

Security Weekly Productions
Application Security
Open Source Software
Cybersecurity
Software Supply Chain Security
Supply Chain Security
Ebpf
Cybersecurity Best Practices
Security Engineering
Generative AI In Security
Node.js
API Security
Bot Management
Development Teams
Software Development
Vulnerabilities
Luis Villa
Government Funding For Software
Appsec
XZ Utils
Karan Dwivedi

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.

21 ratings
PublishesWeeklyEpisodes381Founded8 years ago
Number of ListenersCategories
Tech NewsTechnologyNews

Listen to this Podcast

Listen on Apple PodcastsListen on SpotifyListen on CastboxListen on Podcast AddictListen on Pocket CastsListen on OvercastListen on YouTube MusicListen on RSS
Artwork for Application Security Weekly
 Guests Hosts Reviews Charts Talking Points

Latest Episodes

Building proactive defenses that reflect the true nature of modern software risk - Paul Davis - ASW #367

Supply chain security remains one of the biggest time sinks for appsec teams and developers, even making it onto the latest iteration of the OWASP Top 10 list. Paul Davis joins us to talk about strategies to proactively defend your environment from t... more

27 Jan 2026 • 1 hr 13 min

Lessons from MongoBleed, CWE Top 25, and Secure Coding Benchmarks - ASW #366

MongoBleed and a recent OWASP CRS bypass show how parsing problems remain a source of security flaws regardless of programming language. We talk with Kalyani Pawar about how these problems rank against the Top 25 CWEs for 2025 and what it means for r... more

20 Jan 2026 • 44 min

Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365

Not all infosec advice is helpful. Bad advice wastes time, makes people less secure, and takes focus away from making software more secure. Bob Lord talks about his efforts to tamp down hacklore -- the security myths and mistakes that crop up in news... more

13 Jan 2026 • 53 min

The Upsides and Downsides of LLM-Generated Code - Chris Wysopal - ASW #364

Developers are adding LLMs to their code creation toolboxes, using them to assist with writing and reviewing code. Chris Wysopal talks about the security downsides of relying on LLMs and how appsec needs to adapt to dealing with more code at a faster... more

6 Jan 2026 • 1 hr 10 min

Key Facts

Accepts Guests
Accepts Sponsors
Contact Information
Podcast Host
Number of Listeners
Find out how many people listen to this podcast per episode and each month.

Similar Podcasts

People also subscribe to these shows.

Darknet Diaries
Darknet DiariesJack Rhysider

Recent Guests

Bob Lord
Cyber Security Executive and Public Interest Technologist
Episode: Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365
Chris Wysopal
Chief Security Evangelist at Veracode, co-founder of Veracode, and former vice president of research and development at security consultancy At Stake.
Veracode
Episode: The Upsides and Downsides of LLM-Generated Code - Chris Wysopal - ASW #364
Sebastian Deleersnyder
CTO at Torreon, involved in Software Assurance Maturity Model and AI in AppSec.
Torreon
Episode: Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, Dustin Lehr, James Manico, Adam Shostack - ASW #362
James Manico
Secure Coding Instructor and owner of Manico Security.
Manico Security
Episode: Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, Dustin Lehr, James Manico, Adam Shostack - ASW #362
Dustin Lehr
AppSec advocate at Security Journey and co-founder at Catalyst.
Security Journey
Episode: Modern AppSec: OWASP SAMM, AI Secure Coding, Threat Modeling & Champions - Sebastian Deleersnyder, Dustin Lehr, James Manico, Adam Shostack - ASW #362
Kat Cosgrove
Head of Developer Advocacy at Minimus focusing on growing and nurturing open source through authentic contribution.
Minimus
Episode: Developing Open Source Skills for Maintaining Projects - Kat Cosgrove - ASW #361
Matias Madou
CTO and co-founder of Secure Code Warrior, with a focus on application security and developer training.
Secure Code Warrior
Episode: Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357
Rob Allen
Chief Product Officer at ThreatLocker, with over two decades of experience in technology and security.
ThreatLocker
Episode: Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356
Bar Kaduri
Cloud Security Threat Research Team Leader at Orca Security
Orca Security
Episode: Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355

Hosts

Mike Shema
Host and presenter; an expert in application security and coding practices, engaged in discussions that emphasize actionable security measures.
John Kinsella
Co-host and security advocate with extensive knowledge in cybersecurity practices, focusing on the integration of security in software development.

Reviews

4.7 out of 5 stars from 21 ratings
  • Yes

    It’s the best.

    Apple Podcasts
    5
    Alpha Gay
    United States7 months ago
  • Great show

    Amazing show with great news and tips on making sure you code is secure.

    Apple Podcasts
    5
    DMLou
    United States3 years ago
  • One of the best podcast on planet đź‘Ť

    One of the best podcast on planet đź‘Ť

    Mike and john are the best and most funny host I had the pleasure dealing with.

    Also level of knowledge and precision is unbeatable

    Apple Podcasts
    5
    Fracipo
    United Kingdom3 years ago
  • Great show

    Best show I’ve found so far related to AppSec

    Apple Podcasts
    5
    jrod d
    United States5 years ago
  • Keith fails again

    Clearly doesn’t know or understand java but still keeps yapping regardless. And don’t get me started on the gdpr episode... so much misinformation and stupidity in one location is rare.

    Apple Podcasts
    1
    quasi42
    Denmark7 years ago
Embed These Reviews on a Website

Listeners Say

Key themes from listener reviews, highlighting what works and what could be improved about the show.

The content is regarded as informative, with many appreciating the expert guests who share industry insights.
Some critiques mention occasional misinformation in discussions, highlighting the need for accuracy in technical topics.
Listeners praise the podcast for its practical insights on application security and the humor of the hosts.

Chart Rankings

How this podcast ranks in the Apple Podcasts, Spotify and YouTube charts.

Apple Podcasts
#142
Norway/Technology

Talking Points

Recent interactions between the hosts and their guests.

Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365
Q: What are the three core principles of secure by design?
The principles are: software manufacturers taking ownership of customer security outcomes, radical transparency, and leading from the top with strong organizational incentives.
Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365
Q: How can we rethink our advice to everyday users when it comes to cybersecurity?
It's important to understand the threat landscape and tailor advice to current risks rather than relying on outdated practices that may no longer be relevant.
Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365
Q: What does hack lore mean and why should we be talking about it?
Hack lore categorizes outdated security advice that misleads users and prevents them from improving their security posture.
Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359
Q: What are some security measures operators can implement?
Using methods like micro-segmentation and adopting modern protocols can greatly enhance their security posture.
Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Owen, James Cotter - ASW #359
Q: How do you secure municipal water and power operators who feel too small to be a target?
It's essential to educate them on vulnerabilities and show that even small utilities are attractive targets for cyber actors.

Audience Metrics

Listeners, social reach, demographics and more for this podcast.

Listeners per Episode
Gender Skew
Location
Interests
Professions
Age Range
Household Income
Social Media Reach

Frequently Asked Questions About Application Security Weekly

What is Application Security Weekly about and what kind of topics does it cover?

Focusing exclusively on application security (AppSec), the content covers a wide array of topics pertinent to developers, security professionals, and technology enthusiasts. Regular discussions range from the implications of generative AI in coding practices, the evolution of security standards, to the latest vulnerabilities affecting critical infrastructure. The interactive nature of the episodes, often featuring expert guests, not only tackles current challenges in the field but also anticipates future trends and needed advancements in security protocols. This podcast is noteworthy for its commitment to actionable insight, helping listeners grasp complex themes in AppSec while providing practical solutions to enhance their coding and secu... more

Where can I find podcast stats for Application Security Weekly?

Rephonic provides a wide range of podcast stats for Application Security Weekly. We scanned the web and collated all of the information that we could find in our comprehensive podcast database. See how many people listen to Application Security Weekly and access YouTube viewership numbers, download stats, audience demographics, chart rankings, ratings, reviews and more.

How many listeners does Application Security Weekly get?

Rephonic provides a full set of podcast information for three million podcasts, including the number of listeners. View further listenership figures for Application Security Weekly, including podcast download numbers and subscriber numbers, so you can make better decisions about which podcasts to sponsor or be a guest on. You will need to upgrade your account to access this premium data.

What are the audience demographics for Application Security Weekly?

Rephonic provides comprehensive predictive audience data for Application Security Weekly, including gender skew, age, country, political leaning, income, professions, education level, and interests. You can access these listener demographics by upgrading your account.

How many subscribers and views does Application Security Weekly have?

To see how many followers or subscribers Application Security Weekly has on Spotify and other platforms such as Castbox and Podcast Addict, simply upgrade your account. You'll also find viewership figures for their YouTube channel if they have one.

Which podcasts are similar to Application Security Weekly?

These podcasts share a similar audience with Application Security Weekly:

1. Darknet Diaries

How many episodes of Application Security Weekly are there?

Application Security Weekly launched 8 years ago and published 381 episodes to date. You can find more information about this podcast including rankings, audience demographics and engagement in our podcast database.

How do I contact Application Security Weekly?

Our systems regularly scour the web to find email addresses and social media links for this podcast. We scanned the web and collated all of the contact information that we could find in our podcast database. But in the unlikely event that you can't find what you're looking for, our concierge service lets you request our research team to source better contacts for you.

Where can I see ratings and reviews for Application Security Weekly?

Rephonic pulls ratings and reviews for Application Security Weekly from multiple sources, including Spotify, Apple Podcasts, Castbox, and Podcast Addict.

View all the reviews in one place instead of visiting each platform individually and use this information to decide if a show is worth pitching or not.

How do I access podcast episode transcripts for Application Security Weekly?

Rephonic provides full transcripts for episodes of Application Security Weekly. Search within each transcript for your keywords, whether they be topics, brands or people, and figure out if it's worth pitching as a guest or sponsor. You can even set-up alerts to get notified when your keywords are mentioned.

What guests have appeared on Application Security Weekly?

Recent guests on Application Security Weekly include:

1. Bob Lord
2. Chris Wysopal
3. Sebastian Deleersnyder
4. James Manico
5. Dustin Lehr
6. Kat Cosgrove
7. Matias Madou
8. Rob Allen

To view more recent guests and their details, simply upgrade your Rephonic account. You'll also get access to a typical guest profile to help you decide if the show is worth pitching.

Find and pitch the right podcasts

We help savvy brands, marketers and PR professionals to find the right podcasts for any topic or niche. Get the data and contacts you need to pitch podcasts at scale and turn listeners into customers.
Try it free for 7 days