Rephonic
Artwork for The Elephant in AppSec

The Elephant in AppSec

The Elephant in AppSec
Application Security
Threat Modeling
Product Security
Devsecops
Kubernetes
Cybersecurity
Security Champions
Apis
OWASP
AI Security
Dynamic Application Security Testing
Third-Party Risk Management
Compliance
Zero Trust
Open Source Security
Supply Chain Insider Threats
Opengrep
Return On Investment
Secure Coding
AI In Cybersecurity

Time to discuss AppSec issues no one talks about.

2 ratings
PublishesWeeklyEpisodes88Founded2 years ago
Number of ListenersCategory
Technology

Listen to this Podcast

Listen on Apple PodcastsListen on SpotifyListen on CastboxListen on Podcast AddictListen on Pocket CastsListen on OvercastListen on YouTube MusicListen on RSS
Artwork for The Elephant in AppSec
 Guests Host Charts Talking Points

Latest Episodes

Why Security Loses Influence in High-Growth Companies (And What to Do About It) with Kavia Venkatesh

Today, I'm joined by Kavia Venkatesh, Director of Product Security at a large healthcare organization. She didn't take the traditional path into cybersecurity — she came from biotech. But that outsider lens turned out to be her edge.

With over 10 y... more

20 May 202631 min

The Lethal Trifecta or why your AI agent knows too much - Jason Fernandes

Today, I’m joined by Jason Fernandes, VP of security and privacy at Mercari, the Japanese-born global marketplace now spanning e-commerce, FinTech, and crypto. It is this rare combination that puts him at the intersection of some of the strictest reg... more

11 May 202633 min

25 years of the same problem in Application Security - Sam Stepanyan

Today, I’m joined by Sam Stepanyan, an OWASP Global Board member and an OWASP London Chapter Leader. Sam is an Independent Application Security Consultant and Security Architect with over 20 years of experience in the IT industry.

Sam has worked for... more

22 Apr 202637 min

Should security belong in every AI strategy meeting? with Amol Deshpande

Today, I’m joined by Amol Deshpande, a seasoned security engineer currently at Stripe, where he focuses on building secure systems at massive scale. With a background spanning product security and penetration testing at companies like Salesforce, Spl... more

29 Dec 202547 min

Key Facts

Accepts Guests
Contact Information
Podcast Host
Number of Listeners
Find out how many people listen to this podcast per episode and each month.

Similar Podcasts

People also subscribe to these shows.

Software Engineering Radio - the podcast for professional software developers
Software Engineering Radio - the podcast for professional software developersteam@se-radio.net (SE-Radio Team)

Recent Guests

Kavia Venkatesh
Director of Product Security at the Large Healthcare Organization
Large Healthcare Organization
Episode: Why Security Loses Influence in High-Growth Companies (And What to Do About It) with Kavia Venkatesh
Jason Fernandes
PFO Security and Privacy at Mercari
Mercari
Episode: The Lethal Trifecta or why your AI agent knows too much - Jason Fernandes
Sam Stepanyan
OWASP Global Board member and OWASP London Chapter Leader
OWASP
Episode: 25 years of the same problem in Application Security - Sam Stepanyan
Amol Deshpande
Season Security Engineer focused on security systems at scale
Stripe
Episode: Should security belong in every AI strategy meeting? with Amol Deshpande
Aleksandra Kornecka
Security engineer with a global mindset, former senior AppSec engineer now cloud infrastructure security engineer, active in OWASP Security Champions and European AppSec community
Escape, OWASP Security Champions Guide
Episode: What Mindset Shift Developers Need to Break Into Security? with Aleksandra Kornecka
Gowtham Sundar
Senior Lead Engineer, 3A Security, AI and API included, at SPH Media
SPH Media / 3A Security
Episode: Is the AI–API interaction the biggest security blind spot? with Gowtham Sundar
Enrique Larios Vargas
Security and Learning Specialist at Adyen
Adyen
Episode: What best drives the adoption of secure software practices? with Enrique Larios Vargas
Marcos Vinicius Cassel
Application Security Manager at PowerSchool; former CISP ISO 27001 Lead Auditor; OWASP Porto Alegre Chapter lead
PowerSchool
Episode: Why AppSec Needs More Than Just a Checkbox ⎢ Marcos Vinicius Cassel
Aamiruddin Syed
Senior Product Security Engineer at AGCO Corporation; author on software supply chain security
AGCO Corporation
Episode: The Supply Chain Crisis We Created: How AI, Extensions, and Dependencies Became the New Attack Surface with Aamiruddin Syed

Host

Alexandra
Host and AppSec Growth Manager at Escape

Chart Rankings

How this podcast ranks in the Apple Podcasts, Spotify and YouTube charts.

Apple Podcasts
#70
Israel/Technology

Talking Points

Recent interactions between the hosts and their guests.

What best drives the adoption of secure software practices? with Enrique Larios Vargas
Q: How should organizations value the efforts of security champions to ensure long-term sustainability?
Organizations should provide meaningful incentives, align ambassador roles with career progression, supply time and resources, and implement training that builds soft skills like communication, so ambassadors feel their work has real impact beyond compliance.
What best drives the adoption of secure software practices? with Enrique Larios Vargas
Q: What are the main drivers you identified that motivate developers to adopt secure software practices?
Motivation arises from a combination of automatic emotional drivers and reflective, rational considerations, and must be supported by opportunities and a conducive environment; content must be tailored to the developers' context and complemented by a culture that rewards and sustains ambassadors or champions.
Secure by Design: Who’s Really Responsible? with Abhijeth Dugginapeddi
Q: What level of collaboration between security and product teams helps in making security policies more understandable and implementable?
Co-writing policies with product engineering and IT from the outset, involving stakeholders in decision making, and explaining the rationale behind policies to those teams helps ensure policies are practical and adopted.
Secure by Design: Who’s Really Responsible? with Abhijeth Dugginapeddi
Q: Do you think the company should achieve no level of maturity to start thinking about secure by design?
Abhijeth explains that while some basic security awareness and processes are necessary early on, startups can begin embedding Secure by Design from the outset without full maturity, as long as there is direction, leadership, and collaboration with IT and product teams.
The Pressure of Security Leadership: What SLAs Actually Work? with Terry O'Daniel
Q: Can you describe a practical way you balance speed and quality when security is embedded in a product team?
We treat guardrails as the guiding criteria rather than gates. By embedding security engineers in the product flow, using shared libraries and secure pipelines, we shift left and keep the pipeline moving. It's about defining what good looks like, communicating trade-offs, and ensuring leadership gets timely, credible updates.

Audience Metrics

Listeners, social reach, demographics and more for this podcast.

Listeners per Episode
Gender Skew
Location
Interests
Professions
Age Range
Household Income
Social Media Reach

Frequently Asked Questions About The Elephant in AppSec

What is The Elephant in AppSec about and what kind of topics does it cover?

The content focuses on under-discussed issues in Application Security (AppSec), promoting insightful conversations that challenge common perceptions and practices. Episodes consistently explore critical topics such as secure coding, third-party risk management, and behavioral psychology's role in security. The discussions frequently feature experienced guests from various sectors in the technology domain, ensuring a rich exchange of ideas that addresses both technical and cultural aspects of security. This podcast is tailored for professionals seeking in-depth knowledge and strategies to enhance their application security initiatives, alongside fostering community engagement and collaboration.

Where can I find podcast stats for The Elephant in AppSec?

Rephonic provides a wide range of podcast stats for The Elephant in AppSec. We scanned the web and collated all of the information that we could find in our comprehensive podcast database. See how many people listen to The Elephant in AppSec and access YouTube viewership numbers, download stats, audience demographics, chart rankings, ratings, reviews and more.

How many listeners does The Elephant in AppSec get?

Rephonic provides a full set of podcast information for three million podcasts, including the number of listeners. View further listenership figures for The Elephant in AppSec, including podcast download numbers and subscriber numbers, so you can make better decisions about which podcasts to sponsor or be a guest on. You will need to upgrade your account to access this premium data.

What are the audience demographics for The Elephant in AppSec?

Rephonic provides comprehensive predictive audience data for The Elephant in AppSec, including gender skew, age, country, political leaning, income, professions, education level, and interests. You can access these listener demographics by upgrading your account.

How many subscribers and views does The Elephant in AppSec have?

To see how many followers or subscribers The Elephant in AppSec has on Spotify and other platforms such as Castbox and Podcast Addict, simply upgrade your account. You'll also find viewership figures for their YouTube channel if they have one.

Which podcasts are similar to The Elephant in AppSec?

These podcasts share a similar audience with The Elephant in AppSec:

1. Software Engineering Radio - the podcast for professional software developers

How many episodes of The Elephant in AppSec are there?

The Elephant in AppSec launched 2 years ago and published 88 episodes to date. You can find more information about this podcast including rankings, audience demographics and engagement in our podcast database.

How do I contact The Elephant in AppSec?

Our systems regularly scour the web to find email addresses and social media links for this podcast. We scanned the web and collated all of the contact information that we could find in our podcast database. But in the unlikely event that you can't find what you're looking for, our concierge service lets you request our research team to source better contacts for you.

Where can I see ratings and reviews for The Elephant in AppSec?

Rephonic pulls ratings and reviews for The Elephant in AppSec from multiple sources, including Spotify, Apple Podcasts, Castbox, and Podcast Addict.

View all the reviews in one place instead of visiting each platform individually and use this information to decide if a show is worth pitching or not.

How do I access podcast episode transcripts for The Elephant in AppSec?

Rephonic provides full transcripts for episodes of The Elephant in AppSec. Search within each transcript for your keywords, whether they be topics, brands or people, and figure out if it's worth pitching as a guest or sponsor. You can even set-up alerts to get notified when your keywords are mentioned.

What guests have appeared on The Elephant in AppSec?

Recent guests on The Elephant in AppSec include:

1. Kavia Venkatesh
2. Jason Fernandes
3. Sam Stepanyan
4. Amol Deshpande
5. Aleksandra Kornecka
6. Gowtham Sundar
7. Enrique Larios Vargas
8. Marcos Vinicius Cassel

To view more recent guests and their details, simply upgrade your Rephonic account. You'll also get access to a typical guest profile to help you decide if the show is worth pitching.

Find and pitch the right podcasts

We help savvy brands, marketers and PR professionals to find the right podcasts for any topic or niche. Get the data and contacts you need to pitch podcasts at scale and turn listeners into customers.
Try it free for 7 days