Player FMアプリでオフラインにしPlayer FMう!
James Berthoty -- Is DAST Dead? And the future of API security
Manage episode 421373558 series 2892775
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security.
The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and StackHawk, and the evolving landscape of Dynamic Application Security Testing (DAST) and API security. They delve into the practical challenges of CVEs, reachability analysis, and the complexities of patching in mid-sized companies. James shares his views on the often misunderstood role of WAF and the importance of fixing issues over merely identifying them.
The discussion concludes with insights into James's initiative, Latio Tech, which aims to help security professionals evaluate and understand application security products better.
James Berthoty’s LinkedIn post: AppSec Kool-Aid Statements I Disagree With
https://www.linkedin.com/posts/james-berthoty_appsec-kool-aid-statements-i-disagree-with-activity-7166084208686256128-tb1U?utm_source=share&utm_medium=member_desktop
What is Art by Leo Tolstoy
https://www.gutenberg.org/files/64908/64908-h/64908-h.htm
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
272 つのエピソード
Manage episode 421373558 series 2892775
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security.
The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and StackHawk, and the evolving landscape of Dynamic Application Security Testing (DAST) and API security. They delve into the practical challenges of CVEs, reachability analysis, and the complexities of patching in mid-sized companies. James shares his views on the often misunderstood role of WAF and the importance of fixing issues over merely identifying them.
The discussion concludes with insights into James's initiative, Latio Tech, which aims to help security professionals evaluate and understand application security products better.
James Berthoty’s LinkedIn post: AppSec Kool-Aid Statements I Disagree With
https://www.linkedin.com/posts/james-berthoty_appsec-kool-aid-statements-i-disagree-with-activity-7166084208686256128-tb1U?utm_source=share&utm_medium=member_desktop
What is Art by Leo Tolstoy
https://www.gutenberg.org/files/64908/64908-h/64908-h.htm
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
272 つのエピソード
すべてのエピソード
×プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。