In this podcast, we will talk about our experiences having worked at different companies - from startups to big enterprises, from tech companies to security companies, and from building side projects to building startups. We will talk about the good, the bad, and everything in between. So join us for some fun, some real, and some super hot takes about all things Security in the Boring AppSec Podcast.
Listen to episodes
37 recent
March 11, 2026Episode 101 hr 1 min
Ep 37: The Future of Security Testing in an AI-Driven World with Jason Haddix
In this episode, Jason Haddix (CEO of Arcanum Information Security and creator of the Bug Hunter’s Methodology) joins us to examine how AI is changing penetration testing and security research. He explains that while AI agents can automate reconnaissance, code analysis, and parts of vulnerability discovery, meaningful results still depend on human expertise, methodology, and context engineering.The conversation explores how AI is shifting the entry path for new security practitioners, why deep research and critical thinking remain essential skills, and how experienced testers are embedding their knowledge into agent workflows using tools like Claude Code. Jason also discusses practical experimentation with AI assistants such as OpenClaw, including prompt-injection defenses, guardrails, and the operational risks of running autonomous systems.The episode also addresses the growing debate around AI-generated code and AI-driven vulnerability discovery, highlighting the difference between marketing claims and real-world results. It closes with a discussion on why the industry needs better benchmarks and evaluation methods to measure whether AI security tools actually find meaningful vulnerabilities.
March 2, 2026Episode 3650 min
Ep 36: Discussing AI's Current State of Affairs
In this episode, we examine what is shifting in AI, AppSec, and product security and what remains fundamentally the same.For years, application security has operated on a familiar model: siloed reviews, tool-driven findings, and periodic assessments that struggle to keep pace with modern development. AI doesn’t eliminate those pressures, it amplifies them. Code is generated faster, systems are more interconnected, and the surface area of change expands weekly. The conversation explores agent-based workflows through tools like OpenClaw, not as novelty, but as a signal of a broader shift: from manually operating tools to orchestrating fleets of agents. As AI interfaces move from chat windows to terminals to messaging environments, security teams must reconsider where workflows live and how context is preserved across them.For decades, AppSec has struggled to build a reliable understanding of what systems exist and how they connect. Large language models may finally make it possible to construct living maps of components, data flows, and trust boundaries enabling assessments that talk to each other instead of existing in isolation.The discussion also revisits threat modeling, not as a compliance artifact, but as a foundation for system-wide reasoning. If AI can automate baseline coverage and reduce repetitive toil, security teams may return to their original purpose: high-leverage risk judgment on critical systems. This leads to a broader debate whether AppSec as a distinct function evolves, shrinks, or dissolves into engineering itself and what the enduring “maker–checker” model of risk management demands in an AI-native world.Finally, the episode reflects on the role of large AI labs in security: the gap between ambitious claims and shipped products, and what that means for founders and security leaders navigating change.00:00–02:15 — Why this is a no-guest episode & what’s changed since last year02:15–06:30 — AI co-authoring, productivity gains, and writing workflows06:30–10:20 — OpenClaw architecture, agent risks, and prompt injection realities10:20–14:00 — The shifting UI of AI: chat → terminal → messaging agents14:00–18:30 — Agent orchestration vs siloed security tooling18:30–23:00 — Context graphs and assessments that “talk” to each other23:00–27:30 — Threat modeling’s evolution and system-wide visibility27:30–31:00 — Why inventory is still AppSec’s hardest problem31:00–34:30 — Personal AI stacks: Obsidian, memory layers, and query tools34:30–37:30 — Open source in the age of AI-generated PR spam37:30–40:00 — AI labs: what they ship vs what they say40:00–44:00 — Will AppSec disappear? A serious debate44:00–48:00 — Maker–checker risk models in an AI-driven org48:00–51:00 — Where AI replaces toil — and where humans stay critical51:00–End — 2026 predictions for AI security and product security.
February 16, 2026Episode 3549 min
Ep 35: Exploring Security After Determinism with Jens Ernstberger
In this episode, we sit down with Jens to explore why AI agents fundamentally break traditional security assumptions, from API keys and browser sessions to composability and access control.Drawing parallels to DeFi exploits and smart contract failures, he explains why agent identity, short-lived delegated authorization, and zero trust aren’t optional add-ons, but the foundation for safely running autonomous systems.We also dive into context compression as both a performance and security challenge, the real difference between MCP and skills, and a future where humans may stop reviewing code altogether. As agents become the primary actors on the internet, even writing itself begins to change in an AI-scraped world.If agents are non-deterministic by design, the real question becomes: where do we reintroduce determinism?Tune in for a deep dive!Connect with Jens Ernstberger:Website: https://ernstberger.xyz/LinkedIn: https://www.linkedin.com/in/jens-ernstberger-phd-96b0ba14a/Connect with Anshuman:LinkedIn: anshumanbhartiyaX: https://x.com/anshuman_bhWebsite: https://anshumanbhartiya.com/Instagram: anshuman.bhartiyaConnect with Sandesh:LinkedIn: anandsandeshX: https://x.com/JubbaOnJeans
February 2, 2026Episode 3456 min
Security at Scale in a Probabilistic World with Ankur Chakraborty
In this episode, Ankur Chakraborty discusses the evolution of AI security, emphasizing the importance of foundational security principles in the context of generative AI. He explores the challenges of scaling security measures in an era of rapid feature deployment and the necessity of integrating AI tools into security practices. The conversation delves into the balance between human oversight and autonomous systems, the significance of context in security decision-making, and the evaluation of security tools based on their outcomes. The discussion highlights the need for better guardrails and the role of context engineering in enhancing security practices.
January 28, 2026Episode 3355 min
The Future of Identity in AI Agents with Ian Livingstone
In this conversation, Ian Livingstone discusses the changing landscape of AI and security, focusing on the challenges of agent identity and the need for a new approach to application security. He emphasizes the importance of understanding the non-deterministic nature of AI agents and the implications for identity management, permissions, and data security. The discussion also touches on the future of agent identity, the role of insurance in managing risks, and the transformation of security practices in the age of AI.Tune in for a deep dive!Connect with Ian Livingstone:LinkedIn: https://www.linkedin.com/in/irlivingstone/Twitter: https://x.com/ianlivingstoneConnect with Anshuman:LinkedIn: anshumanbhartiyaX: https://x.com/anshuman_bhWebsite: https://anshumanbhartiya.com/Instagram: anshuman.bhartiyaConnect with Sandesh:LinkedIn: anandsandeshX: https://x.com/JubbaOnJeans
January 19, 2026Episode 3249 min
Rethinking Enterprise Security in an AI- and Platform-First World with Kane Narraway
In this episode, we sit down with Kane Narraway to unpack how enterprise security is changing as AI, platforms, and developer-driven security become the norm. Kane shares his path from digital forensics to leading security at Canva, and why understanding company culture matters just as much as choosing the right tools.We discuss why modern security is becoming platform-first, why much of the security vendor market optimizes for finding problems rather than fixing them, and why Kane believes security teams need more engineers and fewer manual processes.The conversation also digs into AI security, shadow IT (and shadow AI), and the real-world trade-offs between usability and control, especially as low-code and no-code tools become more common inside companies.Tune in for a deep dive!Connect with Kane Narraway:LinkedIn: https://www.linkedin.com/in/kane-n/Blog: https://kanenarraway.com/Connect with Anshuman:LinkedIn: anshumanbhartiyaX: https://x.com/anshuman_bhWebsite: https://anshumanbhartiya.com/Instagram: anshuman.bhartiyaConnect with Sandesh:LinkedIn: anandsandeshX: https://x.com/JubbaOnJeans
December 15, 2025Episode 3151 min
The Future of Developer Security with Travis McPeak
In this episode, we sit down with Travis McPeak, one of the most prominent thinkers in the space of developer security. Travis, who built his career at the intersection of security automation and developer productivity, shares his philosophy on achieving security at scale in the AI era. His career spans security leadership roles at major tech companies, including Symantec, IBM, Netflix, and Databricks. Most recently, he founded and served as CEO of Resourcely, a startup built on the idea of making cloud infrastructure secure by default, before being "acqui-hired" by Cursor, the rapidly growing AI-powered code editor, to lead security and enterprise readiness.Key TakeawaysAI for Secure by Default: AI tools provide the best injection point to shift security "all the way left" and move past the reactive "whack-a-mole" approach, because developers are already motivated to use these highly effective tools.Changing AppSec Strategy: AI dramatically changes the nature of AppSec by making previously unscalable strategies, such as threat modeling, applicable. AI can generate architecture diagrams on demand by tracing through code.The Compliance Bottleneck: The dramatic consolidation of cloud security vendors reflects how compliance-minded the security industry remains. Critical infrastructure misconfigurations (like public databases being left open) often go unaddressed because they are not measured by compliance standards.Platform vs. Point Solutions: Travis argues against platforms that are often amalgamations of poorly integrated acquired tools. He suggests buying the single best point solution for a high-leverage problem and using AI capabilities to operationalize and wire it into internal systems, thereby simplifying integrations that platforms traditionally provide.The Skeptical Coder: A fundamental limitation of Large Language Models (LLMs) is their desire to "make you happy," causing them to provide answers even if they are incorrect. Therefore, engineers must use AI output only as a starting point and only consider the code finished when they understand it fully end to end.Prompt Injection Defined: Prompt injection is confirmed as a legitimate vulnerability, essentially a rehash of old issues like cross-site scripting and SQL injection, arising from the improper separation between the LLM instruction and the user instruction.Tune in for a deep dive!Contacting Travis* LinkedIn: https://www.linkedin.com/in/travismcpeak/* Company Website: https://www.cursor.comContacting Anshuman* LinkedIn: https://www.linkedin.com/in/anshumanbhartiya/* X: https://x.com/anshuman_bh* Website: https://anshumanbhartiya.com/* Instagram: https://www.instagram.com/anshuman.bhartiya Contacting Sandesh* LinkedIn: https://www.linkedin.com/in/anandsandesh/* X: https://x.com/JubbaOnJeans* Website: https://boringappsec.substack.com/
December 4, 2025Episode 3051 min
Scaling Product Security In The AI Era with Teja Myneedu
In this episode, we sit down with Teja Myneedu, Sr. Director, Security and Trust at Navan. He shares his philosophy on achieving security at scale, discussing some challenges and approaches specially in the AI era. Teja's career spans over two decades on the front lines of product security at hyper-growth companies like Splunk. He currently operates at the complex intersection of FinTech and corporate travel, where his responsibilities include securing financial transactions and ensuring the physical duty of care for global travelers.Key Takeaways• Scaling Security Philosophy: Security programs should be built on developer empathy and innovative solutions, scaling with context and automation.• Pragmatic Protection: Focus on incremental, practical improvements (like WAF rules) to secure the enterprise immediately, instead of letting the pursuit of perfection delay necessary defenses; security by obscurity is not always bad.• Flawed Prioritization: Prioritization frameworks are often flawed because they lack organizational and business context, which security tools fail to provide.• AI and Code Fixes: AI is changing the application security field by reducing the cognitive load on engineers and making it easier for security teams to propose vulnerability fixes (PRs).• The Authorization Dilemma: The biggest novel threat introduced by LLMs is the complexity of identity and authorization, as agents require delegate access and dynamically determine business logic.Tune in for a deep dive!Contacting Teja* LinkedIn: https://www.linkedin.com/in/myneedu/* Company Website: https://www.navan.comContacting Anshuman* LinkedIn: https://www.linkedin.com/in/anshumanbhartiya/* X: https://x.com/anshuman_bh* Website: https://anshumanbhartiya.com/* Instagram: https://www.instagram.com/anshuman.bhartiya Contacting Sandesh* LinkedIn: https://www.linkedin.com/in/anandsandesh/* X: https://x.com/JubbaOnJeans* Website: https://boringappsec.substack.com/
November 24, 2025Episode 2945 min
Architecting AI Security: Standards and Agentic Systems with Ken Huang
In this episode, we sit down with Ken Huang, a core architect behind modern AI security standards, to discuss the revolutionary challenges posed by agentic AI systems. Ken, who chairs the OWASP AIVSS project and co-chairs the AI safety working groups at the Cloud Security Alliance, breaks down how security professionals are writing the rulebook for a future driven by autonomous agents.Key TakeawaysAIVSS for Non-Deterministic Risk: The OWASP AIVSS project aims to provide a quantitative measure for core agent AI risks by applying an agent AI risk factor on top of CVSS, specifically addressing the autonomy and non-deterministic nature of AI agents.Need for Task-Scoped IAM: Traditional OAuth and SAML are inadequate for agentic systems because they provide coarse-grained, session-scoped access control. New authentication standards must be task-scoped, dynamically removing access once a specific task is complete, and driven by verifying the agent’s intent.A2A Security Requires New Protocols: Agent-to-Agent communication (A2A) introduces security issues beyond traditional API security (like BOLA). New systems must utilize protocols for Agent Capability Discovery and Negotiation—validated by digital signatures—to ensure the trustworthiness and promised quality of service from interacting agents.Goal Manipulation is a Critical Threat: Sophisticated attacks often utilize context engineering to execute goal manipulation against agents. These attacks include gradually shifting an agent's objective (crescendo attack), using prompt injection to force the agent to expose secrets (malicious goal expansion), and forcing endless processing loops (exhaustion loop/denial of wallet).Tune in for a deep dive!Contacting Ken* LinkedIn: https://www.linkedin.com/in/kenhuang8/* Company Website: https://distributedapps.ai/* Substack: https://kenhuangus.substack.com/* Paper (Agent Capability Negotiation and Binding Protocol): https://arxiv.org/abs/2506.13590* Book (Securing AI Agents): https://www.amazon.com/Securing-Agents-Foundations-Frameworks-Real-World/dp/3032021294 * AIVSS: https://aivss.owasp.org/Contacting Anshuman* LinkedIn: https://www.linkedin.com/in/anshumanbhartiya/* X: https://x.com/anshuman_bh* Website: https://anshumanbhartiya.com/* Instagram: https://www.instagram.com/anshuman.bhartiya Contacting Sandesh* LinkedIn: https://www.linkedin.com/in/anandsandesh/* X: https://x.com/JubbaOnJeans* Website: https://boringappsec.substack.com/
October 1, 2025Episode 2848 min
The Attacker's Perspective on AI Security with Aryaman Behera
In this episode, hosts Sandesh and Anshuman chat with Aryaman Behera, the Co-Founder and CEO of Repello AI. Aryaman shares his unique journey from being a bug bounty hunter and the captain of India's top-ranked CTF team, InfoSec IITR, to becoming the CEO of an AI security startup. The discussion offers a deep dive into the attacker-centric mindset required to secure modern AI applications, which are fundamentally probabilistic and differ greatly from traditional deterministic software. Aryaman explains the technical details behind Repello's platform, which combines automated red teaming (Artemis) with adaptive guardrails (Argus) to create a continuous security feedback loop. The conversation explores the nuanced differences between AI safety and security, the critical role of threat modeling for agentic workflows, and the complex challenges of responsible disclosure for non-deterministic vulnerabilities.Key Takeaways- From Hacker to CEO: Aryaman discusses the transition from an attacker's mindset, focused on quick exploits, to a CEO's mindset, which requires patience and long-term relationship building with customers.- A New Kind of Threat: AI applications introduce a new attack surface built on prompts, knowledge bases, and probabilistic models, which increases the blast radius of potential security breaches compared to traditional software.- Automated Red Teaming and Defense: Repello’s platform consists of two core products: Artemis, an offensive AI red teaming platform that discovers failure modes , and - Argus, a defensive guardrail system. The platforms create a continuous feedback loop where vulnerabilities found by Artemis are used to calibrate and create policies for Argus.- Threat Modeling for AI Agents: For complex agentic systems, a black-box approach is often insufficient. Repello uses a gray-box method where a tool called AgentWiz helps customers generate a threat model based on the agent's workflow and capabilities, without needing access to the source code.- The Challenge of Non-Deterministic Vulnerabilities: Unlike traditional software vulnerabilities which are deterministic, AI exploits are probabilistic. An attack like a system prompt leak only needs to succeed once to be effective, even if it fails nine out of ten times.- The Future of Attacks is Multimodal: Aryaman predicts that as AI applications evolve, major new attack vectors will emerge from new interfaces like voice and image, as their larger latent space offers more opportunities for malicious embeddings.Tune in for a deep dive!Contacting Aryaman* LinkedIn: https://www.linkedin.com/in/aryaman-behera/* Company Website: https://repello.ai/Contacting Anshuman* LinkedIn: https://www.linkedin.com/in/anshumanbhartiya/* X: https://x.com/anshuman_bh* Website: https://anshumanbhartiya.com/* Instagram: https://www.instagram.com/anshuman.bhartiya Contacting Sandesh* LinkedIn: https://www.linkedin.com/in/anandsandesh/* X: https://x.com/JubbaOnJeans* Website: https://boringappsec.substack.com/
Is this your show?
Claim this listing to keep it up to date, reach guests who want to pitch you, and manage bookings with Guestify.
