Absolute AppSec

We’re excited to announce this special episode of Absolute AppSec with Kyle Rippee, Staff Product Security Engineer at Tines.? Kyle will be joining Seth and Ken to discuss his experience both managing and working with #applicationsecurity teams, #pentesting, and software engineering. Before Tines, Kyle worked at PlanetArt, FloQast, Shutterfly, Atos, and more. During the show, we’ll look to discuss Kyle’s journey into AppSec, his insights from his security consulting & product security work, and especially we’re looking forward to digging into what’s happening at Tines. Be sure to tune in Tuesday at 12 Noon Eastern!

Consider this a heads up for learning how to level up your AppSec day-to-day work with LLMs! Ken Johnson and Seth Law are bringing the Harnessing LLMs for Application Security for a second time, and this is the only LLMs for AppSec course that could one day be endorsed by Lumon industries, kier willing This is a new stand-alone course for infosec professionals who'd like to incorporate AI agents and other LLM technologies into their day-to-day work flow. The course is being offered online once again on February 20th and 21st. Harnessing LLMs for AppSec grew out of Seth and Ken's Practical Secure Code Review course that has incorporated LLMs into the Absolute AppSec methodology for Secure Code Review because some students found the information contained regarding LLM instrumentation and fine-tuning to be both valuable and worthy of a special focus on their own.? The objectives of the course include: * Understanding Langchain and Prompt Engineering * Getting familiar with LLM types, and exploring which options can best help perform AppSec-related and other tasks. * Hands-on techniques like Retrieval-Augmented Generation (RAG) and Few-Shot Prompting for secure code analysis and threat modeling.? * Integration of AI into security tasks to identify vulnerabilities and improve overall application security. * How to fine-tune AI agent interaction so you improve the results you see To register for this training and to get more information on Seth and Ken's courses, check out the Absolute AppSec training site https://lnkd.in/gpdQQxbW . For this training, the course overview can be found here: https://lnkd.in/g9WZkPqV #LLMsforAppSec #applicationsecurity #aiagents #appliedAI

Join Seth Law and Ken Johnson on Absolute AppSec this Tuesday, February 18th at 11 AM ET (9 AM MT) for a special episode with Myles Borins. Myles, Product Lead for Developer Platform at Snowflake and former GitHub Product lead for projects like Copilot Workspace for Pull Request, Codespaces, npm, and Packages, will be discussing open-source and supply-chain security among other topics. Myles also brings extensive experience from Ecma International and TC39, contributing to security and standards development in the evolution of the JavaScript language. Nota Bene: Be aware of the episode time-shift to an hour earlier than our typical time, if you want to be sure not to miss the livestream! The link is here: https://lnkd.in/gstN3Bjw?#softwaresupplychainsecurity #opensourcesecurity #applicationsecurity

Josh Larsen, co-founder of CTO of Ghost Security, is joining Seth Law and Ken Johnson on the Absolute AppSec podcast on January 28th and 12 Noon Eastern time. The link for the episode livestream is here: https://lnkd.in/grec2Xpj Before Ghost Security ??, Josh was co-founder and CEO of both Darkbit and before that?the Blackfin Security Group. Larsen led the GTM strategy for both startups and Darkbit and Blackfin Security Group were acquired by Aqua Security and Symantec Corporation, respectively. Ghost Security (https://ghostsecurity.com/) was founded to help development shops and #AppSec teams perform autonomous application security using Agentic AI with the goal of helping teams discover, test, and mitigate risks in real time. Josh (joshlarsen on LI, @josh_larsen on X/Twitter) has been in the industry working as a security program manager and consultant as well as building products that improve the security landscape. Be sure to tune in as Seth and Ken talk through his experiences in the field as well as gleaning his insights about the #futureofAppSec, using #AIAgents to empower security products, and more.?

This week on Absolute AppSec, the newsletter pulls from the archives to review episode 219 when Seth Law and Ken Johnson were joined by Jason Haddix. Catch up on that episode (and sign up for weekly updates) at https://lnkd.in/g_UQfSks

Ken Johnson has introduced a new star for Absolute AppSec training promotions! If you're interested in the Harnessing LLMs for Application Security course, check out our training page: https://lnkd.in/gpdQQxbW This second delivery of the course by Ken and Seth Law will take place on the 23rd and 24th of January. Let us know if you have questions about the training, or if you'd like to tell Milo what a good boy he is! #AIforAppSec #applicationsecurity

We've had good feedback, and Ken Johnson and Seth Law are delivering Harnessing LLMs for Application Security for a second time! This is a new stand-alone course for infosec professionals who’d like to incorporate AI agents and other LLM technologies into their day-to-day work flow. The course is being offered online once again on January 23rd-24th Harnessing LLMs for AppSec grew out of Seth and Ken’s Practical Secure Code Review course that has incorporated LLMs into the Absolute AppSec methodology for Secure Code Review course because some students found the information contained regarding LLM instrumentation and fine-tuning to be both valuable and worthy of a special focus on their own.? The objectives of the course include: ? Understanding Langchain and Prompt Engineering ? Getting familiar with LLM types, and exploring which options can best help perform AppSec-related and other tasks. ? Hands-on techniques like Retrieval-Augmented Generation (RAG) and Few-Shot Prompting for secure code analysis and threat modeling.? ? Integration of AI into security tasks to identify vulnerabilities and improve overall application security. ? How to fine-tune AI agent interaction so you improve the results you see To register for this training and to get more information on Seth and Ken’s courses, check out the Absolute AppSec training site here: https://lnkd.in/gpdQQxbW . And for this training specifically, the course overview can be found here: https://lnkd.in/g9WZkPqV? #LLMsforAppSec #AIagents #applicationsecurity #securecodereview

Hey everyone, be sure to tune in tomorrow at 12 Noon Eastern time. We're looking forward to having Clint Gibler back on the podcast!

Hello friends! Seth Law and Ken Johnson are happy to announce that Clint Gibler, the force behind tl;dr sec (tldrsec.com) and head of Security Research at Semgrep, will be coming on as a guest again on the Absolute AppSec podcast on December 10th. Join us at 12 Noon US Eastern time for this special episode. The link for the livestream is here. https://lnkd.in/egD4mUVr

Join us Tuesday Nov 19, at 12 Noon Eastern for a special episode of Absolute AppSec with Kinnaird McQuade, founder and CTO of NightVision. Kinnaird developed NightVision as a security testing tool that combines codebase analysis with DAST features. Before NightVision, Kinnaird worked as lead security engineer at Square as well as Salesforce. Additionally he worked at Synopsys as Cloud Security Consulting Practice Lead. Be sure to tune into the episode as Ken Johnson and Seth Law glean insights from Kinnaird’s experiences and thoughts about the security industry.??