Lépjen offline állapotba az Player FM alkalmazással!
James Berthoty -- Is DAST Dead? And the future of API security
Manage episode 421379684 series 2540720
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security.
The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and StackHawk, and the evolving landscape of Dynamic Application Security Testing (DAST) and API security. They delve into the practical challenges of CVEs, reachability analysis, and the complexities of patching in mid-sized companies. James shares his views on the often misunderstood role of WAF and the importance of fixing issues over merely identifying them.
The discussion concludes with insights into James's initiative, Latio Tech, which aims to help security professionals evaluate and understand application security products better.
James Berthoty’s LinkedIn post: AppSec Kool-Aid Statements I Disagree With
https://www.linkedin.com/posts/james-berthoty_appsec-kool-aid-statements-i-disagree-with-activity-7166084208686256128-tb1U?utm_source=share&utm_medium=member_desktop
What is Art by Leo Tolstoy
https://www.gutenberg.org/files/64908/64908-h/64908-h.htm
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
273 epizódok
Manage episode 421379684 series 2540720
In this episode of the Application Security Podcast, host Chris Romeo welcomes James Berthoty, a cloud security engineer with a diverse IT background, to discuss his journey into application and product security.
The conversation spans James's career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and StackHawk, and the evolving landscape of Dynamic Application Security Testing (DAST) and API security. They delve into the practical challenges of CVEs, reachability analysis, and the complexities of patching in mid-sized companies. James shares his views on the often misunderstood role of WAF and the importance of fixing issues over merely identifying them.
The discussion concludes with insights into James's initiative, Latio Tech, which aims to help security professionals evaluate and understand application security products better.
James Berthoty’s LinkedIn post: AppSec Kool-Aid Statements I Disagree With
https://www.linkedin.com/posts/james-berthoty_appsec-kool-aid-statements-i-disagree-with-activity-7166084208686256128-tb1U?utm_source=share&utm_medium=member_desktop
What is Art by Leo Tolstoy
https://www.gutenberg.org/files/64908/64908-h/64908-h.htm
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
273 epizódok
Minden epizód
×Üdvözlünk a Player FM-nél!
A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.