“The podcast for kids who cant appsec good and want to learn how to do other stuff good too.” absoluteappsec.com
Joined January 2018
- Tweets 1,757
- Following 123
- Followers 1,467
- Likes 467
536 Photos and videos
Coming up in 10-15 minutes, @cktricky and @sethlaw are heading up a new episode of @absoluteappsec. Check in on the livestream here to see what Seth and Ken are reading and thinking about in these wild times: youtube.com/watch?v=GN-G3Ko-…
1
2
172
Also, the harnessing LLMs for AppSec course will be offered at DEFCON. Check it out here: training.defcon.org/collecti…
1
1
87
Seth and Ken after discussing some of the books that have influenced how they think of appsec over the years, they're turning to the Megalodon breach discussed here: stepsecurity.io/blog/megalod…
22
Coming up at 12 Noon ET, @sethlaw is joined by @lojikil while Ken is away. Be sure to join us here: youtube.com/watch?v=ySRYhAjc…
Send us a dm hear with an email, if you'd like to be invited into the AbsoluteAppSec slack.
1
57
As a heads up, Stefan and Seth are running a bit early today, so catch up with lojikil and Seth now!
30
Today on the podcast, the standard operating practice for how code gets written, reviewed, & committed is rapidly changing & affecting typical PR flows. Today, @cktricky and @sethlaw discuss, will PRs be relevant in the future? Tune in at 12 Noon ET here:
youtube.com/watch?v=PDVYAwoF…
2
2
110
vercel.com/kb/bulletin/verce… We're talking the Vercel incident first. Seth says that this is a case study into what happens when you use AI as your canvas. We're also sounding like a broken record... reminder: compliance doesn't mean you're secure.
40
And we're live! If you're eager to see us off air, there is still time to register for our Harnessing LLMs training for DefCon Singapore 2026. sg.shop.defcon.org/collectio…
74
Coming up any minute now, @cktricky and @sethlaw are fresh off of the Kernelcon experience and have thoughts on the state of AppSec, which we're hearing mightn't be as solved as mythic claims have suggested: youtube.com/watch?v=RzUCAX11…
1
107
Seth and Ken are running now. Seth goes over the news on trainings (Watch training.absoluteappsec.com for further updates). DEFCON Singapore has moved the Harnessing LLMs to a larger room, so there is space for more seats. Signup here: sg.shop.defcon.org/collectio…
72
There are still some seats left at our Harnessing LLMs training in person at @_kernelcon_ on April 7th/8th. Thinking about grabbing a spontaneous spot? Go to training.absoluteappsec.com to catch us in Omaha.
Ken Johnson (@cktricky ) and Seth Law (@sethlaw ) are back from BsidesSF and RSA, and consequently, they have inklings about where ainfosec (that may not be a typo) thinks it’s headed now. Catch them at 12 Noon Eastern time here: youtube.com/watch?v=Fw4xTLwk…
1
60
A big topic at these conferences this year was the concept of the One True Secure Framework; meanwhile, we've seen multiple open source packages get exploited in the past two weeks. @sethlaw thinks it's gonna get worse before it gets better
1
43
opensourcemalware.com/blog/a… Take a closer look at the circumstances of one of those exploits here:
49
Ken Johnson (@cktricky ) and Seth Law (@sethlaw ) are back from BsidesSF and RSA, and consequently, they have inklings about where ainfosec (that may not be a typo) thinks it’s headed now. Catch them at 12 Noon Eastern time here: youtube.com/watch?v=Fw4xTLwk…
123
Coming up at 12 Noon Eastern, @sethlaw & @cktricky engage in a podcast exchange w/ Kurt Hendle & Cameron Walters butts up against multiversal time. This livestream is either a prequel or sequel, depending on how you situate tomorrow's recorded Coffee, Chaos & Prodsec episode.
ALT Promotion for a special episode of Absolute AppSec podcast with Kurt Hendle and Cameron Walters, the team behind the Coffee, Chaos, and ProdSec podcast. The episode starts today, March 17, 2026, at 12 Noon Eastern time. The provided link to the Youtube livestream is here: https://www.youtube.com/watch?v=yRckeeg8-5U
1
1
52
For today's livestream, you can join us here: youtube.com/watch?v=yRckeeg8…
1
159
And check out Coffee, Chaos & ProdSec podcast, finding them on your preferred listening platforms here: linktr.ee/coffeechaosprodsec
22
Today on Absolute AppSec, @cktricky and @sethlaw talk about Google tokens in the news, stealing creds from ai browsers, and more. Will we also learn that, like death and taxes, AppSec will always be with us? Tune in here to see at 12 Noon ET:
youtube.com/watch?v=y7Cl46oM…
1
1
91
Discussing the risks going forward of code-generation increasing at such high rates of speed with immature guardrails, both Ken and Seth are predicting some interesting times if we push the timeline out a year or so. Expect more of this type of exposure: trufflesecurity.com/blog/goo…
1
59
Quick hit discussion on this link is that browser development is hard, and some AI companies aren't specialists in getting security right first: techradar.com/pro/security/t…
24