Ken Johnson has been hacking web applications professionally for 10 years and giving security training for 7 of those years. Ken is both a breaker and builder who currently works on the GitHub application security team. Ken explains approaching appsec the right way, "running a scanner without context", getting the right context/importance of context, and how do you figure what's real and what's legit?
Full Show NotesFollow us on Twitter: https://www.twitter.com/securityweekly
[caption id="attachment_210" align="alignleft" width="120"] Paul Asadorian - CEO, Security Weekly.[/caption][caption id="attachment_210" align="alignleft" width="120"] Keith Hoodlet - Application Security Manager, Thermo Fisher Scientific.[/caption]
[audio src="http://traffic.libsyn.com/sw-all/Ken_Johnson_GitHub_-_Application_Security_Weekly_45_converted.mp3" ]