Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338

Application Security Weekly (Audio) · 2025-07-08

01:07:15

Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is expanding a new (but not very different) attack surface. We look at where orgs are investing in appsec, who appsec teams are collaborating with, and whether we need security awareness training for LLMs.

Resources:

https://www.forrester.com/blogs/application-security-2025-yes-ai-just-made-it-harder-to-do-this-right/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-338

Application Security Weekly (Audio)

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.

No. of episodes: 353

Latest episode: 2025-07-15

Technology News Tech News

Where can you listen?

Episodes