Seth and Ken are joined by Adam Baldwin (@adam_baldwin) to discuss a topic we've been talking a lot about - 3rd party dependency and supply chain security. Adam gave a talk at this year's LocoMoco Security conference where he discuss fascinating and VERY relevant topics such as "developer burnout as an attack vector" as well as providing stats such as 97% of modern node applications rely on the code of 3rd party libraries.

Seth and Ken discuss conference proposals submissions and how to stand out. Also discussions on the latest security news, including the Zoom vulnerability disclosure, European fines for Marriott, and the latest hijacked/backdoored third-party library.

Julian Berton joins Seth and Ken to talk about Developer Training, Security Standards and AppSec Day, a global Application Security conference in Melbourne, Australia. They also discuss the latest lodash vulnerability and Boeing's outsourcing of developers.

Seth and Ken welcome Abdullah Munawar and Ben Pick to the show. They discuss their path into application security, current roles, and OWASP involvement. Specifically, Abdullah and Ben talk about running the OWASP NoVA chapter and challenges in organizing the Global AppSec DC conference.

Based on demand, Seth and Ken are joined by Tanya Janca (@shehackspurple) to talk about all things OWASP, travel, and experinces. Topics include OWASP DevSlop, diversity, and inclusion

Seth is joined once again by Stefan Edwards to talk about current events and ruin another portion of information security. Topics include Huawei, Android Security, and Programming Languages.

Seth and Ken discuss Minecraft mod hacking and applying AppSec tools to the practice. Joined by James Wickett (@wickett) to talk about the history of DevOps, why software security people should learn to code, and current trends in the DevOps space.

Seth and Ken discuss Edge Side Include Injection. Subsequently joined by David Lindner (@golfhackerdave), the current head of AppSec at Contrast Security. David talks all about RASP, mobile and IoT security plus talk a little bit about appsec program building.

Seth and Ken are joined by the OWASP WIA (Women in AppSec, @owaspwia) Committee. We discuss diversity in security and how the committee and OWASP is making the community more inclusive. Topics include first security conferences, how to get involved, and more.

Seth and Ken get back together to talk about Loco Moco Sec and recent industry news. Specifically, should all security people be able to code? Is it a strict requirement? Ken gives his take on the talks from LocomocoSec and why we should all be there in 2020.