Today, I’m joined by Kalyani Pawar, an Application Security Engineer at Zipline and a seasoned AppSec expert with a deep commitment to the startup ecosystem. Beyond her day job, she actively advises startups and VCs on what really matters in application security.

Kalyani is also the co-host of the Application Security Weekly podcast and a speaker at top conferences like DEFCON, BSides SF, and RSA.

She’s been a driving force behind the scenes too, serving on reviewer boards for DEFCON, WiCyS, and several BSides chapters—helping shape high-impact security content for the community.

In today’s episode, we dive into her experience designing security programs from scratch across startups of all stages—and ask the big question: Can ‘Minimum Viable Security’ be the fix to all the AI-fueled chaos in startups?

We also explore how VCs impact security decisions, the role of interns on security teams, and how to tackle the beast of security debt.

Dive right in!