Today, I’m joined by Nathan Byrd, a Principal AppSec Architect at Applied Systems. Nathan’s journey is truly unique: before joining Applied Systems, he spent an impressive 24 years at Mastercard, where he rose from a software engineer to a Principal AppSec Architect. That’s the longest tenure we’ve seen from anyone on the podcast!Nathan is passionate about building things, whether it’s his early days as an internet fan, building projects with Raspberry Pi Pico, or more recently, creating OAShield (away shield). This open-source project helps generate WAF config files based on OpenAPI specs, which we dive into during today’s conversation.In this conversation, we explore whether traditional WAFs are becoming obsolete in the age of OpenAPI specs, how to keep them accurate, and why adopting a top-down approach to API specifications is key to enhancing security.Nathan also provides valuable advice for aspiring developers passionate about security and explains how he believes AI will play a transformative role in shaping the future of AppSec.Dive right in!