How has application security evolved over the decades? Carl and Richard talk to Michael Howard about his experiences working in security at Microsoft. Michael discusses his current role as a member of the Red Team at Microsoft, which identifies security vulnerabilities within the organization by creating scenarios that black hats might employ, such as stealing tokens or hijacking financial transactions. The conversation examines how security continues to evolve, with improved tools, new attack surfaces, and increasingly serious attacks. It's an arms race, but one the good guys can win!