Four Predictions for AppSec in 2025 By Ken Johnson and Seth Law In this joint blog from Seth Law at Redpoint and Ken Johnson at DryRun Security, we highlight how 2025 will be a pivotal year for large language models (LLMs) in AppSec. Building on the momentum of 2024, LLMs are moving from novelty to […]
Podcast
Ransomware as a Service
“Addressing Ransomware in Organizations and Application Security” [For an attacker], where there’s an absence from technical protection, there’s always the presence of human error. -KEN JOHNSON Ransomware is everywhere! The international news regarding the May 2021 ransomware attack on Colonial Pipeline and the subsequent service shutoff affecting consumers throughout the U.S. southeast put launched ransomware […]
A Client-Side Solve: Browser Sanitization APIs
Could Browser Sanitization APIs mean a new era of client-side security? In April 2021, Google and Firefox both announced that a sanitization api would be integrated within their browsers. Ken Johnson (cktricky) and Seth Law (sethlaw) discussed these new developments on the Absolute Appsec podcast with a good deal more sanguinity than regular podcast listeners […]