The AppSec Insiders
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs. If you’re an AppSec professional looking for an opportunity to work with some of the best in the industry, or a developer with an interest in cybersecurity, be sure to check out our careers page at ForwardSecurity.com/careers We would greatly appreciate it if you subscribed to the podcast wherever you listen to the show, and be sure to follow us on LinkedIn and Twitter at Forward Security. Links are in the show notes. • https://www.ForwardSecurity.com • https://www.linkedin.com/company/fwdsec/mycompany/verification/ • https://twitter.com/fwd_sec
Episodes
In this episode, we explore the emerging security risks of AI and LLMs in modern applications. Iman shares real-world experiences bypassing AI guardrails like LlamaGuard and OpenAI Shield, while the team discusses prompt injection attacks, system prompt exposure, excessive agency vulnerabilities, and data poisoning. Learn about the OWASP Top 10 for LLMs, why AI usage policies are critical, and how attackers are exploiting everythin...
In this episode of The AppSec Insiders Podcast, we dive into two major security stories making headlines: a fake Solidity extension that drained a developer’s crypto wallets, and Google’s AI-powered tool “Big Sleep” uncovering a critical Chrome vulnerability. From malicious packages to AI-driven defenses, we break down what these cases reveal about today’s evolving AppSec landscape.
SQL Injection to RCE: Fortinet's Critical Vulnerability Exposed | The AppSec Insiders Podcast Ep. 17
On this episode of The AppSec Insiders Podcast, we dive into CVE-2025-25257, a Fortinet FortiWeb Fabric Connector SQL injection vulnerability that escalates to RCE. We break down how this exploit works, why it’s so impactful, and what lessons organizations can learn, from proper network segmentation to the importance of SAST in your pipeline.
We also touch on broader trends, from IoT security issues to recurring mistakes in network...
In this episode, we unpack CVE-2025-49596, where prompt injection, CSRF, and localhost access were chained to achieve RCE in the MCP Inspector AI tool. Learn how the exploit worked, what it reveals about LLM security risks, and how to defend against similar threats with sandboxing, access controls, and DevSecOps monitoring.
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know
For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs.
If you’re an A...
Welcome to The AppSec Insiders Podcast. This is a show where we discuss the hottest topics and latest trends in application and cloud security, and tell you what you need to know
For those who don’t know who we are, we are all software developers, white-hat hackers, and code security experts. When we’re not recording the podcast, we help organizations of all sizes with their cybersecurity needs.
If you’re an A...
In this episode, we discuss 2023 Security Threats & Newcomers Recap
In this episode, we discuss the Flipper Zero and IoT Security.
In this episode, we return to the topic from the previous episodes and continue explore the challenges of testing against the ASVS standard.
In this episode, we explore the challenges of testing against the ASVS standard - Part 3
In this episode, we continue to explore the challenges of testing against the ASVS standard.
In this episode, we sit down with Oscar van der Meer, Founder and CEO of MergeBase to discuss Software Composition Analysis (SCA) and why it is important for supply chain security.
In this episode we explore Azure Security: Raising Alarms and Reducing the Blast Radius.
In this episode we explore AWS SRA (Secure Reference Architecture).
In this episode, we explore the challenges of testing against the ASVS standard.
In this episode, we dive deep into the world of ChatGPT and AI technology. What does this mean for application security?
In this episode, we explore OWASP Top 10 and the potential attacks on the CI/CD (part 1).
In this episode, we continue our discussion about OWASP Top 10 and attacks on the CI/CD pipeline.
Popular Podcasts
Two Guys (Bowen Yang and Matt Rogers). Five Rings (you know, from the Olympics logo). One essential podcast for the 2026 Milan-Cortina Winter Olympics. Bowen Yang (SNL, Wicked) and Matt Rogers (Palm Royale, No Good Deed) of Las Culturistas are back for a second season of Two Guys, Five Rings, a collaboration with NBC Sports and iHeartRadio. In this 15-episode event, Bowen and Matt discuss the top storylines, obsess over Italian culture, and find out what really goes on in the Olympic Village.
Listen to the latest news from the 2026 Winter Olympics.
The 2026 Winter Olympics in Milan Cortina are here and have everyone talking. iHeartPodcasts is buzzing with content in honor of the XXV Winter Olympics We’re bringing you episodes from a variety of iHeartPodcast shows to help you keep up with the action. Follow Milan Cortina Winter Olympics so you don’t miss any coverage of the 2026 Winter Olympics, and if you like what you hear, be sure to follow each Podcast in the feed for more great content from iHeartPodcasts.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Saskia Inwood woke up one morning, knowing her life would never be the same. The night before, she learned the unimaginable – that the husband she knew in the light of day was a different person after dark. This season unpacks Saskia’s discovery of her husband’s secret life and her fight to bring him to justice. Along the way, we expose a crime that is just coming to light. This is also a story about the myth of the “perfect victim:” who gets believed, who gets doubted, and why. We follow Saskia as she works to reclaim her body, her voice, and her life. If you would like to reach out to the Betrayal Team, email us at betrayalpod@gmail.com. Follow us on Instagram @betrayalpod and @glasspodcasts. Please join our Substack for additional exclusive content, curated book recommendations, and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience, and healing. Your voice matters! Be a part of our Betrayal journey on Substack.