# AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Merritt Maxim, Scott Clinton, Janet Worthington - ASW #384 Page: https://stenobird.com/podcast/application-security-weekly-audio-436682/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384 Text version: https://stenobird.com/podcast/application-security-weekly-audio-436682/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384.md Podcast: [Application Security Weekly (Audio)](https://stenobird.com/podcast/application-security-weekly-audio-436682) Published: 2026-05-26T09:00:00+00:00 Episode link: https://aswaudio.libsyn.com/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384 Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_384_1--c8f96804-0404-4d5b-af25-cd94444dda72--audio-converted--209dd15e-cc1d-4376-9bc4-80eb788301f8.mp3?dest-id=626765 Processing state: not_requested JSON: https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384 Duration seconds: 3580 ## Resource We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project's latest research, including new landscape guides and evolving approaches to securing generative and agentic AI systems. The conversation explores critical gaps in GenAI data security, the rise of AI-assisted development, and the immense growth of the OWASP community and sponsor ecosystem. Looking ahead, he outlines the most urgent risks and priorities shaping AI and agentic security in 2026. Then Merritt Maxim discusses how AI is affecting Identity and Access Management. Expect to hear this topic a lot throughout 2026, especially as the industry tries to figure out what's different or special about securing agent identities. We close with a chat with Janet Worthington about the impact of agents on the SDLC and how orgs are updating their controls to deal with code generated by humans and LLMs alike. Segment Resources: https://genai.owasp.org https://genai.owasp.org/resources/ https://www.scworld.com/podcast-episode/3905-keeping-up-with-the-owasp-genai-project-scott-clinton-asw-381 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-384 ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/application-security-weekly-audio-436682/appsec-conversations-on-agents-llms-and-owasp-from-rsac-merritt-maxim-scott-clinton-janet-worthington-asw-384.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.