Stenobird

Episode

Developing the Skills Needed for Modern Software Development - Keith Hoodlet, Shashwat Sehgal, Ron Rasin - ASW #376

Podcast
Application Security Weekly (Audio)
Published
Mar 31, 2026
Duration seconds
4540
Processing state
not_requested
Canonical source
https://aswaudio.libsyn.com/developing-the-skills-needed-for-modern-software-development-keith-hoodlet-shashwat-sehgal-ron-rasin-asw-376
Audio
https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_376_1--ad451dbf-f224-433c-ac28-497c98e41e94--audio-converted--f78aefb3-3dbf-4753-a1e7-7e758f97332d.mp3?dest-id=626765
JSON
/v1/public/podcasts/application-security-weekly-audio-436682/episodes/developing-the-skills-needed-for-modern-software-development-keith-hoodlet-shashwat-sehgal-ron-rasin-asw-376
Markdown
/podcast/application-security-weekly-audio-436682/developing-the-skills-needed-for-modern-software-development-keith-hoodlet-shashwat-sehgal-ron-rasin-asw-376.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/developing-the-skills-needed-for-modern-software-development-keith-hoodlet-shashwat-sehgal-ron-rasin-asw-376/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/application-security-weekly-audio-436682/developing-the-skills-needed-for-modern-software-development-keith-hoodlet-shashwat-sehgal-ron-rasin-asw-376.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

The future of secure software is going through a mix of skills expected of humans and skills files created for LLMs. We might even posit that appsec as a discipline will fade (and that might not even be a bad thing!). Keith Hoodlet describes the skills he was looking for in building teams of security researchers and why there's still an emphasis on the ability to learn about and understand how software is built. But figuring out what skills will get you hired and what skills are valuable to invest in still feels daunting to new grads and others entering the security industry. We discuss where the role of appsec seems to be heading and a few of the security and software fundamentals that can help you follow that direction. Segment resources https://bsidessf2026.sched.com/event/2E1h4/we-pwn-the-night-growing-leading-an-31337-security-research-team?iframe=yes&w=100%&sidebar=yes&bg=no https://drive.google.com/file/d/1_zLH8vuHU1XOjEyk85WecQwSByDwxAmQ/view?pli=1 https://securing.dev/posts/if-i-were-eighteen-again/ https://research.nvidia.com/labs/lpr/slm-agents/ Then, we rebroadcast two interviews from RSAC 2026. The Identity Crisis of Agentic AI Identity security is being stretched between legacy infrastructure that was never built to be secure and rapidly emerging AI agents and non-human identities that organizations are quickly adopting. As AI accelerates, identity risk grows alongside it, making agentic security fundamentally an identity challenge—because the more access AI has, the greater both its power and potential risk. In this session, Ron Rasin explores how past gaps in areas like Active Directory and machine identities created today's blind spots, and why identity must now act as the control plane for AI-driven enterprises, with real-time enforcement…