{"podcast":{"title":"Application Security Weekly (Audio)","slug":"application-security-weekly-audio-436682","podcast_index_feed_id":436682,"rss_url":"https://aswaudio.libsyn.com/rss","website_url":"https://securityweekly.com/asw","image_url":"https://static.libsyn.com/p/assets/0/a/1/5/0a15d1d27c1a4bbc27a2322813b393ee/ASW_Cover_1920x1920-20240930-x3a3ohx73b.png","author":"Security Weekly Productions","episode_count":398,"summary":"About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.","last_synced_at":null,"page_url":"https://stenobird.com/podcast/application-security-weekly-audio-436682"},"episode":{"title":"AI-Era AppSec: Transparency, Trust, and Risk Beyond the Firewall - Felipe Zipitria, Steve Springett, Aruneesh Salhotra, Ken Huang - ASW #363","slug":"ai-era-appsec-transparency-trust-and-risk-beyond-the-firewall-felipe-zipitria-steve-springett-aruneesh-salhotra-ken-huang-asw-363","published_at":"2025-12-30T10:00:00+00:00","page_url":"https://stenobird.com/podcast/application-security-weekly-audio-436682/ai-era-appsec-transparency-trust-and-risk-beyond-the-firewall-felipe-zipitria-steve-springett-aruneesh-salhotra-ken-huang-asw-363","show_page_url":"https://stenobird.com/podcast/application-security-weekly-audio-436682","url":"https://aswaudio.libsyn.com/ai-era-appsec-transparency-trust-and-risk-beyond-the-firewall-felipe-zipitria-steve-springett-aruneesh-salhotra-ken-huang-asw-363","audio_url":"https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_363_1--921a9750-7628-4a13-9757-028c48dc031d--audio-converted--f15ba35d-3a32-4f81-84f6-d3e9650c3452.mp3?dest-id=626765","summary":"In an era dominated by AI-powered security tools and cloud-native architectures, are traditional Web Application Firewalls still relevant? Join us as we speak with Felipe Zipitria, co-leader of the OWASP Core Rule Set (CRS) project. Felipe has been at the forefront of open-source security, leading the development of one of the world's most widely deployed WAF rule sets, trusted by organizations globally to protect their web applications. Felipe explains why WAFs remain a critical layer in modern defense-in-depth strategies. We'll explore what makes OWASP CRS the go-to choice for security teams, dive into the project's current innovations, and discuss how traditional rule-based security is evolving to work alongside — not against — AI. Segment Resources: github.com/coreruleset/coreruleset coreruleset.org The future of CycloneDX is defined by modularity, API-first design, and deeper contextual insight, enabling transparency that is not just comprehensive, but actionable. At its heart is the Transparency Exchange API, which delivers a normalized, format-agnostic model for sharing SBOMs, attestations, risks, and more across the software supply chain. As genAI transforms every sector of modern business, the security community faces a question: how do we protect systems we can't fully see or understand? In this fireside chat, Aruneesh Salhotra, Project Lead for OWASP AIBOM and Co-Lead of OWASP AI Exchange, discusses two groundbreaking initiatives that are reshaping how organizations approach AI security and supply chain transparency. OWASP AI Exchange has emerged as the go-to single resource for AI security and privacy, providing over 200 pages of practical advice on protecting AI and data-centric systems from threats. Through its official liaison partnership with CEN/CENELE…","meta_description":"In an era dominated by AI-powered security tools and cloud-native architectures, are traditional Web Application Firewalls still relevant? Join us as we s…","key_points":[],"chapters":[],"topics":[],"duration_seconds":4003,"processing_state":"not_requested","actions":[{"name":"request_transcript","method":"POST","url":"https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/ai-era-appsec-transparency-trust-and-risk-beyond-the-firewall-felipe-zipitria-steve-springett-aruneesh-salhotra-ken-huang-asw-363/transcription-requests","description":"Idempotently request low-priority transcript generation for this episode."},{"name":"read_markdown","method":"GET","url":"https://stenobird.com/podcast/application-security-weekly-audio-436682/ai-era-appsec-transparency-trust-and-risk-beyond-the-firewall-felipe-zipitria-steve-springett-aruneesh-salhotra-ken-huang-asw-363.md","description":"Read the agent-friendly Markdown representation of this episode resource."}]}}