Hello, I am Anshuman, an Information Security professional. Read About Me →
Latest
- The Boring AppSec Podcast S2E10 - Vivek Ramachandran
- The Boring AppSec Podcast S2E09 - Ali Mesdaq
- The Boring AppSec Podcast S2E08 - Ankita Gupta
- The Boring AppSec Podcast S2E07 - Jonathan Cran
- The Boring AppSec Podcast S2E06 - Vibhav Sreekanti
- The Boring AppSec Podcast S2E05 - Drew Dennison
- The Boring AppSec Podcast S2E04 - Varun Badhwar
- The Boring AppSec Podcast S2E03 - Robert Wood
- The Boring AppSec Podcast S2E02 - Dustin Lehr
- The Boring AppSec Podcast S2E01 - Jimmy Mesta
- How to build a defensive AI security agent with RAG
- How to build an offensive AI security agent
- The Future of Application Security: Integrating LLMs and AI Agents into Manual Workflows
- The Boring AppSec Podcast S1E10 - Future Security Predictions
- The Boring AppSec Podcast S1E09 - Incidents
- The Boring AppSec Podcast S1E08 - Bug Bounties Part 2
- The Boring AppSec Podcast S1E07 - Hiring in Security
- The Boring AppSec Podcast S1E06 - Vulnerability Management
- The Boring AppSec Podcast S1E05 - Threat Modeling
- The Boring AppSec Podcast S1E04 - Running a lean AppSec team
- The Boring AppSec Podcast S1E03 - Bug Bounties
- The Boring AppSec Podcast S1E02 - First Security Hire
- The Boring AppSec Podcast S1E01 - Asset Inventory
- A Guide To Identify Authorization Vulnerabilities At Scale Using Semgrep
- A Guide On Implementing An Effective SAST Workflow
- A Lightweight Approach To Implement Secure Software Development LifeCycle (Secure SDLC)
- Product Security Roadmap
- Building a Product Security program from scratch
- Ability to send payment requests inspite of being blocked by the recipient
- A CSRF protection bypass technique
- A bug in Facebook that violated my privacy
- Analysis of the BrowserStack breach - A classic example of "Pivoting in the Clouds"
- Security issues with friction-less signup flows
- Performing code review on shell scripts
