Many years in the past, a younger boy sat within the attic of his dwelling, simply on the fringe of the Empire State Constructing’s radio shadow. The crackling AM radio all of the sudden shifted from a Sunday morning church program to the acquainted sound of a phone left off the hook. He perked up, able to dive into a distinct world—one in every of intelligent hacks, magic cereal whistles, and the ever-expanding horizon of expertise.
That boy was me, tuning into Off the Hook, a hacker broadcast hosted by a mysterious character going by the alias Emmanuel Goldstein—a nod to Orwell’s antagonist in 1984. For me, this was the spark that ignited a lifelong ardour for tech and cybersecurity. And like many within the InfoSec group, I look again on these early moments as the muse of a profession spent understanding and defending the techniques all of us depend on.
Quick ahead to at present and I’m thrilled to announce the launch of AppSec Serialized, a model new podcast by Invicti. This podcast offers us a platform to dive deep into the subjects that hold us buzzing on this planet of utility safety. For me, engaged on the podcast was additionally a full-circle second, going again to my very own origins within the tech world—solely this time, I get to not solely hear but additionally to create one thing new and thrilling.
The identify AppSec Serialized captures the playful, punny tone of the present, mixing the idea of serialized storytelling with a twist on the tech vulnerability of insecure deserialization. We channel a little bit of the old-time radio serial vibe with a contemporary AppSec twist, and add dialog between safety practitioners.
A contemporary strategy to the cybersecurity podcast
At Invicti, we satisfaction ourselves on being revolutionary, and this podcast isn’t any exception. As a long-time lover of tales and narratives, I wished to carry a singular taste to our discussions. Every episode begins with a gap fictional section dramatizing a key facet of AppSec, generally drawing closely on real-world incidents (don’t fear—we’ve modified the names to guard the harmless and not-so-innocent). We change views all through the sequence, alternating between the mindset of an attacker and a defender, giving listeners an opportunity to have interaction with safety themes in a extra narrative, approachable manner.
The center of every episode is a laid-back dialog the place our CTO, Frank Catucci, and I sort out present traits, share insights, and focus on all issues safety—from net apps to APIs and every thing in between. Sometimes, we dive deeper into the technical particulars, however we ensure that to maintain it accessible for all listeners. Our conversations movement naturally, a results of years of presenting collectively at conferences like OWASP and BlackHat, in addition to throughout inside hearth chats.
For added insights and factors of view, for season 1, we’ve introduced in some particular visitors from inside Invicti. These embrace our Principal Safety Researcher, Bogdan Calin, who sheds gentle on the most recent AI/ML fashions, and our personal AppSec gurus within the type of Invicti’s CISO Matt Sciberras and Software Safety Engineer Paul Good, who share inside finest practices in AppSec.
A collaborative effort in-house
What makes AppSec Serialized much more particular is that we’re producing the entire sequence solely in-house. From music to voice appearing, sound mixing, and total manufacturing, a small however mighty group (shoutout to Zbigniew Banach and Meaghan McBee) handles all of it. The intro music was specifically written to present every episode that High Gear-inspired kick, and also you’ll discover loads of enjoyable references peppered all through the episodes. We’ve even discovered ourselves increase some inside lore as our fictional story characters develop—who knew?
Behind-the-scenes nerdy particulars
For these of you who wish to peek on the supply code, the method we use to supply the podcast is fairly easy.
We report episodes utilizing Blue Yeti mics set to Cardioid mode at roughly 25% acquire, with Sony MDR 7506 headphones to remove bleeding. We use the open-source Audacity audio editor to report a neighborhood uncooked observe, synchronized with a clap in the beginning of recording. The uncooked tracks are then handed by way of an Audacity noise filter educated on open mic noise (12dB discount in 3 bands with 6.0 sensitivity) and edited to reach on the last supply materials.
The fiction story and speak tracks are then manually lined up, edited, and combined utilizing a digital audio workstation (DAW), particularly Cakewalk by Bandlab. At this stage, the music segments, results, intros, and outros are additionally added and blended in. The ultimate combine is compressed at 4:1 and normalized to -3dB earlier than exporting to a high-quality MP3 prepared for publication.
Tune in and sit back
This podcast is a labor of affection, and we’ve had an unbelievable time bringing it to life. We hope you get pleasure from listening to AppSec Serialized as a lot as we’ve loved creating it. For episode 1, we went after the OG net vulnerability: cross-site scripting (XSS). Keep tuned, and be part of us for a journey by way of the ever-evolving world of AppSec!
Take heed to AppSec Serialized Episode 1: Sizzling Cross-Website Enjoyable!
