Ken Johnson has been hacking web applications professionally for 10 years and giving security training for 7 of those years. Ken is both a breaker and builder who currently works on the GitHub application security team. Ken explains approaching appsec the right way, "running a scanner without context", getting the right context/importance of context, and how do you figure what's real and what's legit?
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode45 Follow us on Twitter: https://www.twitter.com/securityweekly