A long time in the past, a younger boy sat within the attic of his house, simply on the fringe of the Empire State Constructing’s radio shadow. The crackling AM radio abruptly shifted from a Sunday morning church program to the acquainted sound of a phone left off the hook. He perked up, able to dive into a unique world—one in every of intelligent hacks, magic cereal whistles, and the ever-expanding horizon of expertise.
That boy was me, tuning into Off the Hook, a hacker broadcast hosted by a mysterious character going by the alias Emmanuel Goldstein—a nod to Orwell’s antagonist in 1984. For me, this was the spark that ignited a lifelong ardour for tech and cybersecurity. And like many within the InfoSec group, I look again on these early moments as the inspiration of a profession spent understanding and defending the techniques all of us depend on.
Quick ahead to as we speak and I’m thrilled to announce the launch of AppSec Serialized, a model new podcast by Invicti. This podcast offers us a platform to dive deep into the matters that hold us buzzing on this planet of utility safety. For me, engaged on the podcast was additionally a full-circle second, going again to my very own origins within the tech world—solely this time, I get to not solely hear but in addition to create one thing new and thrilling.
The identify AppSec Serialized captures the playful, punny tone of the present, mixing the idea of serialized storytelling with a twist on the tech vulnerability of insecure deserialization. We channel a little bit of the old-time radio serial vibe with a contemporary AppSec twist, and add dialog between safety practitioners.
A contemporary method to the cybersecurity podcast
At Invicti, we pleasure ourselves on being progressive, and this podcast isn’t any exception. As a long-time lover of tales and narratives, I needed to convey a novel taste to our discussions. Every episode begins with a gap fictional phase dramatizing a key side of AppSec, typically drawing closely on real-world incidents (don’t fear—we’ve modified the names to guard the harmless and not-so-innocent). We swap views all through the sequence, alternating between the mindset of an attacker and a defender, giving listeners an opportunity to have interaction with safety themes in a extra narrative, approachable means.
The center of every episode is a laid-back dialog the place our CTO, Frank Catucci, and I sort out present tendencies, share insights, and talk about all issues safety—from net apps to APIs and every thing in between. Often, we dive deeper into the technical particulars, however we ensure that to maintain it accessible for all listeners. Our conversations circulation naturally, a results of years of presenting collectively at conferences like OWASP and BlackHat, in addition to throughout inner fireplace chats.
For extra insights and factors of view, for season 1, we’ve introduced in some particular friends from inside Invicti. These embrace our Principal Safety Researcher, Bogdan Calin, who sheds mild on the newest AI/ML fashions, and our personal AppSec gurus within the type of Invicti’s CISO Matt Sciberras and Software Safety Engineer Paul Good, who share inner finest practices in AppSec.
A collaborative effort in-house
What makes AppSec Serialized much more particular is that we’re producing the entire sequence fully in-house. From music to voice appearing, sound mixing, and general manufacturing, a small however mighty workforce (shoutout to Zbigniew Banach and Meaghan McBee) handles all of it. The intro music was specifically written to provide every episode that Prime Gear-inspired kick, and also you’ll discover loads of enjoyable references peppered all through the episodes. We’ve even discovered ourselves build up some inner lore as our fictional story characters develop—who knew?
Behind-the-scenes nerdy particulars
For these of you who wish to peek on the supply code, the method we use to provide the podcast is fairly simple.
We document episodes utilizing Blue Yeti mics set to Cardioid mode at roughly 25% achieve, with Sony MDR 7506 headphones to get rid of bleeding. We use the open-source Audacity audio editor to document an area uncooked observe, synchronized with a clap initially of recording. The uncooked tracks are then handed by means of an Audacity noise filter skilled on open mic noise (12dB discount in 3 bands with 6.0 sensitivity) and edited to reach on the ultimate supply materials.
The fiction story and speak tracks are then manually lined up, edited, and combined utilizing a digital audio workstation (DAW), particularly Cakewalk by Bandlab. At this stage, the music segments, results, intros, and outros are additionally added and blended in. The ultimate combine is compressed at 4:1 and normalized to -3dB earlier than exporting to a high-quality MP3 prepared for publication.
Tune in and relax
This podcast is a labor of affection, and we’ve had an unbelievable time bringing it to life. We hope you take pleasure in listening to AppSec Serialized as a lot as we’ve loved creating it. For episode 1, we went after the OG net vulnerability: cross-site scripting (XSS). Keep tuned, and be part of us for a journey by means of the ever-evolving world of AppSec!
Hearken to AppSec Serialized Episode 1: Sizzling Cross-Website Enjoyable!