Archive - The BoringAppSec Community

Edition 33 - The role of AppSec engineers is moving from being carpenters to gardeners

I don't think "AppSec is dead", but the role of AppSec engineers is certainly changing

Mar 17 • Sandesh Mysore Anand

VulnVibes: Building an AI Agent That Reasons Across Microservices to Find Real Vulnerabilities

A prototype AI agent that validates real AppSec issues across repositories, infrastructure, and microservice boundaries.

Mar 16 • Anshuman Bhartiya

Ep 37: The Future of Security Testing in an AI-Driven World with Jason Haddix

Watch now (61 mins) | In this episode, Jason Haddix (CEO of Arcanum Information Security and creator of the Bug Hunter’s Methodology) joins us to…

Mar 11 • Sandesh Mysore Anand and Anshuman Bhartiya

1:01:56

Ep 36: Discussing AI's Current State of Affairs

In this episode, we examine what is shifting in AI, AppSec, and product security and what remains fundamentally the same.

Mar 2 • Sandesh Mysore Anand and Anshuman Bhartiya

50:11

February 2026

Ep 35: Exploring Security After Determinism with Jens Ernstberger

In this episode, we sit down with Jens to explore why AI agents fundamentally break traditional security assumptions, from API keys and browser sessions…

Feb 16 • Sandesh Mysore Anand and Anshuman Bhartiya

49:50

Day in the Life: Building a Prototype with My AI Agent

(Without Getting Pwned)

Feb 13 • Anshuman Bhartiya

Ep 34: Security at Scale in a Probabilistic World with Ankur Chakraborty

In this episode, Ankur Chakraborty, Senior Director of Platform Security at Box, joins us to examine what security looks like when systems no longer…

Feb 2 • Sandesh Mysore Anand and Anshuman Bhartiya

56:37

January 2026

Ep 33: The Future of Identity in AI Agents with Ian Livingstone

In this episode, we sit down with Ian Livingstone to explore how AI is reshaping application security.

Jan 28 • Sandesh Mysore Anand and Anshuman Bhartiya

55:01

Edition 32: BigCo is building in AppSec, but it's too early to get excited

OpenAI, Anthropic, Google Deepmind, GitHub, & AWS have announced AI-powered AppSec solutions. But should we get ready to switch?

Jan 27 • Sandesh Mysore Anand

Browser Relay: When Your AI Assistant Gets Hands on Your Browser

Disclaimer: This is a cross post from my tech blog, co-authored by my personal AI assistant Sage.

Jan 26 • Anshuman Bhartiya

Skills: The Missing Piece in AI Security Tooling

Building on the SecureVibes series

Jan 23 • Anshuman Bhartiya

Ep 32: Rethinking Enterprise Security in an AI- and Platform-First World with Kane Narraway

In this episode, we sit down with Kane Narraway to unpack how enterprise security is changing as AI, platforms, and developer-driven security become the…

Jan 19 • Anshuman Bhartiya

49:35

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts