ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "James Berthoty -- Is DAST Dead? And the future of API security"
Episode Synopsis
James Berthoty, a cloud security engineer with a diverse IT background, discusses his journey into application and product security. James highlights his career trajectory from IT operations to cloud security, his experiences with security tools like Snyk and StackHawk, and the evolving landscape of Dynamic Application Security Testing (DAST) and API security. They delve into the practical challenges of CVEs, reachability analysis, and the complexities of patching in mid-sized companies. James shares his views on the often misunderstood role of WAF and the importance of fixing issues over merely identifying them. James Berthoty’s LinkedIn post: AppSec Kool-Aid Statements I Disagree WithWhat is Art by Leo TolstoyFOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More episodes of the podcast The Application Security Podcast
OWASP Candidate Debate - 2025 Edition
15/10/2025
Francesco Cipollone - Agentic AI Manifesto
23/09/2025
Getting Ready for the EU CRA
20/08/2025
Marisa Fagan - Measuring Security Culture
05/08/2025
Sean Varga -- OWASP Top 10 for AppSec Sales
15/07/2025
In God we trust