ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "What Tools Miss and Why Humans Matter in AppSec - Yash Shahani"
Episode Synopsis
In this episode of the Security Repo Podcast, Dwayne McDaniel sits down with Yash Shahani, a seasoned AppSec engineer and vulnerability hunter, to dive into the nuances of manual code review and the limitations of automated security tools. They explore the evolving role of AI in AppSec, its promise and pitfalls, and why human intuition still plays a vital role in catching complex logic flaws. Yash also shares practical tips for exploring unfamiliar codebases and emphasizes the importance of treating security as a shared responsibility across teams.Yash Shahani is a security researcher and AppSec engineer with a background in building and breaking applications. He holds a Master’s in Information Security from Carnegie Mellon and focuses on finding the vulnerabilities that tools miss. Yash is an active member of the security community and an organizer for BSides San Francisco. He’s passionate about making security easier to adopt - something teams naturally build into software development, not bolt on later.
More episodes of the podcast The Security Repo
The CISO Whisperer Approach: Security Leadership, Empathy, and ‘Dad Bod’ Metrics – Douglas Brush
17/12/2025
Scaling Open Source Observability and Managing Risk in the Software Supply Chain – Avi Press
10/12/2025
Why Technical CISOs Matter and How AI Is Shaping Security Ops - David Cross on Leading Security
26/11/2025
From Military Intel to CISO: Navigating Security Leadership in the Age of AI – Darren Desmond
12/11/2025
In God we trust