Send us Fan Mail

In Episode 87 of Application Paranoia, Colin Bell is joined by Rob Cuddy and Kris Duer to unpack the industry’s growing push toward security platform consolidation.

Are customers really asking for fewer tools, or are vendors shaping the narrative? Is consolidation improving security outcomes, or simply making complexity easier to explain to executives, boards, and auditors?

The team also discusses AI-generated code, customer questions from the field, SAST analysis choices, data flow, false positives, and Kris’s take on AI fear-based marketing.

Plus: NPC streaming, Second Life hacking nostalgia, golf season, proactive SCA monitoring, and a quick preview of Colin and Kris’s upcoming webinar on AI-assisted development.

Webinar: Join Colin and Kris on 6 May for a discussion on how AI is changing how code gets written, trusted, validated, and approved.
Register here: https://www.linkedin.com/events/7449460461881704448/

Send us Fan Mail

Is AI making application security obsolete, or exposing new risks we don’t fully understand?

In Episode 86 of Application Paranoia, Colin Bell is joined by Rob Cuddy and Kris Duer to challenge the growing narrative driven in part by Anthropic that AI-powered development could replace traditional AppSec.

The team explores whether AI is accelerating productivity at the expense of understanding, and what that means for developers, security teams, and organisations trying to keep pace.

They also discuss:

• Whether AI is changing how we think (and learn)
• The risks of “vibe coding” and over-reliance on LLMs
• Why AppSec isn’t disappearin but evolving
• Key findings from the latest AppSec trends report, including AI adoption, API visibility gaps, and ownership challenges

And of course, a new term is born: confidence laundering.

Send us Fan Mail

Episode Summary: Application Paranoia S6EP1

In the Season 6 premiere of Application Paranoia, hosts Colin Bell, Rob Cuddy, and Kris Duer kick off a new theme: debunking the top 10 myths about application security—one myth per episode.

They warm up with some lighthearted commentary on new workplace trends like “coffee badging” and the rise of “corp core” attire before diving into a fascinating conversation with Kinny Chan, Chief Commercial Officer at Trust Stamp.

Kinny shares his unique career journey from law to the cutting edge of digital identity and privacy, explaining how electronic discovery evolved from paper documents to complex digital evidence, and the challenges of handling sensitive data in litigation.

The discussion then pivots to the core topic of digital identity in an age where emails, chats, and advanced AI can fake voices and images. Kinny highlights the critical role of biometrics—like facial, palm, and gait recognition—while unpacking the challenges of ensuring liveness and authenticity.

The conversation tackles the limitations of current authentication methods (passwords, devices, biometrics), the risks of centralized identity systems, and the promise of decentralized solutions for greater privacy and control. Kinny also introduces Trust Stamp’s innovative approach of using biometric tokens and data shards to enhance both security and user privacy.

For listeners seeking practical advice, the episode covers essential tips for protecting your digital identity: monitoring your credit report to combat synthetic identity fraud, using unique email addresses, and educating children and grandparents about the dangers of deepfakes and the importance of verification.

The episode concludes with Kinny’s emphasis on using a combination of something you know, something you have, and something you are for strong authentication—and the urgent need to keep evolving digital identity protections as technology rapidly advances.

Key Takeaways:

• Digital identity is increasingly complex due to new technologies and AI.
• Biometrics offer promise but also introduce new challenges.
• Decentralized identity solutions may offer better privacy and control.
• Practical tips: monitor credit reports, use unique emails, and educate about deepfakes and verification.