Search Go hack yourself with Detectify

An EASM blog from Detectify

Web security podcasts we are currently listening to

September 30, 2018

When you’re tired of reading about web security, you don’t have to stop the learning there. Stream a podcast!

September 30th is International Podcast Day and to celebrate, we’ve curated a list of web security podcasts we are listening to now to get web security news, security research insight and web application security best practices. These shows feature data privacy and security news, cybersecurity tips, insights from bug bounty hunters, pentesters, CISOs and other security professionals. No matter what your security experience level is, we are certain you will learn something from one of these.

Recommended web security podcasts for 2018:

Application Security Podcast

The Application Security Podcast broadcasts to reach builders and testers of things (developers, testers, managers, product people, sales, marketing). We like them because their approach to application security is done in a way that someone new to the field can understand. Topics covered include foundational application security topics, ongoing OWASP projects and interviewing successful profiles in application security. Application Security Podcast is breaking down boundaries of application security to talk a wide range of technologies and security, while keeping the mood light and making it easy to follow along.

Recommended episode: Securing DevOps with Julien Vehent from Mozilla.

What do we like about this episode? This podcast talks about why DevOps is inclusive of security. Julien explains in detail how he incorporated security to be part of his role.

Darknet Diaries

This security podcast covers true stories from hackers, or those who’ve been attacked. Stories of breaches, hacks, botnets, and cybercrime. Cover your laptop camera, turn off the mic on your phone, and listen to it in the corner of your house that gets no wifi. Darknet Diaries’ podcasts are creepy, eye opening, and thrilling. Each story will keep you glued to your headphones with detailed recounts of hacking operations.

Recommended episode: Ep 22: Mini-Stories: Vol 1

What do we like about this episode? This episode features an exciting pentesting case from mubix, incident response involving wind turbines and crypto-mining from RobertMLee and last but not least a social engineering tale from _sn0ww.

Down the Security Rabbithole

Down the Security Rabbithole Podcast (DtSR) was born out of the idea that security needs a voice that teaches as well as challenges things the community takes for granted. DtSR is proudly “SFW” so you can share with your friends, family, or co-workers. Hosts, Rafal and James, broadcast a new episode each week featuring interesting industry influencers in different roles including CISOs, security architects, security law practitioners, etc. They also have a great intro tune!

Recommended episode: DtSR Episode 305 – Security for the Mid-market

What do we like about this episode? This episode analyses what security looks like for a mid-market company and how you can make it effective.  It goes on to discuss how you find the specialist person, partner or vendor to help you with it.

7 minute security

7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security.  The podcast also features in-depth interviews with cybersecurity industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

Recommended episode: 7MS #318: Interview with Bjorn Kimminich of OWASP Juice Shop

What do we like about this episode? It’s not quite a 7-minute episode but it’s a knowledge-filled episode featuring Bjorn Kimminich of the OWASP Juice Shop. This one touches on the current state of application security, common web vulnerabilities and how developer teams can bake security into their products.

Smashing Security

Winner of Infosecurity’s Best Security Podcast 2018, Smashing Security is a tech news podcast hosted by industry veterans Graham Cluley and Carole Theriault. Every week, they chat with a special guest about cybercrime, technology, and privacy, focusing on the bigger (or quirkier) cyber news stories of the week. While the topics are often serious, the delivery is not and they have indeed mastered the art of “bickertainment”.

Recommended episode: 093: Abandoned domains and dating app dangers

What do we like about this episode? They dive into why neglecting subdomains is a bad idea and how they can be taken over and even used for email spoofing. They also talk about privacy when it comes to dating apps.


Säkerhetspodcasten is one of the first and longest running security podcasts in Sweden. Hosted by five security experts, this bi-weekly podcast covers topics such as the latest security news, security culture, application and network security, forensics etc. They keep things interesting with a mix of interviews and panelist discussions, as well as recording in both Swedish and English.

Recommended episode: Episode #134 interviews with Sec-T 2018 panelists (in English) 

What do we like about this episode? They had recorded podcast interviews with speakers at this year’s Sec-T Community Night event and included segments with some of the event speakers.

The CyberWire

More signal, less noise— The CyberWire distills the day’s critical cyber security news into a concise daily podcast. This daily podcast includes interviews with a diverse spectrum of experts from industry, academia, and research organizations all over the world.

Recommended episode: Episode #694: Facebook discloses a major breach. Botnet brute forcing ransomware… and more

What do we like about these episode? This episode covers a range of topics including the recent Facebook data breach and also reminds us how to be vigilant when shopping and a bit on a bluetooth pairing vulnerability.

That’s this year’s list! Did we miss one? Let us know in the comments below!