In this episode, we talk about application security with guest Tanya Janca. Hear our discussion on the tension between authentication and authorization, the prevalence of API security flaws, the upcoming open comment period for the new version of the OWASP Top Ten, and the inadequacy of API security measures. We also discussed the importance of designing an effective security program for different industry companies, the differences between CSPM and CASB, the use of tools, and the importance of keeping up with updates. Read the associated short blog on Application Security: https://www.horangi.com/blog/exploring-the-challenges-of-application-security - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Tanya's LinkedIn: https://www.linkedin.com/in/tanya-janca/ SheHacksPurple: https://shehackspurple.ca/ - Get Tanya's book here -- https://a.co/d/cY33RL0