Cosmos & Chaos

What if astronomer and science communicator Carl Sagan was also a CISO?

In discussing the large-scale structure of the cosmos, astronomers sometimes say that space is curved,

Or that the number of vulns is finite, but unbounded.

And that among these billions and billions of vulns, there may be intelligence.

But how shall we discover intelligent life?

Is it looking to CWEs? Giving CVSS scores more decimal points? Should our lists go to 100 instead of 10?

Perhaps the answer lies elsewhere.

And that the paths of evolution will take appsec in marvelous, different directions.

Find out more about Carl Sagan and his work at I also used a quote from his book, The Demon-Haunted World, in this old post.

In the interview segement, Kelly Shortridge talked about their new book, Security Chaos Engineering. It was a fun interview that touched on science and myth as it relates to appsec. At one point Kelly made a comment about how other domains handle resilience and safety, noting that airlines don’t approach safety the way appsec teams approach security. I even riffed on that idea back in episode 238.

But what I’m most excited about is that this episode marks a new intro and new music that has a more synthwave vibe to it.

Check out this episode's show notes for links to the articles we covered. And please take a moment to subscribe.