Ken Johnson
@cktricky
Followers
4K
Following
6K
Media
675
Statuses
9K
Co-Founder & CTO @DryRunSecurity. AppSec. BJJ 🤎. Podcast: https://t.co/lNWxkUndEZ. - '85 Champion Chubby Winner.
Northern VA
Joined June 2009
Thanks again to The Boring AppSec podcast for having me on! You can check out the episode, here:.
0
0
2
Constructing a Trustworthy Evaluation Methodology for Contextual Security Analysis.
dryrun.security
Deterministic scanners miss the logic flaws that matter. This post shows our evaluation methodology and how our agentic Contextual Security Analysis engine is able to deliver accuracy as a continuous...
0
0
1
One of my favorite features and something we've been delivering & improving on for over a year now. I wish this was available to me when I worked as a defender - could have saved us from sooooo many bug bounty submissions.
Still chasing false positives with regex? 😵💫.Our NLCPs treat code as context, not just text—so you catch real risk, fast. See how AppSec teams are spotting auth gaps, insecure workflows & PII leaks 🔍. 👇 Read the blog. #AppSec #DevSecOps #AI
0
1
3
Less than 1 week out (June 16/17) and @sethlaw and I still have seats left for our remote/virtual (AI Enhanced) Manual Secure Code Review course. Sign up at the @absoluteappsec site:.
0
2
5
2 weeks left to register for this course! (and we've got some "hush hush" additional content/code for the course 🙂). Register at
linkedin.com
Heads up, friends! On June 16th & 17th, Seth Law and Ken Johnson are once again virtually offering their Practical Secure-Code Review course, which teaches an established industry-leading methodology...
0
0
2
Interesting read on adapting developer workflows with (functional) AI Code Reviews:.
refactoring.fm
Reflections and predictions on the future of code reviews, taking inspiration from the CodeRabbit success.
0
0
0
📣📣📣 REMINDER 📣📣📣. The @absoluteappsec practical secure code review course was moved from May to June 16 & 17. We still have seats available! . Register at
0
0
2
RT @absoluteappsec: Once again, we have a livestream podcast coming up in 20 minutes. This week we're going to advise the new class of ever….
0
2
0
There is a philosophical difference between augmenting deterministic methods with AI vs starting with probabilistic methods and enriching analysis thru code comprehension. Put plainly - When you start with patterns, you miss what REALLY matters.
dryrun.security
Traditional SAST tools are built to catch Known Knowns—obvious, well-documented vulnerabilities—but they consistently miss the Known Unknowns like logic flaws and broken auth that vary by context and...
0
0
0
🇲🇽Happy Cinco De Mayo! 🇲🇽. And there is even more reason to celebrate because there are still seats left for @sethlaw and I's @absoluteappsec Secure Code Review course next Monday & Tuesday 😜 (.
0
1
2
On our latest episode of @absoluteappsec - @sethlaw and I shared how to get Claude Desktop connected to Damn Vulnerable MCP Server. Shortened clip:
0
0
2
🚨 On May 12 & 13, @AppSecPodcast is running a virtual Secure Code Review course!. ✅ Great for devs & security folks.✅ Tech-agnostic, hands-on.✅ Manual review + smart AI assist.✅ Cert on completion. Taught by @sethlaw & me — sign up at:
0
1
5
We - @DryRunSecurity - performed 3 bake-offs against @snyksec @semgrep @SonarQube and CodeQL (GitHub). the results are incredible for us. Check them out at:.
dryrun.security
Stay Informed and Secure: Check Out Our Latest Security Insights and News!
0
0
2
There are still a few seats left in our virtual secure code review course this Thur and Friday
If you've had a Secure-Code Review course in your career plan, check out this opportunity. Seth and Ken have been teaching this course for years, and now it is enhanced with segments on integrating AI tooling into your workflows. Check out the site to register or find out more.
0
1
2
We've heard the community and in response @sethlaw and I are finally delivering the @absoluteappsec Secure Code Review course again, **virtually**, at the end of this month (March 27 & 28th). Register at DM for any questions you might have.
0
0
3
You wont' want to miss this one!.
Tomorrow at a special time 11 AM Eastern/ 9 AM Mountain, @MylesBorins, product lead of developer platform at @SnowflakeDB is joining @cktricky and @sethlaw for a special episode of Absolute AppSec. Join us here:
0
1
4
RT @josh_larsen: Great time chatting with @cktricky and @sethlaw - we already have some fun stuff in the works for another @absoluteappsec….
0
1
0