Yearly Archives: 2006

Denim Group Blog Wins Award

SA Tech Blog has awarded the Denim Group blog an award for being among the best tech bloggers in San Antonio in 2006.  Denim Group’s John Dickson also won an award as a Best Tech Civic Leader.  Check out the post here. Although we are thankful for these awards we do dispute Rackspace being awarded […]

Testing AJAX Security

There is currently a big push underway at OWASP to get the next version of their Testing Guide finished up.  Denim Group and others have been helping out with the section on testing AJAX-enabled applications.  This is a great resource for web application penetration testers as well as for developers in general so check it […]

SearchAppSecurity Answer About Reverse Engineering

SearchAppSecurity.com has posted an answer I gave to a question about how to prevent reverse engineering in .NET environments. –Dan dan _at_ denimgroup.com

Cap Diebel on Threat Modeling at OWASP Austin

Denim Group‘s very own Cap Diebel will be presenting at OWASP Austin on October 31st.  He will be talking about Threat Modeling and the title of the talk is “How to Understand How Attackers Will Attempt to Exploit Your App.”  The abstract is: The term “threat modeling” has become quite popular recently. Microsoft has published […]

Software Security: Open Source vs. Proprietary

I’m currenly at the OWASP AppSec 2006 conference in Seattle, and I had the opportunity to hear Michael Howard from Microsoft talk about how they have implemented SDL for Windows Vista.  This raised an interesting line of discussion – from a software security standpoint how can open source compete with proprietary vendors? The standard argument […]

Sprajax Donation Covered By SearchAppSecurity.com

SearchAppSecurity.com has released a story about Denim Group’s donation of sprajax to OWASP.  Check it out. Also I will be speaking on sprajax and other topics later today at the OWASP AppSec 2006 conference.  If you are at the conference track me down and say hello. –Dan dan _at_ denimgroup.com