Yearly Archives: 2012

Hey Security Teams: Developers Don’t Speak PDF

Be honest – how many times have you seen interactions between security and development teams that essentially went like this: Security Analyst: We did a security assessment of your application. Developer: Really? Did you find anything? Security Analyst: Oh yeah – all sorts of stuff; you guys are really bad at security. You can find […]

Talking with SANS About Remediation

I recently had the opportunity to speak with the folks at the SANS Institute about some of the software remediation statistics we’ve released. We’ve been saying for a while that software vulnerability remediation is the next big problem in the application and software security space. Finding vulnerabilities isn’t the problem – fixing them is. And it […]

Come See Denim Group at OWASP BeNeLux 2012 in Leuven, Belgium

I’ll be headed to OWASP BeNeLux 2012 in Leuven, Belgium to do a day of training and give a presentation. Looking forward to catching up with OWASP folks, eating some Belgian chocolate and drinking some Belgian beer. Thursday November 29th, 2012 I’ll be giving a one-day version of our “Running a Software Security Program on Open Source […]

OWASP AppSecUSA Recap: Security Intelligence, Software Security Programs and ThreadFix

As we posted here before, all the folks at Denim Group were really looking forward to OWASP AppSecUSA in Austin, TX last week. The Austin crew did not disappoint – I believe there were 750-800 attendees and too many great presentations to count. I’m really looking forward to catching up on a couple that I missed […]

Austin PMI Recap: Software Security for Project Managers: What Do You Need to Know?

Tuesday of last week – in the midst of the craziness of OWASP AppSecUSA – I had the opportunity to break away and speak to the Austin PMI chapter. They’ve got a good-sized group in Austin and I had a lot of fun presenting – lots of energy and great questions from the attendees.     Slides from […]

Come See Denim Group at AppSecUS in Austin, TX

Here at Denim Group we love Texas and we’re thrilled that this year’s OWASP AppSecUS conference is being held in Austin, TX. We’re sponsoring and will be there with a booth in the Expo area, but you can also find us in quite a few other places. Firstly, I’ll be giving a two-day training class Tuesday (10/23) […]