Tis the Season for Security Predictions

Each year across the country, right after Thanksgiving, a curious thing occurs at many technology vendors. Marketing professionals reach out to their company thought leaders to let them know that it’s time to produce a prediction report. Shortly thereafter, collective eyes are rolling and groans accompany candid statements, such as “I have nothing new or […]

Effective Application Security Testing in DevOps Pipelines

Introduction Businesses and development teams are rushing to embrace DevOps so they can be more agile, deploy code more quickly, and provide more value to their customers. Hallmarks of DevOps initiatives are support for significant automation, flexible provisioning, and cultural support for shared responsibilities. This often makes security teams uncomfortable, and they find themselves on […]

ThreadFix 2.3RC1 Now Available

We’re excited to have the first Release Candidate for the ThreadFix 2.3 development cycle now available. The team has been hard at work since the 2.2 release and we’re also thrilled to announce contributions from great organizations such as Samsung, Pearson Education, and VirtualForge. The ThreadFix Community has been a great force driving the product’s development […]

HaaM: HAM as a Module

ThreadFix has several modules, including one for Hybrid Analysis Mapping. Using HAM as a module provides us a good degree of flexibility in several areas: 1. Decoupling data types from ThreadFix allows database-free unit testing 2. The module can be pulled into a small command line frontend 3. We are able to include HAM functionality […]

Thought the Snowden leaks were just NSA’s problem? Here are six reasons why they might be your problem, too

By John Dickson Regardless of what side of the Edward Snowden debate you fall upon – whether or not you think he’s a traitor or a patriot who helped shed light on an overreaching government agency – you no doubt understand that Edward Snowden has had a profound impact in Washington amongst policy makers, within the […]

How We Make Money From ThreadFix

  Contact us for help managing your software security program with ThreadFix. –Dan dan _at_ denimgroup.com @danielcornell