In the News

Q&A: Denim Group CTO on DevSecOps and Resolving Disconnect

The tendency for disconnection persists between developers and security watchdogs, but there are ways to get them on the same page. That is one of the goals of the Denim Group, which provides application security assessments and strategies for addressing risks. It can be complicated bringing security and developers together in the midst of transformation, […]

Dan Cornell, Denim Group – Black Hat 2019

Injecting the “Sec” into “DevSecOps” has always been a balancing act of getting the best reasonable coverage in the shortest reasonable length of time. Slowing down the DevOps process is a sure-fire way to get pulled out of the pipeline. Because of the current business culture, security teams are often forced to wait until the […]

The Cloud Hack at Capital One

While attending the RSA conference in San Francisco this year, I had an opportunity to meet with John Dickson of the Denim Group.  John explained how the migration to the cloud-based infrastructure is a completely new concept verses, how apps were developed five years ago.  He also discusses the approach used to create cloud applications known as […]

Black Hat: A Summer Break from the Mundane and Controllable

Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here’s how.

‘Amateur’ Capital One hack stuns security community

“The biggest surprise is the amateur nature of the attack,” said John Dickson of the security consultancy Denim Group. Dickson said it was “absolutely earth-shattering” that an individual attacker could gain access to that much data at one of the largest US financial institutions.

‘Ransomware’ hackers disrupt South African grid

Given its apparently limited impacts, John Dickson, principal at the Denim Group consultancy, characterized the Johannesburg cyberattack as more of a “near miss” than anything catastrophic. “It was a very public inconvenience — but an inconvenience nonetheless,” he said.Dickson added that municipally owned utilities in the United States would be well advised to study what’s […]