Denim Group has been acquired by Coalfire. Learn More>>

Denim Group Provides Free Public Access to Cross Site Request Forgery e-Learning Module

We recently released a freely-available course to help train developers and security analysts about Cross-Site Request Forgery.  This is an extension of our ThreadStrong e-Learning trainig program.  The press release is available online here and you can get access to the actual course on the ThreadStrong website.

Contact us to help train development teams on critical application security concepts.


dan _at_


Media Advisory

Agency Contact:                                                                                Denim Group Contact:

Alan Weinkrantz                                                                                 John Dickson

210.410-3075                                                                                      210.572.4400                                                              

Denim Group Provides Free Public Access to Cross Site Request Forgery e-Learning Module

ThreadStrong content, powered by Denim Group, provides in-depth description of Cross Site Request Forgery to train developers to build more secure software

San Antonio, TX – October 19, 2010 – Denim Group, an IT consultancy that develops secure software and helps organizations assess and mitigate risk with their existing software, today opened its ThreadStrong e-Learning Cross Site Request Forgery (CSRF) class to free public access.

ThreadStrong is a self-paced, e-Learning solution designed by Denim Group’s secure application development experts to help developers understand and apply the principles of secure design and coding.

The e-Learning module explains the anatomy of Cross Site Request Forgery vulnerabilities so software developers can identify potential issues in their code and build applications free from this vulnerability.  To access the course, users should navigate to

Dealing with CSRF Vulnerabilities

A Cross Site Request Forgery vulnerability,, is a complex software design and coding flaw.  Software security managers struggle to explain these vulnerabilities and their impact to development teams.  Creating secure development strategies that consistently mitigate the risk associated with CSRF vulnerabilities is even more difficult.   By providing public access to the ThreadStrong CSRF course, Denim Group hopes to increase the understanding of this prevalent vulnerability and support development teams in creating secure systems.

The recent SANS/Internet Storm Center 2010 Top Cyber Security Risks Report noted that Cross Site Request Forgery vulnerabilities are increasing, even as other web application vulnerabilities such as cross site scripting and SQL injections are decreasing.  Given the widespread nature of this vulnerability and high visibility software breaches, development teams need to adapt to this evolving risk.

 “Software development teams are constantly asking their security colleagues for guidance on how to create secure applications,” said Dan Cornell, Chief Technology Officer of Denim Group.  “By donating this ThreadStrong module for community use, we hope to raise awareness about CSRF vulnerabilities and helps the teams trying to build more secure code.”

About Denim Group

Denim Group develops secure software, helps organizations assess and mitigate risk with existing software, and provides training on best practices in software security. Denim Group has worked with a range of Fortune 500 companies and public sector organizations, bringing a focused software development approach to the world of software security. Denim Group is a strong contributor to the larger application security community, and has been involved with the Open Web Application Security Project (OWASP) since shortly after its inception. Additionally, in 2010, Denim Group was ranked in Inc. Magazine’s 5000 Fastest-Growing Private Companies in America  for the third year in a row. For more information about Denim Group, visit

Reader Contact Information:
Denim Group, 3463 Magic Drive, Suite 315; San Antonio, TX 78229, Tel: 210-572-4400, Fax: 210-572-4401,,


Posted via email from Denim Group’s Posterous

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *