Denim Group has been acquired by Coalfire. Learn More>>

OWASP DC: Application Portfolio Risk Ranking Video Online

The OWASP DC folks put up the first batch of videos from the 2010 OWASP DC conference, including the video from my presentation “Application Portfolio Risk Ranking: Banishing FUD With Structure and Numbers”  It can be seen online here:

Application Portfolio Risk Taking: Banishing FUD with Structure & Numbers with Dan Cornell, Denim Group from OWASP DC on Vimeo.

The slides from that presentation are also online:


Having an accurate application portfolio is critical because if you don’t know your organization’s attack surface then you don’t know what to defend.  Building risk-ranking into that portfolio is also key because it allows you to properly allocate scarce assessment and remediation resources.

Please email me if you would like a copy of the Excel spreadsheet mentioned in the talk.

Contact us for help risk-ranking your application portfolio.


dan _at_


Posted via email from Denim Group’s Posterous

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *