Yearly Archives: 2014

Post: Hacker Or Military? Best Of Both In Cyber Security

How radically different approaches play out across the security industry. Three things happened to me before BlackHat 2014 to bring the entire NSA / Edward Snowden drama back to the forefront. The media reminded us of the one-year anniversary of the original Snowden leaks. At the same time, I saw newly retired General Keith Alexander deliver a […]

Post: The Internet of Things (IoT) Changes Security

A few years ago, when you thought of all the devices connected on your home network, a desktop, a laptop and maybe an iPod or one of the first smartphones would be on the top of your list. Before advances in Wi-Fi, you could easily create a simple diagram of your home network and the […]

Post: Mobile Application Security – Don’t Cheat Yourself

I recently did a webinar on mobile application security where we looked at some statistics pulled from a subset of our mobile security assessments to look at a couple of important issues: Where do the most serious vulnerabilities exist in mobile applications (mobile code, enterprise web services, or 3rd party web services)? What types of […]

Post: Upcoming Webinar on Mobile Application Security Assessments

I’ll be doing a webinar on mobile application security assessments on Wednesday October 22nd. We’ll be talking about how security issues can exist in code deployed on a mobile device, in corporate web services backing the device, in any third party supporting services as well as in the interactions between any of these components. The […]

Post: What Can Enterprise Security Teams Learn From Naked Celebrities?

Now that the dust has somewhat settled on the situation, let’s review some things we’ve learned about the recent nude photos of celebrities that have been leaked online – seemingly via Apple’s iCloud service. Details continue emerging, but based on initial reports it appears that targeted accounts were breached, and compromising photos and videos were […]

Post: “How is Your AppSec Program Doing Compared to Others?” Webinar

Organizations that build software and worry about security continually are asking, “How do we stack up to others?” Join John Dickson and Denim Group at 3 PM CDT on Thursday, August 21st for an executive briefing webinar of how to use OpenSAMM to benchmark your application security activities against others and how to identify gaps […]