Help Net Security Reflections on the 2014 BlackHat Arsenal

DAST_gang

Have a question about Dynamic Application Security Testing (DAST)? Chances are Andres Riancho of w3af, Dan Kuykendall of NTObjectives, Ferruh Mavituna of Netsparker and Simon Bennetts of OWASP ZAP could have given you an answer at the Denim Group happy hour at BlackHat 2014. w3af and OWASP ZAP were also featured in the BlackHat Arsenal this year.

In early August some of Denim Group‘s team and I ventured out to broiling Las Vegas for Black Hat USA and the Black Hat ArsenalNJ Ouchn managed this year’s Arsenal with Rachid Harrando. As always they did an excellent job of putting on and organizing the event and I encourage others to attend in the future.

Mirko Zorz of Help Net Security asked me to share some thoughts on the Arsenal – check out his write up on the event. I think he did a great job of capturing the value the Arsenal brings – it is both an opportunity for security professionals to learn about new and updated tools as well as an opportunity for the folks building these tools to meet and interact with one another. As ThreadFix has evolved from being an individual application to collection of applications and plugins that is more of a platform, being able to sit down with the people building and products and tools we integrate with has become really valuable. The BlackHat Arsenal provides us with a great opportunity to do just that.

Many thanks to NJ and Rachid for all their hard work running the Arsenal all these years, thanks to the folks from BlackHat for facilitating such a valuable event, and thanks to Mirko for helping to put the Arsenal in contextContact us to talk about ways to help jump start your application security program using ThreadFix and other tools from the BlackHat Arsenal.

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *