Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.

Posts by Dan Cornell

Post: Embedding Security Practices into Digitization Drives

An increasingly competitive environment is forcing companies to innovate faster in order to provide more value to customers and other stakeholders and bring products and services to the market more quickly. They are called to do this by taking advantage of the opportunities afforded by a host of new digital technologies as part of their […]

Post: Getting Started with ZAP and the OWASP Top 10: Common Questions

This article has been updated with new information for 2019. I recently received an email from a developer who was gearing up to use OWASP ZAP to test the security of their code. The developer had some questions about OWASP ZAP, testing for the OWASP Top 10 2013, and ZAP configuration. After I answered the […]

Webinar: Enumerating Enterprise Attack Surface

Whitepaper: Security – The Other Side of Digital Transformation

An increasingly competitive environment is forcing companies to innovate faster in order to provide more value to customers and other stakeholders and bring products and services to the market more quickly. They are called to do this by taking full advantage of the opportunities afforded by a host of new digital technologies and their impact […]

Whitepaper: Security Assessments for IoT Medical Devices

Modern medical products constantly push new features for unprecedented fidelity, interoperability and dependable patient management. From IoT devices to advanced imaging to case management and patient monitoring. medical devices and software operate with one-another in real-time more than ever. As sophisticated device manufacturer’s are aware, these trends also increase the system’s attack surface. This paper […]

Webinar: An OWASP SAMM Perspective on Serverless Computing