Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.

Posts by Dan Cornell

Post: Cleartext vs. Plaintext vs. Ciphertext vs. Plaintext vs. Clear Text

This blog has been updated with new information for 2020. This came up a few times during the last round of security reports we at Denim have been writing, so I wanted ensure everyone understood the distinction.  Granted, it is a subtle distinction, but it does exist even thought it sounds like a Dr. Seuss […]

Post: A Book Review of “Think in Code” from My Seven-Year-Old Nephew

Marcus Carey recently wrote and published a children’s book called “Think in Code” geared toward teaching kids a little bit about coding and the coding thought process. I sent copies to my nieces and nephews because they’ve shown an interest in STEM topics and one of them has actually been doing some projects with MIT’s Scratch. He read the […]

Post: Starting Resources for People Looking Into Computer Security Careers

People I know outside of work usually know that I work in cybersecurity so I get a lot of questions about computers and security issues. These tend to include lots of questions about viruses and cybercriminals and other consumer-oriented topics. But, an inquiry that has become a lot more frequent as of late has been, […]

Webinar: The As, Bs, and Four Cs of Testing Cloud-Native Applications

Post: 2020: The Changing Role of Application Security and Quality Assurance Teams

I recently had the opportunity to talk with Robert Lemos for his article “Application Security and Your Career: 5 Key Areas to Focus On” about the new skills required for application security and quality assurance teams. He included a couple of my comments in the article, and this blog post expands on those themes based on what […]

Post: Embedding Security Practices into Digitization Drives

An increasingly competitive environment is forcing companies to innovate faster in order to provide more value to customers and other stakeholders and bring products and services to the market more quickly. They are called to do this by taking advantage of the opportunities afforded by a host of new digital technologies as part of their […]