John B. Dickson, CISSP

John Dickson web resolution

John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years' hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO's) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.

Posts by John B. Dickson, CISSP

Post: Even in the Midst of COVID-19, Russia is Undeterred, and this Shouldn’t be a Surprise

Background: As we struggle for a sense of normalcy during this pandemic, we can draw comfort from certain constants in life. One of those constants is Russian nation state hacking. A recent public report from the United Kingdom’s National Cyber Security Centre (NCSC) and Canada’s Communications Security Establishment (CSE) documented a pattern of activities from […]

Post: What’s in a Name? – Why Gartner Picking “Application Vulnerability Correlation” is an Important Step for the Application Security Market

This blog has been updated with new information for 2020. If you haven’t seen it yet, Gartner just published its “Hype Cycle for Application Security, 2016” written by Gartner Analyst Ayal Tirosh with support from colleague Lawrence Pingree (Gartner clients can view it at https://www.gartner.com/doc/3376617/hype-cycle-application-security-). This is potentially a deeply important step for the application […]

Presentation: AppSec in a World of Digital Transformation

Presented by Denim Group Principal John Dickson Secure360 2020 The mandate for digital transformation is forcing companies to innovate faster in order to provide more value to customers and bring products and services to the market more quickly. Technological innovations such as the cloud, microservice architectures, and CI/CD pipelines are being adopted to support the […]

Post: RSAC# 2020 RCAP

The 2020 RSA Security Conference will go down as one of the more surreal gatherings of security professionals in recent memory. In spite of fears related to the coronavirus, the conference did, in fact, happen. Those who attended voted with their feet, weighing the risk of exposure to attending this once-a-year gathering.  Here are some of my observations […]

Post: #RSAC 2020 – Damn the Torpedoes…

“How far away from San Francisco is Sacramento?” my wife casually asked as I finished packing my suitcase for the 2020 RSA Security Conference. “I think about an hour and a half – maybe two hours away…. Why do you ask?”  I thought nothing of her innocuous question as I stuffed Purell hand wipes and a […]

Post: Musings on Patch Management

This article has been updated with new information for 2019. Denim Group is best known in the marketplace as an application security solution provider. With our ThreadFix vulnerability resolution platform we know a thing or two about identifying, mitigating, and remediating vulnerable applications. We are less well known for network security and strategic services, although […]