Application Security Tools

Post: ThreadFix 2.7 Teaser: Do What Cha Want

The 2.7 release of ThreadFix should be available in late October – not too long after Security Summer Camp in Vegas. If you’re going to be at BlackHat and want a sneak preview reach out and let us know. We will get you a demo and an invite to our happy hour. There are two […]

Post: Application Security in 2018: Questions Rather than Answers

    If you’re like me, you just survived the onslaught of “what we saw in 2017” lists, only to be inundated shortly thereafter by “what we will see in 2018” predictions in security. As a vendor in the application security space, we’re in the thick of things. We have our ears to the ground, […]

Post: What’s in a Name? – Why Gartner Picking “Application Vulnerability Correlation” is an Important Step for the Application Security Market

If you haven’t seen it yet, Gartner just published its “Hype Cycle for Application Security, 2016” written by Gartner Analyst Ayal Tirosh with support from colleague Lawrence Pingree (Gartner clients can view it at https://www.gartner.com/doc/3376617/hype-cycle-application-security-). This is potentially a deeply important step for the application security market because it provides clarity around a set of […]

Post: 2016 Post Gartner Recap

                     Now that the dust has settled on the annual 2016 Gartner Security and Privacy Symposium, we can look back through a clean lens and identify themes that bubbled to the surface of the different sessions. Although a critical mass of security leaders were in attendance, […]

Post: Webinar: ThreadFix 2.4 Maximizing the Impact of Your Application Security Resources

We ran a webinar for the upcoming ThreadFix 2.4 Enterprise release. Slides and a video recording of the webinar are available here: ThreadFix 2.4: Maximizing the Impact of Your Application Security Resources from Denim Group There were a couple of items that came up during the presentation where I wanted to provide some additional detail and links […]

Post: ThreadFix In Action: Discovering Your Organization’s Software Attack Surface (Web App Edition)

Many organizations use ThreadFix as the platform for running application security program – tracking their application portfolio and getting their applications under a cycle of regular security testing. But before you can start getting applications under security management, you have to know about them and get them installed in the system. In this post, we look […]