Uncategorized

Post: Seeking Feedback: Validating Vendor Claims Involving AI in Security Products

RSA Peer-to-Peer (P2P) sessions are some of the hidden gems that too many RSA attendees overlook in the organized chaos that is the world’s largest annual security conference.  I’ve had the opportunity to facilitate several P2P sessions at recent RSA conferences including last year’s session titled “Practical Applications of AI in Security: Success Stories from the […]

Post: RSA 2018 Video: Scaling Security with ITProTV

Denim Group CTO Dan Cornell Speaks with ITProTV at RSA 2018

Post: Getting Started with IoT Security with Threat Modeling

Overview The Internet of Things (IoT) is an exciting and emerging area of technology allowing individuals and businesses to make radical changes to how they live their lives and conduct commerce. Millions of Internet-connected devices are being deployed to help individual users and enterprises make their lives easier and accomplish tasks quicker and easier than […]

Post: RSA 2017 – A T-Shirt Response

“Have fun at RSA!” These are the words I hear from friends and family and colleagues at work that don’t have the opportunity to make the pilgrimage to San Francisco for the largest gathering of security folks of the year, the RSA Conference.  Regardless of whether you are a vendor, buyer, or general attendee, you […]

Post: A Trumped-Up Approach to the Borderless War on “the Cyber”

Now that the inauguration and many of the Senate confirmation hearings are behind us, I’m starting to gather my thoughts as a security guy around cybersecurity policy in the new administration and where President Trump might take us all. Let me state up front that I’m not an apologist for the President, nor do I […]

Post: HotSpot: Finding Vulnerabilities in Shared Internally-Developed Code

  We recently announced the release of ThreadFix 2.4 which includes our patent-pending HotSpot technology that identifies where internal teams are sharing code among themselves and where that code has vulnerabilities. Similar to what solutions like BlackDuck, Sonatype, and OWASP Dependency Check do for vulnerabilities in known open source components – but for code developed […]