Company Blog
Wait, my mom’s driving innovation–not me?
A short one ‘real quick’: I get simultaneously nostalgic and aspirational as holidays and year-end planning bear down on me. Wondering how to innovate and how to get that innovation into use takes a fair amount of my attention. I wrote a blog post in ’07 on how to get some of that innovation stuff [...]
Machinations Over O2
As I drove Dinis to the final day of AppSecDC he (as often is the case) had his laptop open. We traded ideas regarding the future of O2, support, and other broader issues about the future of software security. As we discussed or machinated over word choice, I found myself in near-complete agreement with him: [...]
Vendors in an Open-Source Security Community
I’ve been thinking about this for a while and the tone of this year’s OWASP Global Summit has brought the topic to the forefront. OWASP, as many of you know, is a fiercely open source community. At times, participants defend its open and freeness a bit aggressively for my taste. Sure, open and free are [...]
BSIMM Europe
Today we officially launch BSIMM Europe, a study of 9 EU firms’ software security initiatives. We continue to focus our inital data gathering on large-scale software security initiatives at major software firms. Firms in the study include: Nokia, Standard Life, SWIFT, Telecom Italia, and Thomson Reuters. An informIT article can be found here. The article [...]
AppSec DC ’09
After what must have been an incredible amount of leg-work a cabal of folk from the DC OWASP chapter are putting on the AppSec DC conference. The conference will also play host to the ’09 OWASP Global Summit. I hope to see you there. Especially those of you practitioners from within organizations’ security groups–I feel [...]
