Blog

  Be honest - how many times have you seen interactions between security and development teams that essentially went like this: Security Analyst: We did a security assessment of your application. Developer: Really? Did you find anything? Security Analyst: Oh... Read more…

Here at Denim Group we love Texas and we're thrilled that this year's OWASP AppSecUS conference is being held in Austin, TX. We're sponsoring and will be there with a booth in the Expo area, but you can also find us in... Read more…

  We uploaded the 1.0.0 release of ThreadFix to Google Code last week (blog post here, press release here) We've been seeing some great coverage around the web and wanted to post some of the highlights here.         Lucian Constantin... Read more…

With more than 1,200 downloads of the betas behind us, today we're releasing ThreadFix version 1.0.0. This has been more than two and a half years in the making so we're all really thrilled to be able to do this. You... Read more…

  We've got another beta build of ThreadFix (beta22) available for download - both the demo ZIP version and the VM appliance. Updates in this release include: More error checking to avoid accepting bad scans Scheduled updates to bug tracker defect statuses as... Read more…

  We're getting so close to the 1.0 release! I'm sure you all are as excited as I am. We just uploaded the Beta20 build to the Google Code download area - check it out. Highlights of this release include: Much-improved Fortify... Read more…

  Hopefully everyone is recovering from their week in Las Vegas for BlackHat, BSidesLV and DefCon. I had a great time out there, although this year I might have been Patient 0 for the ConFlu so I had to take... Read more…

Sorry for the late post, but I was in Greece speaking at OWASP AppSecEU and I didn't get this out on time. Lots going on as we speed toward our actual 1.0 release for ThreadFix: We pushed out Beta18 last Thursday. This includes a number... Read more…

I just got back from Athens, Greece where I attended and and presented at the OWASP AppSecEU 2012 conference. I had a great time and I wanted to thank Kostas and his crew for putting on a great conference and extending such... Read more…

 Lots of exciting stuff going on in ThreadFix-land: ThreadFix was selected to present at BlackHat Arsenal! We are really excited to have this opportunity to show ThreadFix to the security community and hear feedback. If you're going to be... Read more…

My apologies - it has been a little bit since our last update, but today we pushed out Beta15. Improvements in this release include: An updated Fortify importer that uses SAX parsing for better memory and speed efficiency has been included in the... Read more…

 I'll be headed to Athens, Greece for AppSecEU this year doing both a training class as well as a conference presentation. The training class I'll be giving is a two-day course July 10th and 11th titled "Building a Software Security Program on... Read more…