Blog

Blog: Hey Security Teams: Developers Don't Speak PDF

  Be honest - how many times have you seen interactions between security and development teams that essentially went like this: Security Analyst: We did a security assessment of your application. Developer: Really? Did you find anything? Security Analyst: Oh... Read more…

Blog: ThreadFix Release in the News

  We uploaded the 1.0.0 release of ThreadFix to Google Code last week (blog post here, press release here) We've been seeing some great coverage around the web and wanted to post some of the highlights here.         Lucian Constantin... Read more…

Blog: ThreadFix 1.0.0 Now Available (!)

With more than 1,200 downloads of the betas behind us, today we're releasing ThreadFix version 1.0.0. This has been more than two and a half years in the making so we're all really thrilled to be able to do this. You... Read more…

Blog: Denim Group at OWASP AppSecEU 2012

 I'll be headed to Athens, Greece for AppSecEU this year doing both a training class as well as a conference presentation. The training class I'll be giving is a two-day course July 10th and 11th titled "Building a Software Security Program on... Read more…