Author Archives: Dan Cornell

A globally recognized application security expert and the creator of ThreadFix, Dan Cornell holds 20 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd, the parent company of ThreadFix, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.

More Posts by Dan Cornell

Help Net Security Reflections on the 2014 BlackHat Arsenal

[caption id="attachment_2273" align="aligncenter" width="570"] Have a question about Dynamic Application Security Testing (DAST)? Chances are Andres Riancho of w3af, Dan Kuykendall of NTObjectives, Ferruh Mavituna of Netsparker and Simon Bennetts of OWASP ZAP could have given you an answer at... Read more…

BlackHat Arsenal 2014: ThreadFix and Friends

BlackHat 2014 is coming up quickly. I'll be back at the BlackHat Arsenal for the third year running demonstrating ThreadFix. Three-peat! This year we'll be showing off the main ThreadFix application as well as a lot of new components of the... Read more…

ThreadFix 2.1M2 Now Available

The 2.1M2 build of ThreadFix is now available. Go to the ThreadFix downloads page for the updated build. We've got some great stuff in this latest build, including: Improved imports for WhiteHat Sentinel results Improved integration with HP Quality Center... Read more…

Challenges of Managing Application Vulnerabilities

Even with an abundance of application assessment tools available on the market and a growing understanding of application security, application vulnerabilities persist in applications. The average number of serious vulnerabilities found per website per year is 79, and the average... Read more…

ThreadFix 2.1M1 Now Available

We recently uploaded the first milestone build for the ThreadFix 2.1 development series. Among the 82 bug fixes and feature updates, ThreadFix 2.1M1 showcases the following new capabilities: New vulnerability search capability lets you slice and dice vulnerability data in... Read more…

ThreadFix 2.0M2 Now Available

The 2.0M2 builds for ThreadFix are now available. You can download: The main ThreadFix server Updated IDE and scanner plugins This update includes a bunch of bugs fixes, overall performance enhancements, and a handful of new features: Switch to JSON for all... Read more…

Threadfix 1.2 Released

The ThreadFix development team has been hard at work since our last official product release (v1.1) in March. We are excited to announce that 1.2 official is available for download. Please download and test drive today! Again, we encourage any... Read more…

ThreadFix 1.2 RC3 Now Available

The ThreadFix product development team has been hard at work since our ThreadFix 1.2 RC2 released in late July and today we've made a 3rd 1.2 Release Candidate available for users and organizations to download and put it through its paces.... Read more…