Author Archives: Dan Cornell

A globally recognized application security expert and the creator of ThreadFix, Dan Cornell holds 20 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd, the parent company of ThreadFix, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.

More Posts by Dan Cornell

ThreadFix 1.1 Released

ThreadFix 1.1 (final) is now available for download! You can pick up the ZIP (demonstration) install from the Google Code downloads site or you can pick up the VM image (for production use). There were a whole lot of new features... Read more…

Uncommon Sense Security Looks at ThreadFix

John Dickson and I had a chance to catch up with Jack Daniel from the Uncommon Sense Security blog while we were at RSA a couple of weeks ago to talk about what we've been doing with ThreadFix. Jack took the... Read more…

Why We Built ThreadFix

We first released ThreadFix in September of 2012 and recently followed up with the updated 1.1 version based on user and community feedback. Along the way we've had the opportunity to talk with all sorts of people and organizations about... Read more…

ThreadFix 1.1 RC2 Now Available

Many thanks to everyone who helped us put the ThreadFix 1.1 RC1 through its paces. We've received your feedback, fixed a bunch of bugs and built out a couple of requested feature updates resulting in 1.1RC2. You can get it... Read more…

ThreadFix 1.1 Release Candidate Now Available

We've been hard at work on ThreadFix since the 1.0 release in October and we're just about ready to push out an updated 1.1 release. This week we've made a 1.1 release candidate available for folks to take a look... Read more…

Hey Security Teams: Developers Don't Speak PDF

  Be honest - how many times have you seen interactions between security and development teams that essentially went like this: Security Analyst: We did a security assessment of your application. Developer: Really? Did you find anything? Security Analyst: Oh... Read more…

Come See Denim Group at AppSecUS in Austin, TX

Here at Denim Group we love Texas and we're thrilled that this year's OWASP AppSecUS conference is being held in Austin, TX. We're sponsoring and will be there with a booth in the Expo area, but you can also find us in... Read more…

ThreadFix Release in the News

  We uploaded the 1.0.0 release of ThreadFix to Google Code last week (blog post here, press release here) We've been seeing some great coverage around the web and wanted to post some of the highlights here.         Lucian Constantin... Read more…