SBIR Phase 2: What’s Next in ThreadFix’s Hybrid Analysis Mapping?


We’ve been heads-down working and haven’t had a chance to talk much about this, but Denim Group was awarded a SBIR Phase 2 contract to continue the development of the Hybrid Analysis Mapping (HAM) that we’ve been including in ThreadFix. (You can also check out what we did during SBIR Phase 1) This technology allows us to merge SAST and DAST scan results and also supports some other exciting use cases like pre-seeding DAST scanners with attack surface data and mapping DAST results to specific lines of code in developer IDEs.

So – what new stuff should you expect in the coming months?

If you have any questions about what we’re working on or if you are interested in early access to these technologies, please feel free to reach out.

About Dan Cornell

A globally recognized application security expert and the creator of ThreadFix, Dan Cornell holds 20 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd, the parent company of ThreadFix, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.