Tuesday, August 12, 2014

Has OWASP Helped You? Retweet and help OWASP

-Michael Coates - @_mwc

Thursday, July 17, 2014

Google's Project Zero

Google recently announced Project Zero, an initiative to “to significantly reduce the number of people harmed by targeted attacks“.  Project Zero is inverting the traditional bug bounty program and there are many positive elements to this new initiative. I'm a big proponent of bug bounty programs and worked with them closely at Mozilla (Mozilla created the first major bug bounty program for Firefox in 2004).

In addition to the positive elements I got a chance to also discuss some of the challenges Project Zero may face with Antone Gonsalves @antoneg at csoonline.com

Google bug-hunting Project Zero could face software developer troubles,
Antone Gonsalves | CSO | Jul 16, 2014

-Michael Coates - @_mwc

Thursday, April 17, 2014

Avoiding The Next Heartbleed - LinkedIn Publish

Avoiding The Next Heartbleed
How should companies learn from Heartbleed to be better prepared for the next major security event?

Full story


-Michael Coates - @_mwc

Wednesday, April 16, 2014

Discussing Heartbleed

There's plenty of information out there about Heartbleed. I posted a high level analysis on the Shape blog and there's also an OWASP page up on the topic.

Over the past week I had the opportunity to speak with several organizations about the vulnerability, what is at stake and how organizations should be defending their applications and users.


-Michael Coates - @_mwc

Tuesday, March 25, 2014

OWASP AppSec Keynote - Security in an Interconnected and Complex World of Software

Last week I delivered the closing keynote at the OWASP AppSec Apac conference held in Tokyo, Japan. Riotaro Okada, Sen Ueno, Robert Dracea and the entire OWASP Japan chapter put the amazing conference together.

The slides are posted and a video recording should be available soon.

-Michael Coates - @_mwc