Monday, August 3, 2015

Encryption Isn't Enough

Companies need to focus on developing secure coding practices and security education.

http://www.informationweek.com/cloud/software-as-a-service/twitter-security-pro-encryption-isnt-enough/d/d-id/1321432

I shared my thoughts last week Thomas Clayborn at InformationWeek about the state of security and why encryption is not the answer to all problems.

You can read the full story at the link above.




-Michael Coates - @_mwc

Tuesday, December 9, 2014

OWASP Bay Area - Now with a meetup group

Are you in the Bay Area and interested in application security? The local OWASP chapter now has a meetup group. Just join the group and you'll be notified of all the great upcoming events. The events rotate throughout the Bay Area so we can attract a variety of attendees.

meetup.com/Bay-Area-OWASP/

Also, keep an eye out for what's happening in September. The big OWASP AppSecUSA conference will be hosted here in San Francisco! Mark your calendars now (and buy a discounted early bird ticket) AppSecUSA.org


-Michael Coates - @_mwc

Monday, September 15, 2014

OWASP AppSensor Book Signing at AppSecUSA


Join me at OWASP AppSecUSA for a free signed copy of the new OWASP AppSensor Book. I’ll be at the Shape Security booth in the expo area on Thursday afternoon at 4pm.


New to AppSensor? 
Imagine if your application could detect a threat before your system and data is breached and automatically ban that user from your application. In short, this is what AppSensor can accomplish.

AppSensor is a free and open source project that provides a framework to equip your application with an advanced defense system. This defense system enables your application to  understand malicious activity and respond in real time to protect your sensitive assets and data.

How is this different than traditional IDS and WAFs? 
Generic systems can only detect generic attacks. Your application is unique and needs a defensive system that can detect unique attacks targeting your business logic and access control system. Since AppSensor is built inside your application you have full visibility to any malicious activity or probes attempting to compromise your application.


Stop by the Shape Security both for a free signed copy of the AppSensor booth!


-Michael Coates - @_mwc