Companies need to focus on developing secure coding practices and security education.
http://www.informationweek.com/cloud/software-as-a-service/twitter-security-pro-encryption-isnt-enough/d/d-id/1321432
I shared my thoughts last week Thomas Clayborn at InformationWeek about the state of security and why encryption is not the answer to all problems.
You can read the full story at the link above.
-Michael Coates - @_mwc
A Journey in Security
Monday, August 3, 2015
Tuesday, December 9, 2014
OWASP Bay Area - Now with a meetup group
Are you in the Bay Area and interested in application security? The local OWASP chapter now has a meetup group. Just join the group and you'll be notified of all the great upcoming events. The events rotate throughout the Bay Area so we can attract a variety of attendees.
meetup.com/Bay-Area-OWASP/
Also, keep an eye out for what's happening in September. The big OWASP AppSecUSA conference will be hosted here in San Francisco! Mark your calendars now (and buy a discounted early bird ticket) AppSecUSA.org
-Michael Coates - @_mwc
meetup.com/Bay-Area-OWASP/
Also, keep an eye out for what's happening in September. The big OWASP AppSecUSA conference will be hosted here in San Francisco! Mark your calendars now (and buy a discounted early bird ticket) AppSecUSA.org
-Michael Coates - @_mwc
Posted by
Michael Coates
Monday, September 15, 2014
OWASP AppSensor Book Signing at AppSecUSA
Join me at OWASP AppSecUSA for a free signed copy of the new OWASP AppSensor Book. I’ll be at the Shape Security booth in the expo area on Thursday
afternoon at 4pm.
New to AppSensor?
Imagine if your application could detect a
threat before your system and data is breached and automatically ban that user
from your application. In short, this is what AppSensor can accomplish.
AppSensor is a free and open source project that provides a framework to equip your application with an advanced defense system. This defense system enables your application to understand
malicious activity and respond in
real time to protect your sensitive assets and data.
How is this different than traditional IDS and WAFs?
Generic systems can only detect generic attacks. Your application is unique and needs a defensive system that can detect unique attacks targeting your business logic and access control system. Since AppSensor is built inside your application you have full visibility to any malicious activity or probes attempting to compromise your application.
Stop by the Shape Security both for a free signed copy of
the AppSensor booth!
-Michael Coates - @_mwc
Posted by
Michael Coates
Subscribe to:
Posts (Atom)