Crash Override

The Crash Override Blog

Software EngineeringSecurity

Seeing What Matters Starts with Shadow Engineering Detection

Shadow engineering is the new shadow IT. Learn how Crash Override helps you uncover it early, align Dev and Sec, and build faster with less risk and more control.
By Mark Curphey
June 17, 2025

Featured

Hooray! Security Teams May Still Be Accountable for Secure Software, but Developers Are Now Taking Responsibility for It and Here Is Why

By Mark Curphey
June 3, 2025

How to Uncover Potential Shadow Engineering Situations

By Sean Clarke
April 30, 2025

The Curious Case of Shadow Engineering

By Mark Curphey
April 28, 2025

Code Ownership and Code Owners Files

By Mark Curphey
April 15, 2025
Cyber Industry

RSA 2025: Lost in the Petting Zoo, Searching for Signal

Another RSA Conference has come and gone. Security marketing is having an identity crisis. It is time for a reset.
By Rich Smith
May 7, 2025
Platform Walkthroughs

How-to add code owners files to all of your production repos

How to easily make sure you have code owners files in all of your production repos using the Crash Override platform
By Sean Clarke
April 16, 2025

The Security Industry Needs More "Easy Buttons"

The security industry must prioritize creating streamlined, user-friendly solutions—'easy buttons'—to reduce the complexity and costs for development organizations.
By John Viega
January 14, 2025

Security Marketing Exposed - Part One

Why understanding marketing is a super power for running operational security programs
By Mark Curphey
January 8, 2025

Security

Opengrep - The Security Industry Deserves Better

Opengrep, a fork of Semgrep, raises concerns in open-source security. This blog investigates the motivations behind Opengrep, defends Semgrep’s open-core model, and calls for industry accountability.
By Mark Curphey
January 29, 2025

Are there too many bubbles of similar security efforts?

Why we shouldn't work together for the greater good of the security industry
By Mark Curphey
March 26, 2024

SBOMs for Production Incident Response Maybe a Killer Trojan Use Case for Security

SBOMs are more valuable for platform engineers than they are to security engineers today, and why this will help security in the long run.
By Mark Curphey
November 14, 2023

Build System or Bust and Wrapping Security Tools Using Docker

Build System or Bust and Wrapping Security Tools Using Docker
By Mark Curphey
November 13, 2023
More Security articles

Whack-a-mole is dead

Welcome to the post alerts and issues era, and why security insecticides are a better approach.
By Mark Curphey
November 6, 2024

On Social Media Witch Hunts and Learning Important Lessons

As Jen Easterly from CISA said, ‘this (CRWD saga) is a dress rehearsal for what China could do in the future’ and if we don’t learn the actual lessons here we are doomed to repeat history.
By Mark Curphey
September 10, 2024

C isn’t a Hangover; Rust isn’t a Hangover Cure

It seems there are too many people in the security industry that are too fast to condemn C/C++
By John Viega
April 23, 2024

Is Shadow Development Really A Problem?

A look at how the BYOD problem was solved and how we can use that approach to solve the shadow development problem
By Mark Curphey
April 10, 2024

Welcome ZAP to the Open Source Fellowship

The Crash Override Open Source Fellowship is a program to help sustain and grow important open source security projects.
By Mark Curphey
March 14, 2024

The Crash Override Open Source Fellowship

The Crash Override Open Source Fellowship is a program to help sustain and grow important open source security projects.
By Mark Curphey
March 13, 2024

Best-of-Breed and Industry Standard is Misleading

Best of Breed and Industry Standard is Misleading
By Mark Curphey
November 14, 2023

The Power of Small, Fast, Grit and Cross-Functional Relationships

The traits of high performing security teams
By Mark Curphey
November 13, 2023

Company News

Chalk has a new home

We have have refreshed the documentation for the Chalk project, and moved it to its new home. Chalk for serverless functions is coming soon!
By Mark Curphey
April 13, 2025

The Business Value of Engineering Relationship Management

This articles explains the business value of ERM. For everyone in DevOps, it's a better experience, a more efficient & a cheaper way to work.
By Mark Curphey
April 9, 2025

Introducing Engineering Relationship Management

ERM is a single source of truth and a complete change ledger for DevOps, connecting all your code, cloud infrastructure, tools, builds & deployments.
By Mark Curphey
April 8, 2025

Chalk is now officially open-source

Chalk is officially now open-source
By Mark Curphey
September 26, 2023
More Company News articles
Crash Override

Subscribe to our newsletter

Practical insights, sharp takes, and tactical guidance for engineering and security leaders.

© 2025, Crash Override Inc.Cookie PolicyPrivacy PolicyData Subject Access Request