Blog | Crash Override

Building security tools is the wrong approach

We Need Modern Product Certification and We need It Now

The bull shitake from some security companies is out of control and security awards are a farcical tool they are using to look credible. It needs to stop.

The hackers mural in Amsterdam celebrating Grace Hopper and Alan Turing. True hackers.

Lets kills cheap tacky conference swag

The singularity is coming and we are already seeing people trying to socially engineer AIs rather than historically socially engineering humans.

The data from corporate messaging tools may indicate that developer led adoption isn't the best strategy for the widespread adoption of security tools

Why aren't there more developer tools with security features ?

I recently had a eureka moment that the appsec industry, including myself, haven't totally embraced the devops principle of observability.

We should accept that developers only pay lip service to security

How can we help open-source security projects generate sustainable funding without having to become commercial open-source companies? I have an idea.

Why are the same old appsec issues still a thing in 2023? Maybe its because we are doing the same things over and over hoping they will go away? Maybe.