Sitemap

Main Pages

Home
About Us
Contact Us
Cookie Policy
Data Subject Access Request
Engineering Relationship Management
Faqs
Crash Override
Erm
Newsletter
Open Source
Privacy Policy
Rsa
Vip Demo

Blog Posts

Blog
A Personal History Of The Appsec Industry
A Security Tools Crash Is Coming
Announcing The Alpha Release Of The Chalk Open Source Project
Are There Too Many Bubbles Of Similar Security Efforts
Best Of Breed And Industry Standard Is Misleading
Build System Or Bust And Wrapping Security Tools Using Docker
Building Security Tools Is The Wrong Approach
C Isnt A Hangover Rust Isnt A Hangover Cure
Cyber Industry
Engineering
Open Source
Product
Product News
Security
2
Chalk Is Officially Now Open Source
Chalk Project Website
Code Ownership And Code Owners Files
Could Sports Advertising Be A Valid Model For Sustaining Community Open
Creating Art Not Junk The Hack In The Box Treasure Hunt
Cve Nvd Doesnt Work For Open Source And Supply Chain Security
Cve Nvd Doesnt Work For Open Source And Supply Chain Security 2
Dependency Pinning Only Works If You Actually Review The Updates
Designing The Crash Override Brand And The Hackers Movie
Developers Only Pay Lip Service To Security Get Over It
Developers Own Code Security
Dont Blame The Players Blame The Game
Early Access To Crash Override
Five Questionable Things About Top Ten Security Lists
How Ai Might Affect Devsecops
How Can You Have Any Pudding If You Dont Eat Yer Meat
How To Easily Make Sure You Have Code Owners Files In All Of Your Production Repos
How To Uncover Potential Shadow Engineering Situations
In The Future Can You Have Your Appsec Cake And Eat It As Well
Introducing Engineering Relationship Management
Introducing The Github Analyzer
Is Developer Led The Best Strategy For The Adoption Of Security Tools
Is Shadow Development Really A Problem
Less Appsec Assessment And Protection More Devsecops Observability
On Social Media Witch Hunts And Learning Important Lessons
On The Left On The Right And Wiggle In The Middle
Opengrep The Security Industry Deserves Better
Ransoming The Ciso Role Words Of Caution After The Joe Sullivan Legal Case
Rsa 2025 Lost In The Petting Zoo Searching For Signal
Sboms For Production Incident Response Maybe A Killer Use Case For Sboms
Security Marketing Exposed Part One
Security Quackery
Security Tools Cant Just Be Friction Free Was Sca The Tipping Point
Shadow Engineering Devops Security
The Appsec Letter Bomb Problem
The Business Value Of Engineering Relationship Management
The Crash Override Open Source Fellowship
The Cso Interviews The Biggest Unsolved Problems In Security Today
The Curious Case Of Shadow Engineering
The Curse Of Ai In The Security Industry
The Hackers Mural Amsterdam April 2023
The Power Of Small Fast Grit And Cross Functional Relationships
The Sbom Frenzy Is Premature
The Security Industry Needs More Easy Buttons
We Dont Need More Bloody Appsec Tools
We Need Modern Product Security Certification And We Need It Now
Welcome Zap To The Open Source Fellowship
Whack A Mole Is Dead
What I Learned About Information Security From Academia
What The Bloody Hell Is An Application
Why Are The Same Old Appsec Issues Still A Thing In 2023
Why Devsecops Is Better Than Appsec And Why Devsecops Tools Will Never Be Enough
Why Open Core Gpl And Dual Licensing Is A Model That Works
Why Sca For Security Is Really Hard
Why Security Companies And Communities Come And Go
Why Supply Chain Security Is So Much More Than Open Source Code And Cves
Why You Should Not Give A F Ck About Security Awards

Subscribe to our newsletter

Practical insights, sharp takes, and tactical guidance for engineering and security leaders.

Chalk
Downloads
Open-source
Docs

Resources
About Us
Contact Us
Book a demo
Sitemap