Sitemap

Main Pages

Home
About Us
Contact Us
Cookie Policy
Data Subject Access Request
Engineering Relationship Management
Newsletter
Open Source
Privacy Policy
Rsa
Vip Tour

Blog Posts

A Personal History Of The Appsec Industry
A Security Tools Crash Is Coming
Announcing The Alpha Release Of The Chalk Open Source Project
Are There Too Many Bubbles Of Similar Security Efforts
Best Of Breed And Industry Standard Is Misleading
Build System Or Bust And Wrapping Security Tools Using Docker
Building Security Tools Is The Wrong Approach
C Isnt A Hangover Rust Isnt A Hangover Cure
Chalk Is Officially Now Open Source
Chalk Project Website
Code Ownership And Code Owners Files
Could Sports Advertising Be A Valid Model For Sustaining Community Open
Creating Art Not Junk The Hack In The Box Treasure Hunt
Cve Nvd Doesnt Work For Open Source And Supply Chain Security
Cve Nvd Doesnt Work For Open Source And Supply Chain Security 2
Dependency Pinning Only Works If You Actually Review The Updates
Designing The Crash Override Brand And The Hackers Movie
Developers Only Pay Lip Service To Security Get Over It
Dont Blame The Players Blame The Game
Early Access To Crash Override
Five Questionable Things About Top Ten Security Lists
How Ai Might Affect Devsecops
How Can You Have Any Pudding If You Dont Eat Yer Meat
How To Easily Make Sure You Have Code Owners Files In All Of Your Production Repos
In The Future Can You Have Your Appsec Cake And Eat It As Well
Introducing Engineering Relationship Management
Introducing The Github Analyzer
Is Developer Led The Best Strategy For The Adoption Of Security Tools
Is Shadow Development Really A Problem
Less Appsec Assessment And Protection More Devsecops Observability
On Social Media Witch Hunts And Learning Important Lessons
On The Left On The Right And Wiggle In The Middle
Opengrep The Security Industry Deserves Better
Ransoming The Ciso Role Words Of Caution After The Joe Sullivan Legal Case
Sboms For Production Incident Response Maybe A Killer Use Case For Sboms
Security Marketing Exposed Part One
Security Quackery
Security Tools Cant Just Be Friction Free Was Sca The Tipping Point
The Appsec Letter Bomb Problem
The Business Value Of Engineering Relationship Management
The Crash Override Open Source Fellowship
The Cso Interviews The Biggest Unsolved Problems In Security Today
The Curse Of Ai In The Security Industry
The Hackers Mural Amsterdam April 2023
The Power Of Small Fast Grit And Cross Functional Relationships
The Sbom Frenzy Is Premature
The Security Industry Needs More Easy Buttons
We Dont Need More Bloody Appsec Tools
We Need Modern Product Security Certification And We Need It Now
Welcome Zap To The Open Source Fellowship
Whack A Mole Is Dead
What I Learned About Information Security From Academia
What The Bloody Hell Is An Application
Why Are The Same Old Appsec Issues Still A Thing In 2023
Why Devsecops Is Better Than Appsec And Why Devsecops Tools Will Never Be Enough
Why Open Core Gpl And Dual Licensing Is A Model That Works
Why Sca For Security Is Really Hard
Why Security Companies And Communities Come And Go
Why Supply Chain Security Is So Much More Than Open Source Code And Cves
Why You Should Not Give A F Ck About Security Awards