AppSec Blog

Ask the Expert - Jim Manico

Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. Jim is a participant and project manager of the OWASP Developer Cheatsheet series. He is also the producer and host of the OWASP Podcast Series. 1. Although SQL Injection continues to be one of the most commonly exploited security vulnerabilities … Continue reading Ask the Expert - Jim Manico

Ask the Expert - Dan Cornell

Dan Cornell has over fifteen years of experience architecting and developing web-based software systems. As CTO and Principal, he leads Denim Group's security research team in investigating the application of secure coding and development techniques to improve web-based software development methodologies. Dan was the founding coordinator and chairman for the Java Users Group of San … Continue reading Ask the Expert - Dan Cornell

SANS Appsec Survey

SANS has just opened a survey to understand more about the challenges and risks that companies are facing in application security, and what tools and practices people have found are most effective in managing appsec problems. Please follow this link and take 5-10 minutes to answer the survey questions: Help shape the future of … Continue reading SANS Appsec Survey

Ask the Expert - Johannes Ullrich

Johannes Ullrich is the Chief Research Officer for the SANS Institute, where he is responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics … Continue reading Ask the Expert - Johannes Ullrich

Ask the Expert - John Steven

John Steven is the Internal CTO of Cigital. John's expertise runs the gamut of software security from threat modeling and architectural risk analysis, through static analysis (with an emphasis on automation), to security testing. As a consultant, John has provided strategic direction to many multi-national corporations, and his keen interest in automation keeps Cigital technology … Continue reading Ask the Expert - John Steven