Tech PR / Social Media Advisor / Content Strategist
If you're a member of the media, blogger or industry analyst covering #ApplicationSecurity, client, John Dickson, CISSP from Denim Group is available for insights and interviews on the concept of The Permanent Campaign.
Reach out: alan at weinkrantz dot com for interview information.
The Texas Lyceum convenes its first quarterly meeting of 2010 in San Antonio to tackle the sensitive topic of risks associated with our connected lives.
The weekend will explore the risks we incur by having much of our information available and potentially vulnerable on the Internet. Be it social media, online banking or buying something on E-bay, hackers are increasingly able to piece together information from disparate sources to put our reputation, finances, and identities at risk.
The centerpiece for the weekend will be the first public debate of the Lyceum’s 2010 “Great Debate” series. The debate, to be televised statewide via public television, will tackle the thorny issue of whether existing laws and technologies adequately protect our data and identities in an online world.
Panelists will represent opposing viewpoints in this debate – hackers and privacy advocates who will argue these protections are inadequate, and security leaders and government leaders who will argue that laws and technologies are closing the gap.
The weekend will include interactive and team activities to help Lyceum Directors better understand how these privacy and security risks affect their day-to-day lives. An intended goal of the weekend will be to raise the level of awareness for Lyceum Directors regarding public policy involving online security and privacy.
The backdrop of the conference will be San Antonio and its growing cyber security industry. Acknowledging that San Antonio is becoming an emerging center of computer security activity, the United States Air Force is currently locating its 24th Air Force Cyber Command at the city’s Lackland AFB.
Click here for the weekend agenda.
Members of the media, industry analysts and bloggers covering security and privacy issues, please contact me - alan at weinkrantz dot com for more information.
Client, Denim Group just made the “technology preview” release of their Vulnerability Manager application available. This is an internal Denim Group project they’ve been working on for a number of months. It has been through a number of private and semi-public demonstrations, so they are really excited to make it available to a broader audience.
If you're an industry analyst, journalist, or blogger covering application security, reach out to me at: alan at weinkrantz dot com for a briefing.
Here's a quick overview....
Vulnerability Manager is a Java/Spring/Hibernate-based web application allowing organizations to automate and centrally manage administration of many of the functions of an application security program:
· Create and maintain a portfolio of applications
· Import and merge vulnerability results from a variety of free and commercial static and dynamic scanning tools
· Automatically generate WAF and IDS/IPS rules for identified vulnerabilities (virtual patching)
· Track attack statistics for vulnerabilities based on WAF and IDS/IPS logs
· Bundle vulnerabilities and send them to defect tracking systems
· Track team maturity practices according to standards such as OpenSAMM
There is an online screencast demo here:
Vulnerability Manager sprung from a number of conversations and engagements we had with clients discussing the problems they faced getting application security programs working in their organizations. At Denim Group we have been fortunate to have the opportunity to work with folks across the spectrum of application security maturity and we think we have assembled some capabilities that will be compelling to many organizations.
· In short – it still needs serious work before I would put it in production. Please be kind and constructive in your feedback
· It works well for our example files under controlled conditions. Outside of those circumstances… good luck (please let us know about any issues)
· The application has not been through a proper security review and has, in fact, been built in an ad hoc manner that we are aggressively working to correct (please do as we say, not as we’ve done thusfar)
· A number of must-have features surrounding configuration and workflow have not yet been completed. Those are in progress
· “Vulnerability Manager” is a terrible name for an application and we promise to come up with something cooler
Client, Denim Group, an IT consultancy and strong contributor to the larger application security community, has just announced that it foresees shifts in the application security landscape this year. As a trusted advisor to many Fortune 500 and large public sector organizations, the firm has just announced its guidance on the top application security trends for 2010.
Members of the media, industry analysts, and bloggers - if you need topical expertise on Application Security, Software Security and issues critical to assessing and mitigating risks with their existing software please reach out to me at alan at weinkrantz dot com. I'll connect you with client, Denim Group.
Follow Denim Group Principals - @danielcornell and @johnbdickson on twitter.
Here is client, Denim Group's @danielcornell and @johnbdickson talking about application security and broader security issues at large.
Many thanks to @scobleizer and the whole Rackspace team including @kr8tr and @rjamestaylor for helping to make this happen.
I'm lucky to learn from my clients. In this case, check out what client, Denim Group has to say about Social Network and Security.....
John Dickson, Principal at Denim Group, reflects on his recent travels to Black Hat 2009. John talks about smart metering technology, the electric smart grid, security breaches, application security strategies, and the landscape of the security industry.
If you are at Black Hat 2009, meet @johnbdickson.
His company, Denim Group, an IT consultancy that develops secure software and helps organizations assess and mitigate risks with their existing software, just announced that it's teaming with WhiteHat Security, to expand its portfolio of services by offering WhiteHat Sentinel for ongoing website vulnerability management to quickly and accurately identify security defects in Web applications.
Tech PR / Social Media Advisor/ Content Strategist
Alan Weinkrantz is a strategic technology Public Relations and Social Media advisor to American and Israeli companies.
He helps thought leaders establish their message, create visibility, and build credibility via traditional and emerging media channels.
Tech PR / Social Media Advisor/ Content Strategist
Alan Weinkrantz is a strategic technology Public Relations and Social Media advisor to American and Israeli companies.
He helps thought leaders establish their message, create visibility, and build credibility via traditional and emerging media channels.
Theme created for Posterous by Obox
