Top Ten Tweets of AppSecUSA 2016
AppSecUSA 2016 wrapped up last week. To recap the event, we have captured what we think are the Top ...
Category: Web Application Security
Modern Security Series: Dangers of DevOps Monotheism
Don’t miss this event, register here > https://www.signalsciences.com/resources/dangers-of-devops-mo...
Getting Started With HoneyPy — Part 1
In my last post, Introduction to HoneyPy & HoneyDB, I covered the basics of honeypots and provided a...
Top 5 AppSec Defense needs in the Modern Era
Spinning the Top 5 AppSec Defense needs in the Modern Era, Casey Kasem style. The world has been doi...
Introduction to HoneyPy & HoneyDB
Last week, I discussed HoneyPy and HoneyDB at Blackhat and Defcon. This week I wanted to dive a bit ...
Blackhat and Defcon… It’s a wrap!
The Signal Sciences’ cabana at Blackhat Last week, we brought the Signal Sciences crew to Blackhat a...
A Reference Model for DevOps
The world needs a reference for collecting common DevOps principles and practices that are currently...
The Flow of Continuously Delivered Security
the future… it probably wont look like this ( source) Continuous Delivery meets Security and magical...
The Next Frontier of DevOps: Security
the future! it probably wont look like this… source Security is the next frontier of DevOps. Its a ...
Rugged DevOps: Making Invisible Things Visible
You might already know them from theagileadmin.com, but let me introduce you to two of the leading m...
More Silo Smashing Ideas, bringing InfoSec and DevOps together
Silo Smashing! (source http://ports.co.za/admin/large/image-587.jpg) Last week I wrote an article on...
The Legacy WAF Status Quo: User Expectations Are Changing
sta·tus quo - stādəs ˈkwō/ - noun the existing state of affairs, The “existing state of affairs” is ...
Lean Security: Add Business Value without Bringing Waste
Just a screenshot, scroll down for the real video! This presentation was given at DevOps Connect: Ru...
InfoSec Confession: We protect the wrong things and we slow everything down
One of the secrets of InfoSec is that while we are spending a lot of resources on security professio...
A Recap of DevOps Connect: Rugged DevOps at RSAC 2016
First, I would like to give a big “thank you” to the organizers of DevOps Connect: Rugged DevOps at ...
We’re not your typical vendor.
After two years of heads down product development and eight months of general release, I’m excited t...
The Elusive Unicorn of the New AppSec
As the brainchild of the development and operations departments of your business, DevOps is the unic...
Why DevOps and Product Teams Hate Web Application Firewalls
Welcome to WAF Jeopardy — Where you have the answers and we ask the questions! Here’s some security ...
Security in an Agile and DevOps World
Recently I was able to join a panel for SecCasts Live hosted by Ken Johnson (@cktricky) at nVisium.
Rugged Software Engineering from LASCON
I may be a little biased because I co-founded the conference back in 2010, however, one of my favori...