POPULARITY
Kent Landrum, Managing Director in Opportune LLP's Process & Technology practice who also leads the firm's Downstream sector and Dan Cornell, Chief Technology Officer of the Denim Group, discuss why a programmatic approach—rather than tactical—is best when address cybersecurity vulnerabilities, why application security in the software supply chain is imperative and how digital transformation can also increase exposure for energy companies, and more. For more podcasts from Opportune, visit https://opportune.com/insights/podcast.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Dan Cornell from Denim Group joined Technado with Don Pezet this week to talk about their ThreadFix platform for security program management. He also vented about the misnomer that developers don’t care about security. Then, in the news, the crew discussed the FCC taking spectrum from the auto industry and giving it to Wi-Fi, a ChromeOS alternative called Ubuntu Web Remix, the worst passwords of 2020, a security hole and sketchy patch for TCL TVs, and a spearphishing attack on GoDaddy employees.
Former Air Force intelligence officer and now principal of cybersecurity firm the Denim Group, John Dickson elaborates on how voters need to be prepared for possible disruptions or delays in the reporting of election results.
Former Air Force intelligence officer and now principal of cybersecurity firm the Denim Group, John Dickson elaborates on how voters need to be prepared for possible disruptions or delays in the reporting of election results.
The 2020 presidential election is just around the corner, and cybersecurity is once again at the forefront. From disinformation campaigns and election-related vulnerabilities to lockdowns and vote by mail efforts due to COVID-19, we cover it all — and more — in this jam packed episode featuring returning favorite, John Dickson, Principal at Denim Group, Ltd.– Free election security resources: https://www.infosecinstitute.com/iq/election-security-training/– Get free training for your entire cybersecurity team (10 or more): https://www.infosecinstitute.com/cyberwork– Enter code “cyberwork” to get 30 days of free training with Infosec Skills: https://www.infosecinstitute.com/skills/– View transcripts and additional episodes: https://www.infosecinstitute.com/podcastJohn Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years of hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies, including major financial institutions, launch and expand their critical application security initiatives.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.
Since 2001, the Denim Group have been helping their clients create resilient software that can be deployed to withstand attacks. They do this across the portfolio of software that clients have, and also do it at scale across the enterprise. I wanted to learn more about how their software development background helps them bridge the gap between security and software development, which enables their clients to build more secure software faster. Dan Cornell joins me on my daily tech podcast to talk about all this and much more. A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing, and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. Cornell is a sought-after speaker on topics of web application security, speaking at international conferences including the RSA Security Conference, OWASP AppSec USA and EU, and Black Hat Arsenal. He has also appeared as a guest speaker at institutions such as the Los Alamos National Laboratory. He has published papers on topics ranging from data security to high-end graphical simulations, as well as an IBM Redbook on building server-side Java applications for the Linux platform. Today's guest is also a recognized expert in the area of web application security for SearchSoftwareQuality.com and has been quoted as an expert in SC Magazine, Network World, CSO Magazine, Dark Reading, and many more.
On Monday of last week, Capital One announced a data breach affecting an estimated 106 million Credit card customers and applicants. This is one of the largest Data breaches experienced by a large bank. One noteworthy point is that this cyber theft was conducted against data stored in the cloud-hosted by Amazon Web Services. In the past, most cyber intrusions have been conducted against a corporate data center. Capital One is just one of the many companies that have migrated to cloud services technology to improve performance, deliver software enhancements, and reduce costs by closing down dedicated data centers. But, the heightened complexity and interdependency of applications deployed in the cloud has also introduced some new exposures and vulnerabilities. While attending the RSA conference in San Francisco this year, I had an opportunity to meet with John Dickson of the Denim Group. John explained how the migration to the cloud-based infrastructure is a completely new concept verses, how apps were developed five years ago. He also discusses the approach used to create cloud applications known as continuous integration, continuous deployment, or CICD. The sheer complexity of the many moving parts in this technology can lead to simple missteps in security, leading to a data breach.
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks.
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks.
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks. (edited)
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks.
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks. (edited)
With Peter out on vacation, Don and Justin were able to cut loose a little. They covered a big Verizon BGP route leak and a laptop that claims to be un-hackable. Then, John Dickson of Denim Group called in to discuss building resilient software that will withstand attacks. (edited)
A conversation with John Dickson, Principal at Denim group.
This podcast features a conversation with Dan Cornell, Class of ’98 and Sheridan Chambers ‘97, from the Denim Group and Trinity’s Computer Science Professor Paul Myers. Their conversation will address what the average person should be concerned about when it comes to computer security. They will also discuss how Denim Group got into the security industry and what the particular area of focus of the Denim Group is in the cyber security space.
Learn about AppSec careers in this discussion with Dan Cornell, chief technology officer at Denim Group.
John Dickson, Principal at Denim Group, talks about cybersecurity issues related to the upcoming midterm elections.
In episode 20 of The Secure Developer, Guy speaks to Dan Cornell, CTO of Denim Group, the developer security firm behind ThreadFix, a vulnerability resolution platform. The post Ep. #20, Using ThreadFix with Dan Cornell of Denim Group appeared first on Heavybit.
Britta Glade and Dr. Hugh Thompson delve into the latest cybersecurity technology developments with Microsoft’s Diana Kelley and Denim Group’s John Dickson. Topics to be covered include: •What is data gravity and how can it help analysts in the SOC/CDOC? •How can security strategies be adapted for DevOps application developments? •What are the advantages of using a layered machine learning (ML) model over a single ML? •Are humans in danger of being replaced by artificial intelligence?
In today's podcast, North Korea still seems to be leaving American IoT networks more-or-less alone, for now, however actively they're hacking elsewhere. Everything old is new again, at least with Russian EW. Cryptocurrency crime is a worry everywhere. A look at law firm hacks shows the counselors could use the help of some street-savvy hotel detectives more than a tech-savvy perimeter security solution, although that wouldn't be bad, either. Beware of letting World Cup Wi-FI be an own-goal. Apple's latest updates seem privacy friendly. Thoughts on AI, and the polygraphing of a time traveler that sounds totally legit. David Dufour from Webroot on new roles for security, and how that impacts hiring and education. Guest is John Dickson from Denim Group on securing voting infrastructure.
This is episode 6 of the "CISO’s Guide to Obtaining Budget" podcast series. To hear the entire series, visit bit.ly/2x0KhZM. In this concluding episode of this series, guest speaker John Dickson, principal and co-founder at Denim Group, focuses on how CISOs can add security components to CAPEX projects, effectively positioning themselves “upstream” of security needs. Understanding where and when to insert security initiatives into larger projects is a common denominator of success for many security leaders. To discover what’s impacting today’s CISO, visit the IBM website [ibm.co/2g8nR2r] and the CISO Corner [ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to listen to the other episodes in this series: bit.ly/2x0KhZM.
This is episode 5 of the "CISO’s Guide to Obtaining Budget" podcast series. To hear the entire series, visit bit.ly/2x0KhZM. Unlike most resource allocation decisions within the enterprise, decisions involving security projects are often influenced by external events, namely data breaches encountered by other organizations in one's own sector or industry. Today, guest speaker John Dickson, principal and co-founder at Denim Group, looks at how CISOs can take advantage of external breach stories to demonstrate the tangible need for increased security resources. To discover what’s impacting today’s CISO, visit the IBM website [ibm.co/2g8nR2r] and the CISO Corner [ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to listen to the other episodes in this series: bit.ly/2x0KhZM.
This is episode 4 of the "CISO’s Guide to Obtaining Budget" podcast series. To hear the entire series, visit bit.ly/2x0KhZM. Today, guest speaker John Dickson, principal and co-founder at Denim Group, explains why CISOs must be deliberate in their efforts to cultivate credibility. Those who approach the executive team only to ask for money or when a crisis is underway are less likely to have their requests met. To discover what’s impacting today’s CISO, visit the IBM website [ibm.co/2g8nR2r] and the CISO Corner [ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to tune in for the remainder of this series: bit.ly/2x0KhZM.
This is episode 3 of the "CISO’s Guide to Obtaining Budget" podcast series. To hear the entire series, visit bit.ly/2x0KhZM. Today, guest speaker John Dickson, principal and co-founder at Denim Group, highlights the value of knowing oneself and one's organization before appealing for funds and resources. Understanding how security fits into the larger corporate culture is crucial, as is cataloging all assets and liabilities that will influence conversations with the executive team. To discover what’s impacting today’s CISO, visit the IBM website [ibm.co/2g8nR2r] and the CISO Corner [ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to tune in for the other episodes in this series: http://bit.ly/2x0KhZM.
This is episode 2 of the "CISO’s Guide to Obtaining Budget" podcast series. To hear the entire series, visit bit.ly/2x0KhZM. Today, guest speaker John Dickson, principal and co-founder at Denim Group, offers advice for CISOs and security leaders looking to communicate more effectively and meaningfully with non-technical executives who may not feel fully comfortable making decisions on technical matters. Listen now to learn how successful security leaders translate abstract technical issues into straightforward risks that any executive can understand and take action on. To discover what’s impacting today’s CISO, visit the IBM website [ibm.co/2g8nR2r] and the CISO Corner [ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to tune in for the other episodes in this series: http://bit.ly/2x0KhZM.
This is episode 1 of a 6-part series [listen to them all! http://bit.ly/2x0KhZM] examining the difficult task of securing resources for IT and security needs. In each episode, John Dickson [http://bit.ly/2ivrIHE], principal and co-founder at Denim Group, will discuss challenges and share recommendations for how chief information security officers (CISOs) should approach the task of obtaining budget. This first episode introduces the "CISO’s Guide to Obtaining Budget" series and explains why spending on cybersecurity projects differs significantly from other projects in the enterprise. To discover what’s impacting today’s CISO, visit the IBM website [https://ibm.co/2g8nR2r] and the CISO Corner [https://ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to tune in for the remainder of this series: http://bit.ly/2x0KhZM.
Dan Cornell, CTO of Denim Group is host Ric Franzi's featured guest. His firm develops secure software, helps organizations assess and mitigate risk with existing software, and provides training on best practices in software security.