Avatar photo
David Archer
AppSec Observer
David Archer holds extensive experience in secure multiparty computation and information security, trustworthiness, and provenance. Specific areas in which he has worked include applications of linear secret sharing and garbled circuits to data communications and analysis, data provenance and trust assessment in relational contexts, and processor and memory system architecture. Prior to joining Galois, Dr. Archer led the Deep Sub-micron CAE business unit at Mentor Graphics, directed engineering on workstation and server chipsets at Intel, was instrumental in development of the communication architecture of the ASCI Red TeraFLOPS system developed by Intel Supercomputer Division, and participated in the design of multiple generations of custom CPU products. Dr. Archer holds a Ph.D. in Computer Science from Portland State University as well as an M.S. in Electrical Engineering from the University of Illinois at Urbana-Champaign.

Enhancing observability with IAST | AppSec | Contrast Security

Enhancing observability with IAST | AppSec | Contrast Security

|
Observability has become crucial in software engineering as modern applications grow more complex and distributed. The rise of microservices coupled with the widespread adoption of application programming interfaces (APIs) and cloud-native architectures have necessitated a more comprehensive understanding of system performance and health. This movement started in the 2010s and ... Read More
AppSec Observer
Debunking the myths around RASP

Debunking myths around RASP (Runtime Application Self-Protection) technology

| | Application Security, AppSec, IAST, rasp
Welcome to the second part of this series examining some of the myths that I’ve heard in many conversations around Interactive Application Security Testing (IAST) and Runtime Application Self-Protection (RASP) while working at Contrast. Over the past four years, I have had the pleasure of discussing RASP with both open-minded ... Read More
AppSec Observer
Debunking IAST myths

Debunking IAST myths

| | Application Security, AppSec, IAST
If you have followed Contrast's progress over the years, you will recognize us as a leading provider of Interactive Application Security Testing (IAST)/ Runtime Application Self-Protection (RASP) (and recently Static Analysis Security Testing [SAST!]) provider. Contrast has been working on security instrumentation for nearly a decade now, and during my ... Read More
AppSec Observer

Extending Protection With Azure Sentinel

|
Applications are perpetually accosted by hackers intent on doing harm to your business. They'll dig and look under the covers for any exploitable entry point they can find. At the same time, development teams struggle to deal with a backlog of unremediated application vulnerabilities, especially if they’re using inaccurate legacy ... Read More
AppSec Observer

Real-time Remediation Support Helps Developers Write Better Code

|
Learning From Our Software Development Mistakes Like anyone else, I hate making mistakes. When I do, I usually feel that I could have avoided it by learning more about the subject or maybe by asking for help. Good intentions aside, however, the reality is that we will still make mistakes ... Read More
AppSec Observer
Elite Performers Choose Simpler Tools

Elite Performers Choose Simpler Tools

| | Application Security, Contrast Assess, DEVOPS, Vulnerabilities
I was fascinated to read this year’s Accelerate State of DevOps Report 2019 which now represents six years of research and data from over 31,000 professionals in our industry. It delivers insight into the practices and capabilities that drive high performance. By following the advice in the report, teams can ... Read More
Security Influencers Blog
Blackwire, Blockchain, Ethereum scam

Blockchain: Hype or Hope for Transactional Security?

| | blockchain, security, transactional security
It has been said that time is nature’s way of making sure everything doesn’t happen at once. In practice, time is a good way to make sure that events happen in order: that payment happens before title is conveyed or that authentication happens before privileges are granted. It has also ... Read More
Security Boulevard