The importance of vulnerability management is simple — find and fix issues before an adversary finds and exploits them. Unfortunately, the remediation rates reported by leading application security vendors average only around ...

The importance of vulnerability management is simple — find and fix issues before an adversary finds and exploits them. Unfortunately, the remediation rates reported by leading application security vendors average only around ...

If you visit practically any enterprise InfoSec vendor’s website and are interested in trying out their products or services without speaking to a sales rep first, good luck — this is rarely ...

If you visit practically any enterprise InfoSec vendor’s website and are interested in trying out their products or services without speaking to a sales rep first, good luck — this is rarely ...

ObservationsFrom my personal experience and through conversations I’ve had with many other security pros, we’ve observed that the average level of competency among enterprise InfoSec personnel is either flat or decreasing. And ...

As a gift, or sometimes more like a curse, my dad passed down his love of classic cars to his children. Each of us has our favorites, and one of mine is ...

I wanted to get my dad a gift, but not just any gift. The perfect gift. For a diehard hot-rodder like my dad, there can only be one thing -- a car ...

Below is a working theory on the evolution of The Press in the United States as it relates to their relationship with the government and the people. I expect to continue refining ...

Over the last two decades the penetration-testing / vulnerability assessment market went through a series of evolutionary waves that went like this…1st Wave: “You think we have vulnerabilities and want to hire ...

There is a serious misalignment of interests between Application Security vulnerability assessment vendors and their customers. Vendors are incentivized to report everything they possible can, even issues that rarely matter. On the ...