Jason Taylor

Jason Taylor
Jason Taylor leads the strategic direction for all of Security Innovation’s engineering and technology initiatives. He was the designer of our "Creating Secure Code" methodology which has been implemented at many of the world's largest technology organizations. He is a Microsoft Developer MVP for Security and has co-authored ten security guides with the Microsoft Patterns & Practices team.
Find me on:

Recent Posts

There are a set of best practices that can be used to build security into applications that use databases to send, retrieve, and store data including appropriate input validation and the use of prepared statements.  You...

What's the single most impactful step you can take to improve the security of your applications and your application development process?

When you buy 3rd party software or outsource application development, you inherent all the vulnerabilities that the vendor fails to eradicate. To mitigate financial and operational risk, it’s important that security and...

Part 5 of 5 - Attaining a High Level of SDLC Maturity

To view the previous post in this five-part series, click here.

Part 4 of 5 - How do you know how you're doing if you aren't measuring?

To view the previous post in this five-part series, click here.

Part 3 of 5 - The Need for More Educated Development Teams

To view the previous post in this five-part series, click here.

Part 2 of 5 – The importance of Standards & Policies

To view the previous post in this five-part series, click here.

Part 1 of 5 - the Facts of the Case

Security Innovation and the Ponemon Institute recently released our Current State of Application Security report, which was based on researched designed to better understand the maturity...

Software Vulnerability Management

by Jason Taylor on June 19, 2012 at 10:54 AM

Be sure to classify and be careful with your fix!

When you conduct an application security assessment, whether it’s a static analysis scan, dynamic analysis scan, penetration test, or code review, you are going to be...

Our customers are interested in reducing application security risk. Over the years we’ve seen a variety of approaches to this problem and have helped many customers on their path toward more secure applications and reduced...