The 2016 year has been a consistent reminder that hackers are still hard at work looking to take down top organizations around the world. During this year, we’ve focused on educating our readers about these attacks and...

In this five part blog series, I've been focusing on covering some of the attacks that have exploited various features in the SSL/TLS mechanism. We've covered general bad practices and bad implementation. Today we'll be...

While I realize that the reason DREAD has withstood the test of time is due to it's simplicity and clarity, I think that accuracy and a clear "you need to do something now" is essential.

DREAD has withstood the test of time is due to its simplicity and clarity. If you make things too heavyweight, people are less likely to use it. Also, when classification systems are too granular, more time is spent...

What's the single most impactful step you can take to improve the security of your applications and your application development process?

Issues with SSL and TLS are seemingly commonplace these days. In my previous post, I discussed many of the vulnerabilities that I've come across in the last few years conducting software security assessments for our...

IT security spend is on the rise; however, damaging attacks and data breaches are more common than ever. Part of the reason for this is the imbalance of spend and mindshare – many organizations allocate higher budget to...

With all the SSL/TLS bugs that seem to come out every month nowadays, as a security penetration tester it's hard for me to remember which bug causes what, how hard the exploit is, and what needs to be done to fix it. Over...

In March of this year, OWASP released their 2016 edition of the Mobile Top Ten. Now that organizations have had some time to get acclimated to it, I wanted to provide some of my thoughts on it.

OWASP got this one right. I...

V2V Communications: What About My Privacy?

by Gene Carter on November 23, 2016 at 5:02 PM

There is a shift in focus from surviving accidents to stopping an accident from ever happening. Have you ever experienced unexpected stopped traffic as you crest a hill? Or narrowly missed hitting another car because your...