March 29, 2019
At Jemurai, we do a lot of custom projects building and breaking things and helping teams build more secure code. […]

Oops! A discussion about priorities and risk

February 5, 2019
This post is about a case where we didn’t follow our own advice or industry best practices and it bit […]

Technology and Security: AI, Cloud, IoT

October 9, 2018
So … someone asked me the following question, so I figured I’d put my answer in a blog post. In […]

It’s a Trap! Avoiding the Security Budget Trap.

August 28, 2018
It’s a trap.  You know it’s a trap.  But you don’t know how to avoid the trap. It is budget […]

Security in the SDLC (Reboot)

June 7, 2018
Today I was looking back for my blog posts about security in the SDLC from 2012-2016 and I realized that […]

Using the OWASP Top 10 Properly

March 7, 2018
I have gone to great lengths to strictly separate my OWASP activities from my Jemurai activities in an effort to […]

Commercial Software Using Open Source

February 1, 2018
Here’s an interesting slightly different spin on the otherwise tired “Open Source” vs. “Closed Source” being more secure debate! The […]

Tend Your Digital Garden

January 25, 2018
Something that is really hard about application security is that it isn’t something you can just point a tool at […]

Your Vulnerability Spreadsheet Says More Than You Think

January 9, 2018
More often than I’d care to say, I work on projects where a client has a vulnerability spreadsheet to rule […]

Thinking About Secrets

October 19, 2017
Introduction We have two types of projects that often uncover secrets being shared in ways that aren’t well thought through. […]

Popular Posts

Ready to get started?

Build a comprehensive security program using our proven model.
© 2019-2023 Jemurai. All rights reserved.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram