Philosophy

Announcing securityprogram.io

March 29, 2019

At Jemurai, we do a lot of custom projects building and breaking things and helping teams build more secure code. […]

Oops! A discussion about priorities and risk

February 5, 2019

This post is about a case where we didn’t follow our own advice or industry best practices and it bit […]

Technology and Security: AI, Cloud, IoT

October 9, 2018

So … someone asked me the following question, so I figured I’d put my answer in a blog post. In […]

It’s a Trap! Avoiding the Security Budget Trap.

August 28, 2018

It’s a trap. You know it’s a trap. But you don’t know how to avoid the trap. It is budget […]

Security in the SDLC (Reboot)

June 7, 2018

Today I was looking back for my blog posts about security in the SDLC from 2012-2016 and I realized that […]

Using the OWASP Top 10 Properly

March 7, 2018

I have gone to great lengths to strictly separate my OWASP activities from my Jemurai activities in an effort to […]

Commercial Software Using Open Source

February 1, 2018

Here’s an interesting slightly different spin on the otherwise tired “Open Source” vs. “Closed Source” being more secure debate! The […]

Tend Your Digital Garden

January 25, 2018

Something that is really hard about application security is that it isn’t something you can just point a tool at […]

Your Vulnerability Spreadsheet Says More Than You Think

January 9, 2018

More often than I’d care to say, I work on projects where a client has a vulnerability spreadsheet to rule […]

Thinking About Secrets

October 19, 2017

Introduction We have two types of projects that often uncover secrets being shared in ways that aren’t well thought through. […]

« Previous 1 2 3 Next »

Popular Tags

, , , , , , , , , , , , , , , , ,

Ready to get started?

Build a comprehensive security program using our proven model.

Schedule a meeting

Request a proposal

BLOG