Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.


Point of View: Senate Stalls Cybersecurity Bill

The rush to "do something" about cyber security issues is leading both legislators in industry to ridiculous place.

Most people's knee-jerk reaction when thinking about cyber security is that we should go after the attackers.  The thinking is..

Continue Reading >>

Point of View: Chrysler recalls 1.4 million hackable cars

“The interesting thing about this recall is not that it’s going to be expensive and inconvenient (it will), but that it shouldn’t have had to happen.  We already know the importance of auto-update.  Remember those painful years of downloading..

Continue Reading >>

Point of View: Tesla opens up bug bounty program

“Bug bounty programs have been surprisingly effective and I don’t see this being any different for Tesla.  I think they’re smart to start with their website as they learn how to handle the influx of security bug reports.  As they mature, they may..

Continue Reading >>

Point of View: Army's Public Website Hacked by Unknown Intruders

All breaches are not created equal. The Army breach is actually considerably more disturbing than the IRS breach.  

Continue Reading >>

Point of View: Federal Personnel Data Breach

Government agencies are in serious danger from cyber threats. While many have a continuous network security program in place, most have spent very little time securing their applications.  We are going to continue to see breaches of government..

Continue Reading >>

IRS Hackers stole $39M and effected 2.7 million taxpayers

It’s easy to jump all over the IRS for a seemingly obvious security problem. Congress and reporters are calling for a quick fix.  This isn’t like fixing a broken window.  The complexity is more like an entire city with lead pipes, crumbling..

Continue Reading >>

IRS hit by data breach exposing 100,000 records

Read what Jeff Williams has to say about the data breach the IRS experienced exposing over  100,000 records. What can the IRS do about it and how should it be prevented from happening again in the future?

Continue Reading >>

We've Been Hacked. Our Data Was Breached. What Do I Do Now?

We're Sorry You Got Hacked.

First, if you just detected a data breach, you've been hacked, and you should probably stop reading this blog post and get to work fixing the problem. If you need a "What to do in the first 24 hours after a data..

Continue Reading >>

The Ankle Biters of the Application Security World

The playing field isn't exactly level, and ankle biters (aka script kiddies and hackers) know it. While businesses and organizations are triaging their vulnerabilities and fixing them as they can, script kiddies don't need to focus on The OWASP..

Continue Reading >>


Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook