Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.


What to Do about Latest Yahoo Data Breach

On Wednesday Yahoo disclosed a data breach that affected one billion accounts. Yahoo said that it believes an "unauthorized third party accessed the company's proprietary code to learn how to forge cookies." It was not clear which incident the..

Continue Reading >>

Obama Orders Review of Election Hacking

BACKROUND - President Obama recently ordered a “deep dive” into the cyberattacks of this year’s election and he wants the report before he leaves office on January 20. This request comes as President-elect Trump has again dismissed the intelligence..

Continue Reading >>

New Guide Available: Application & Data Security Volume II

A new guide, published by DZone and entitled "Application and Data Security" is now available for free. This Guide offers a deeper look into challenges and solutions for implementing secure practices. Dive into building applications that..

Continue Reading >>

What Happens to Application Security When Your Apps Go to the Cloud?

This article discusses the pros of applications moving to the cloud, the security dilemma’s surrounding the move, and the explosion of software defined networks and tools. It first appeared in App Developer Magazine on November 9th, 2016. Below..

Continue Reading >>

The Impact of Fake Retail Apps Hitting the Apple App Store this Year

Last week, App Developer Magazine, in an article titled "The Impact of Fake Retail Apps Hitting the Apple App Store this Year" prominently features Contrast Security Co-founder and CTO Jeff Williams. The article discusses how counterfeiters have..

Continue Reading >>

Poor Election Cybersecurity Abounds

In an SC Magazine article published earlier this week, Larry Jaffee discusses the potential cybersecurity concerns of next week’s presidential election (yikes, Election Day is next Tuesday). Jeff Williams, CTO and cofounder of Contrast Security,..

Continue Reading >>

Chat all you want… but will that data in your message be secure?

Businesses are looking to tools to improve productivity — no surprise right. Business apps are not just “stand-alone” and isolated but they are in the cloud and integrated with other tools and data. Integrations and “plug-ins” with other apps and..

Continue Reading >>

Is There a 3rd Category of Application Security Tools Beyond Static & Dynamic?

Recently, Clark Coleman asked a very logical question about application security tools:

Can you explain the difference between DAST (Dynamic Application Security Testing) and IAST (Interactive Application Security Testing)? To a novice like me,..
Continue Reading >>

Application Security: Changes to Microsoft Patch Tuesday

Everyone should be patching like Microsoft.

You can argue with some of the tiny details about how Microsoft schedules patches, but the elephant in the room is that nobody has thought through continuous patching better or for longer than Microsoft.

Continue Reading >>

So, Now We Have a Federal CISO...

So, now we have a federal CISO, Brigadier General [Retired] Gregory J. Touhill, as part of the Office of Management and Budget (OMB.) But, what does that really mean?

Continue Reading >>