Useful data points for shaping your SDLC program By Robert Auger 1/11/11 If you work in infosec for a large organization it can be difficult to easily track the state of every software level vulnerability throughout your various code bases....
By Robert Auger 6/15/09 If you've worked in information security you've likely had to report a security defect to development in an effort to remediate the issue. Depending on your organization and its culture this can be a rather difficult...
By Robert Auger Version 1.06 Last Modified: 4/22/2007 Article originally written for The Web Application Security Consortium's guest article project. One of the reasons why vulnerabilities are still common-place is because new generations of developers are making the same mistakes....
By Robert Auger 10/18/2006 Introduction Identifying security defects before a product ships reduces the risk of embarrassing public exposure, the cost of repairing the defect, and the risk to your customers. Your customers will not forget being compromised via a...