At RSA 2019, Deb Radcliff talked with Anita D’Amico, CEO of Code Dx, an application testing company that is one of the DHS-funded startups at RSA.

DHS S&T wants people to adopt good cybersecurity practices, so they’re trying to get innovative cybersecurity technologies into operations as quickly as possible,” says D’Amico, who has commercialized DHS application security R&D through Code Dx.

In April of 2018, D’Amico, through the R&D group Secure Decisions, where she is the director, released a new product, Attack Surface Detector (ASD). The free tool has had nearly 30,000 downloads.

Matt DeLetto, the lead developer of ASD for Secure Decisions says:

ASD appealed to the DHS because it fills in flaws with conventional brute force and black box application testing... That includes unconnected endpoints and optional parameters left behind by coders and administrators [such as a debug parameter] that can be exploited if left in the code.

Read the full article at SANS.org.