October is National Cybersecurity Awareness Month. Are you aware yet?

October is National Cybersecurity Awareness Month. Are you aware yet?

DHS has declared October National Cybersecurity Awareness Month in an effort to—you guessed it—raise awareness about our shared responsibility in keeping cyberspace secure for everyone. I’m all for educating people about security threats and what they can do to prevent breaches, but there must come a time when awareness turns to action.

My memories of Becky Bace

My memories of Becky Bace

Rebecca Gurley Bace, a member of the Advisory Board of Code Dx, Inc., died last week. While we lament her loss as an Advisor to Code Dx, Inc., that lament is dwarfed by my personal sense of loss of Becky Bace’s friendship and mentorship. Becky was truly one-of-a-kind. I met Becky about ten years ago…

Security Misconfiguration

Security Misconfiguration

The fifth most critical web application security risk according to the 2013 Open Web Application Security Project (OWASP) Top 10 list is Security Misconfiguration.  This is only the second time it has made the list, starting in the sixth position on the 2010 list....
Insecure Direct Object References

Insecure Direct Object References

Insecure Direct Object References have occupied the fourth spot of the Open Web Application Security Project (OWASP) Top 10 list of the most critical web application security risks since 2007; however, these flaws didn’t even make the list when it was first created in...

Cross Site Scripting (XSS)

Number three on the 2013 Open Web Application Security Project (OWASP) Top 10 most critical web application security risks is Cross-Site Scripting (XSS), which moved down the list from the number two spot in 2010 and the top position in 2007.  It started on the...