Shawn Drew

Shawn Drew has spent the last five years helping businesses understand the difference that technology can make for their internal processes, external connections, and bottom line. He specializes in all things cloud computing and security, and hopes to impart some knowledge on how the two can be combined to enhance the inherent benefits of each. His work has been published on the websites and blogs of a number of technology industry leaders, such as IBM, CA Veracode and Boundary.
Posts by Shawn Drew

What Microsoft's Agile Development Plans Mean for Application Security

October 17, 2014  | Secure Development

microsoft-agile-development.jpg Waterfall development has been a staple of technology's largest software houses for decades, but now even the most blue-chip tech firms are considering more nimble approaches. Agile development has proven its power over the past few years, and Microsoft looks to be shifting its development process to take advantage of its benefits — including... READ MORE

How to Improve Cloud Computing Security Across an Enterprise

October 10, 2014

Since its inception, cloud computing has had the reputation of being high-risk when it comes to information security — and, according to a new study, that's still a problem. Enterprises looking to the cloud as a way to increase their agility or cut costs should be aware of these issues; in addition, CISOs have to understand the methods at their disposal that enable them to mitigate risk to data... READ MORE

Budget-Friendly Vendor Risk Assessment Is Possible—We Promise

October 2, 2014

budgeting-for-security-testing.jpg Application development teams are being pressured to do more with less, and are increasingly turning to open-source components and external software vendors to get their jobs done quickly. Vendor risk assessments have grown increasingly important as a result. However, the available budgets for these assessments are not growing in kind. Each CISO... READ MORE

A Guide to Static Testing of Web Apps: No Running Required

September 23, 2014  | Intro to AppSec

static-web-testing.jpg In the modern, fast-paced world of Agile software development, where an organization may have new or updated web apps released every few days or weeks, application security scans are sometimes delayed until the last part of the quality assurance (QA) phase. However, even if developers are versed in secure architectural design and threat modeling, security... READ MORE

How to Develop an Enterprise-Wide Security Vulnerability Assessment Solution

September 9, 2014

7853146846_4cc5d03168_o.jpg It's becoming evident that modern enterprise executives understand the importance of application security (AppSec). Despite this, however, only a very small percentage of applications undergo a true security vulnerability assessment, leaving the majority wide open to attack. Enterprise executives who understand the importance of AppSec must learn how... READ MORE

Threats in Custom App Development: Enterprises' Lack of Security

September 4, 2014

app-dev-security.jpg Proper App Development Requires Security from the Start   There is no greater threat to information security than the belief that systems are secure when, in fact, they are anything but. The growth in popularity of custom app development over the past few years has created a situation where many enterprises have thousands of applications in production with... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu