Home / Blog / Andrew Hamilton
ahamilton's picture

Andrew Hamilton

Andrew is a Principal Security Consultant with Veracode focusing his time on web and mobile application penetration testing. Andrew has a broad base of experience with language from C, ColdFusion, Java, Flex (Action Script) and JavaScript and mobile application development. His development experience included building automation on Ant, Hudson and later the Jenkins platforms. Andrew is an active participant in his local ISC2 and ISSA chapters and presents occasionally to both. He holds active CISSP and GWAPT certifications. Andrew enjoys penetration testing and strives to provide maximum value to his clients. In his personal time, Andrew enjoys practicing Brazilian Jiu Jitsu.
Posts by Andrew Hamilton

Surviving a Password Policy Perfect Storm

December 27, 2016  | Intro to AppSec

As a security consultant, I see examples all the time of applications that don’t implement defense-in-depth to reduce the risk of account compromises. One area where this is especially problematic is password policy. Password policies can contribute to a strong application security strategy, or create a false sense of security while leaving user data and applications open to attack. Weak policies... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

No thanks, back to the article please.

 

 

contact menu

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

**Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.