John Montesi

John is a B2B and SaaS expert who likes to explain complex concepts using cute animals and cocktail napkins. He believes that content marketing is the future and sometimes ghost writes, but he can never prove it.
Posts by John Montesi

The Top 6 App Security Myths and Why You Can't Believe Them

December 16, 2015  | Intro to AppSec

Application security is hardly the hottest topic around most water coolers. That hasn't stopped several app security myths from developing and spiraling out of control. Before one more person tells you that basic antivirus software can prevent all types of malicious hacking, drop everything you're doing and read this list of the top six AppSec myths. 1. It's too expensive. We've... READ MORE

3 Tips for a Better Quality Assurance Process

November 4, 2015  | Intro to AppSec

In the maddening race to deliver more products, faster, and at a higher quality than ever before, the stakes grow as technical debt soars. Many developers shorten or skip the quality assurance process to meet unreasonable demands, which leads to tension between security teams, product teams and the business. Here's a look at three ways to keep your quality assurance process thorough without... READ MORE

The New CISO: 5 Ways to Plan for Your Future Career in Cybersecurity

October 23, 2015  | Managing AppSec

Businesses have done away with clunky closets full of rack computing in favor of the cloud. Soon the chief information security officers (CISOs) who used to sit in those hot, windowless rooms will be replaced by more flexible employees who understand the business side of their roles as well as they understand the dynamic nature of a career in cybersecurity. Having business and legal chops will... READ MORE

The Uconnect Hack Is Scary, but the Internet of Things Doesn't Have to Be

October 8, 2015

Automobile hackings have been in the news a lot recently. The big Uconnect hack affected 1.4 million Chrysler vehicles and exposed a vulnerability that allowed security researchers to enter the Uconnect multimedia entertainment system and control vital vehicle functions. That doesn't just mean hackers can force you to listen to Nickelback against your will — it means they can use the... READ MORE

5 Reasons Why the Importance of Application Security Cannot Be Overstated

October 5, 2015

In today's business landscape, the importance of application security has emerged as a leading factor impacting a company's brand perception and even its bottom line. Yet somehow, despite the exponential growth of digitilization, security protocol rarely acknowledges just how much critical information is in the cloud or other software environments. In a recent whitepaper, entitled "... READ MORE

Cybercriminals Live Like Kings and Want Your Money

September 10, 2015

Cybercriminals are among the biggest threats to enterprises today. The Internet has made valuable information more tantalizingly accessible than ever before, and cybercrime is not yet consistently policed. The nature of the World Wide Web allows international cyber gangs thousands of miles away to attack domestic enterprises at their own leisure with little fear of repercussions. In a webinar... READ MORE

To Understand How a Secure Application Layer Can Prevent Disaster, Look No Further Than 2014's High-Profile Cyberattacks

August 26, 2015  | Intro to AppSec

2014 was a good year for cybercriminals. Several marquee hacks cost corporations billions of dollars — and, as Veracode's "2014: The Year of the Application Layer Breach" ebook points out, almost all of them originated in the application layer. As businesses of all types become increasingly dependent on software, the number of potential vulnerabilities in their systems skyrockets. From point-of-... READ MORE

Security Testing Is the Cheapest Way to Save a Billion Dollars

August 12, 2015  | Intro to AppSec

Everyone heard about the great Target credit-card hack of 2013. It was a nightmare scenario — a massive security breach came to light as Black Friday and the holiday shopping season began. A lack of comprehensive security testing resulted in a situation that caused damage to Target's reputation, with subsequent reparations totaling $148 million to date, according to the New York Times.... READ MORE

In Software Development, Speed and Security Don't Have to Be Mutually Exclusive

July 23, 2015  | Secure Development

Mention security and testing to a group of young developers, and you'll likely hear a lot of groans. It's not that the current generation of Agile-minded code hotshots is careless; rather, it's that the culture at most companies is one of speed and achievement. It's easier to celebrate milestones than it is to celebrate a lack of something, even if that something is a lack of hacks. And often,... READ MORE

Backdoor Hacking: Two Dirty Words Worth Learning

May 27, 2015

Revelations about NSA spying are old news and barely raise eyebrows now that the initial fervor has come and gone. In the information era, people seem to accept that information online isn't as private as it seems — but that complacency is a risky lackadaisy. Backdoor hacking built for justice can be exploited by cybercriminals. Just because some basic spying has been deemed innocuous... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu