John Montesi

John is a B2B and SaaS expert who likes to explain complex concepts using cute animals and cocktail napkins. He believes that content marketing is the future and sometimes ghost writes, but he can never prove it.
Posts by John Montesi

The Internet of Things Puts a Threat on Every Wrist

May 15, 2015

The Internet has been abuzz with things lately — or maybe it's the other way around. The Internet of Things is here to stay, and that has meant a lot of changes for application and enterprise security. As apps diversify and everything from seemingly innocuous Fitbits to complicated bring-your-own-device programs become the norm, managing threats to secure enterprises will become an... READ MORE

Software Development Maturity Model: Free Advice From OpenSAMM

May 7, 2015

Crowdsourcing is a wonderful, powerful tool. After all, isn't it much easier to trust data gathered from large groups of people who don't stand to gain from the information they're sharing? That logic is what makes the OpenSAMM document, which speaks to the software development maturity model, so great. When industry professionals collaborate to share their knowledge on maintaining... READ MORE

Product Releases, Technical Debt and AppSec Are Not Mutually Exclusive

May 4, 2015

There's a troubling trend forming in hardware development cycles: New hardware products (particularly mobile devices) are coming out so fast that software developers can't keep pace. With every new iteration, the hundreds of thousands of perfectly functioning devices already in use become a little less relevant, and a little more neglected by their manufacturers. Amid all this madness,... READ MORE

Google Finds Vulnerabilities in OS X — Should You Be Scared?

May 1, 2015

The trend of accelerating hardware development is getting scary for software folks. According to CNET, Google's Project Zero recently discovered major vulnerabilities in OS X, notified Apple of the issue and — after 90 days — published its findings per its standard practice. At that time, Apple had still not solved the bug. There is little doubt these vulnerabilities (and their... READ MORE

The BMW Security Flaw, or Dude, Where's My Car?

April 22, 2015

Forget LoJack, it's 2015. If you want to protect your car — and your enterprise's secure data — it's about time you add it to the list of devices your AppSec program protects. The recent BMW security flaw announcement proves that even manufacturers acknowledge this brave new world of software vulnerability. It might sound crazy, but the era of computer hackers stealing... READ MORE

Mobile Apps: Welcome to the Wild West

April 20, 2015

In recent weeks, there has been a lot of talk about the phenomenon of hardware release cycles taking a toll on safe software development. Just as OS platform safety testing gets neglected in the mad dash to keep pace with hardware launch dates, IT organizations are also watching mobile app safety get tossed by the wayside as pressure to keep pace with consumer demands mounts. Between BYOD... READ MORE

Software Release Management: What Devs Can Learn From Apple's Example

March 27, 2015

Apple has been a hot topic in the tech world lately, and not because someone left a top-secret developmental iPhone 7 in a San Francisco bar. Instead, the company's like-clockwork annual product release has led to disappointment as the software-hardware web becomes more unwieldy. Software updates for iPhones and Macs are starting to detract from the stellar reputations of their predecessors,... READ MORE

Uber's Data Collection Policies: What Application Developers Can Learn About Consumer Trust

March 20, 2015

Hot on the heels of Uber's PR disaster, news about the app's Android permissions has forced the public to consider what's more important: convenient apps that have dramatically shifted the paradigm of one of the oldest industries, or privacy. According to BGR, the Uber app can see a lot of personal data, including whether or not a device is rooted, has malware on or is vulnerable to... READ MORE

What the WhatsApp Update Means for You

February 25, 2015

There's no question that WhatsApp, the popular messaging app that recently fetched $22 billion from Facebook, is a major player in the communication-technology sphere. So when the EFF released its Secure Messaging Scorecard, on which neither WhatsApp nor any other major messaging clients scored favorably, the company knew its reputation (and its users' safety) was at stake. In response to... READ MORE

Secure Messaging Apps: Did Yours Get an A on the EFF Scorecard?

February 16, 2015

Almost everyone has used Google Chat to talk to coworkers who are just down the hallway, or iMessage to text close friends from work computers. Our networks trust and authenticate such apps on the strength of their names alone. But, according to the recent EFF Secure Messaging Scorecard, neither are truly secure messaging apps — nor are any of the other reputable apps that many firms use.... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu