I wasn't able to enjoy the Super Bowl on Sunday night as I was flying home from a family funeral. I did get some updates from fellow passengers, and even though the Atlanta fans were celebrating a big lead early and the New England fans were fearing an embarrassing defeat, I knew the game would be a fight to the finish. In case you didn't see it (or if you aren't a big NFL football fan) let me… READ MORE

Identifying the scope of Risk for an Application Security Program is not as difficult a task as it seems. Risk Strategies for network, server and desktop environments exist in almost every company and working with the compliance group is a great starting point.  If you do not have the assistance of a compliance group then there are some great resources out there, at Veracode the Security Program… READ MORE

The subject of Risk is an old topic in Program and Project Management circles, identifying risks and developing strategies is the vision of success or the apparition of failure.  There are thousands of floors of compliance personnel developing Risk Strategies around the world, multiples of those floors for single companies! The benefits of developing a working Risk Strategy in Application… READ MORE