Shawn Drew

Shawn Drew has spent the last five years helping businesses understand the difference that technology can make for their internal processes, external connections, and bottom line. He specializes in all things cloud computing and security, and hopes to impart some knowledge on how the two can be combined to enhance the inherent benefits of each. His work has been published on the websites and blogs of a number of technology industry leaders, such as IBM, Veracode and Boundary.

Posts by Shawn Drew
  • 5 Key Qualities of a CISO
    October 26, 2015  | Managing AppSec
    5 Key Qualities of a CISO

    The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey from… READ MORE

Stay up to date on Application Security

  • Threat Intelligence Sharing: Is Your Enterprise Ready?
    August 25, 2015  | Security News
    Threat Intelligence Sharing: Is Your Enterprise Ready?

    There's little wonder why the concept of threat-information sharing is becoming so popular: It represents a state where security professionals can share and access real-time threat information, greatly increasing their ability to respond to emerging threats. But while the concept of open threat intelligence is gaining significant traction, the movement is still truly in its infancy. Enterprise… READ MORE

  • Secure Coding Is Required When Attacks Are Inevitable
    July 1, 2015
    Secure Coding Is Required When Attacks Are Inevitable

    With everything on a CISO's plate, preventing and reacting to external attacks has usually been done on a contingency basis, with a reliance on existing security to keep hackers away and the hope that a directed attack doesn't occur. But today, a majority of security professionals expect their businesses will be hacked in the coming year. That means CISOs have to change their approaches to… READ MORE

  • How a Third-Party Compliance Policy Can Save Your Business
    March 23, 2015
    How a Third-Party Compliance Policy Can Save Your Business

    It's nearly impossible for modern enterprises to avoid third-party software and outsourced code. But as hackers and thieves continue to focus on the software layer, it's becoming increasingly important for every enterprise to develop a process for addressing their outsourced or third-party software, which must include a third-party compliance policy. Without one, enterprises leave themselves open… READ MORE

  • Safety Check: Methods for Analyzing Third-Party Security
    December 9, 2014
    Safety Check: Methods for Analyzing Third-Party Security

    With almost every software development team now utilizing open source code, outsourced development, commercial-off-the-shelf (COTS) software or some other form of outsourced software, the need to understand proper third-party security has never been greater. The gamut of methods for analyzing third-party software runs from robust solutions that check for true application security to others so… READ MORE

  • A Guide to Static Testing of Web Apps: No Running Required
    September 23, 2014  | Intro to AppSec
    A Guide to Static Testing of Web Apps: No Running Required

    In the modern, fast-paced world of Agile software development, where an organization may have new or updated web apps released every few days or weeks, application security scans are sometimes delayed until the last part of the quality assurance (QA) phase. However, even if developers are versed in secure architectural design and threat modeling, security issues will sneak through the development… READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

No thanks, back to the article please.