Wendy Nather
Wendy Nather is Research Director, Security, within 451 Research's Enterprise Security Program, providing analysis on the current state of security from the perspective of a veteran CISO. Wendy's primary areas of coverage are application security, identity and access management, threat intelligence, and security services. Follow Wendy on Twitter here.Posts by Wendy Nather
Over 9,000 Back Doors: How Your Partners Make You Vulnerable
October 28, 2014
backdoors-vulnerable-partners.jpg For Target, it was the HVAC vendor. For JPMorgan Chase, it was a website run by a third party. Enterprises are becoming even more concerned about the security of their partners as news stories like these get the spotlight: attackers coming in through the digital loading dock. You may think you’ve mapped your attack surface across your own... READ MORE›
FS-ISAC Issues Guidance on Third-Party Application Security
January 8, 2014 | Security News 3
The following is a guest post by Wendy Nather, Research Director, Security, 451 Research. As a former CISO, I’m always happy to see practical advice for defenders. In increasing order of usefulness, there are these types of advice: “Here’s what could be wrong; you might want to take a look at that.” “This is wrong, and good luck fixing it.” “This is wrong, and here’s how we think you should... READ MORE›
Power to the People and the Coming AppSec Revolution
November 27, 2012
This article is a guest post by Wendy Nather, Research Director of the Enterprise Security Practice, 451 Research. Veracode is a client of 451 Research. When the revolution comes, the first up against the firewall will be your business partners – along with every other third-party that provides you with software. It used to be that you could call for more secure software from individual vendors... READ MORE›
