Let’s start with an analogy
In today’s world, building applications is a lot like building a house. If you’re building a house, you start by going to a store and purchasing materials that serve as the foundation of your house. For simplicity, let’s take windows, doors, and countertops as an example. After you purchase these materials and begin construction, you’ll consider things like:
In other words, you (the builder), are…
Contextualizing Security Vulnerabilities
As a former penetration tester turned product-focused security professional, one of the most important things I’ve realized is that translating security risk to business impact is crucial in making your work resonate. Often times, the buyer of whatever security offering you’re selling will not care about the granular details of vulnerabilities your tool or service is able to uncover. For security analysts on the front line, contextualizing the “so what?” with the buyer will help build trust and leave a lasting impression.
Stepping into the world of web application security, let’s take a look at some of…
Co-founder @Ochrona Sec | PANW, ex-Expanse, ex-Deloitte. All views are my own.