Client, Denim Group, an IT consultancy that develops secure software and helps organizations assess and mitigate risks with their existing software , announced today that it has launched ThreadStrong, a self-paced online training curriculum to teach developers how to build security into their applications.
ThreadStrong also helps satisfy compliance regulations, such as the Payment Card Industry Data Security Standard (PCI DSS), which require developers be provided secure development training. A related video may be viewed at: http://tinyurl.com/qogd78.
Client, Denim Group, invites security related journalists, bloggers and industry analysts to listen in on a conversation between two leading website risk management experts
who will address the issue of enterprise software applications remediation.
Thursday, June 11, 2 PM EST,
Jeremiah Grossman, Founder and CTO of WhiteHat Security, will provide
background on this vexing problem and will share the results of WhiteHat's
ongoing efforts to quantify the remediation time frames
Why can it take
organizations longer than three months to fix Web applications that have the
most serious vulnerabilities?
What are the most common
excuses that developers use to push out the remediation of vulnerabilities
identified during a comprehensive assessment process?
will also interview our client, Dan Cornell, Principal at Denim Group, who
works with clients to develop remediation strategies that drastically decrease
the time that vulnerabilities exist in fielded applications.
will detail what works and doesn't work, how to counter common objections to
fixing issues, and how best to implement a comprehensive application
remediation strategy for your most critical applications.
Register, Log on Here.If you are
unable to make the call, we hope you will keep Dan Cornell, and the team at
Denim Group in mind as an expert source in all phases of application security.
In this world of online this and that, I am still a firm believer in traditional industry analyst briefings.
Yes, in person and phone-conferenced briefings are alive, well and effective.
For client, Denim Group, we're in the process of doing analyst briefings with leading security analysts.
Here's a few tips:
1. Make sure you identify the right analyst that covers your market segment as closely as possible. Here's an example of how to find coverage segments.
2. While you can try to reach out directly to the analyst, you will generally be asked to fill out an online form to get schedule for the briefing. An example of an online form.
3. Once you have the briefing scheduled, make sure you have your presentation customized for the analyst you are pitching. And make sure you have the briefing to the analyst on time.
4. Determine your goals for the briefing. As a rule, I like briefings to see what types of questions you get and if you are spot on with your message. Even if you are not a paying client of the analyst firm, analysts are paid to be in the know and if your company has a compelling story, then share it.
5. When wrapping up the call, ask if the analyst could be reference to the media and if possible your company can be included as a vendor when they are doing reports on industry trends.
Don't expect analysts to be mouthpieces or cheerleaders for your company. Regardless if you are a paying client or not, analysts are there to listen and be in the know about greater market trends and where markets-- and market opportunities are.
Debbie Weil Debbie Weil, aka the MonaLisaOfBlogging.com, is a corporate blogging and online communications consultant and the author of the forthcoming "The Corporate Blogging Book: Absolutely Everything You Need to Know to Get It Right" for Penguin Portfolio (2006).