Stephen Northcutt (President of the SANS Technology Institute) was kind enough to interview me as part of the Thought Leaders in Software Security Series. Already interviewed are several other stellar experts (Ryan Barnett, Dinis Cruz, Brian Chess, Caleb Sima) who are well worth the read.
Stephen asked some highly in-depth, diverse, and very timely questions, which covered a lot of webappsec ground. This was fun because the opportunity to do so in a public forum is so few and far between. Discussed were the recent scanner vendor acquisitions and what they mean to the market, attack trends, the XSS Attacks book, what makes WhiteHat unique, my thoughts on the SDLC and developer education, and he even offered me the chance to provide advice to other engineer turned executives.
Read the Interview