Jeremiah Grossman

Venture capitalist (Grossman Ventures https://grossman.vc), Internet protector and industry creator. Founded WhiteHat Security & Bit Discovery. BJJ Black Belt.

Friday, April 16, 2010

Best of Application Security (Friday, Apr. 16)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.
  • Apache Foundation Hit by Targeted XSS Attack + Internal investigation + Associated Atlassian breach
  • CSRF Isn’t A Big Deal - Duh!
  • Network Solutions Hack: Secure File Permissions Matter + Sucuri Analysis
  • OWASP RFP Criteria Project
  • IE 8 Security Features Could Be Turned Against Users + Slides & PoC
  • Next-Generation Clickjacking Attacks Revealed + Tool
  • Brokerage Firm Fined $375,000 for Unsecured Data
  • Researcher Uncovers (Another) Major Facebook Security Exploit
  • New Full Disclosure, Website Vulnerabilities Database
  • Chrome Phishing
  • 5 Reasons HTTPOnly won't save you
Posted by Jeremiah Grossman at 3:00 PM No comments:

Friday, April 09, 2010

Best of Application Security (Friday, Apr. 9)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.=
  • Microsoft SDL version 5
  • Force.com Secure Cloud Development
  • Stroke triggered XSS and StrokeJacking
  • German Government Pays Hacker For Stolen Bank Account Data
  • CAPEC-333: WASC Threat Classification 2.0
  • WAF Confusion Continues
  • Serious New Java Flaw Affects All Current Versions of Windows + Advisory
  • Safari Integer Overflow Aids Inter Protocol Exploitation
  • OWASP AIR + Flash Security Projects
  • Prion 1.1 - Polymorphic XSS Worm
Posted by Jeremiah Grossman at 2:00 PM No comments:

Friday, April 02, 2010

Best of Application Security (Friday, Apr. 2)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.
  • Mozilla: Plugging the CSS History Leak
  • $43m slot machine win a 'mistake' says Colorado casino
  • OWASP Podcast: Ed Bellis (eCommerce) #63 and Andy Ellis (Availability) #64
  • Web application scanning with skipfish
  • Should the Government Stop Outsourcing Code Development?
  • Journalists in China say Yahoo accounts hacked
  • WASC Web Hacking Incident Database Project Update
  • I’m in ur 4sq, snarfin ur password — Part II
  • How Facebook is Adding an Identity Layer to the Internet
  • Firefox 3.6 FileAPI Exif Injection
Posted by Jeremiah Grossman at 1:00 PM No comments:
Newer Posts Older Posts Home
Subscribe to: Comments (Atom)

BIO

Jeremiah Grossman brings 20+ years of experience in Computer Security and has become one of the most recognizable and world-renowned cybersecurity experts in the industry, coining several of the original hacking terms commonly used around the world today. Early in his career, Jeremiah was known as “The Hacker Yahoo” which led to his role as the company’s Information Security Officer. Jeremiah founded WhiteHat Security (now Synopsis), and served as Chief of Security Strategy for SentinelOne which was the highest-valued cybersecurity IPO in history. Most recently, Jeremiah was the founder & CEO of Bit Discovery, which was acquired by Tenable in 2022. He also serves as a company advisor and board member to several tech startups. In his spare time, Jeremiah does Brazilian Jiu-Jitsu and is passionate about classic cars. He recently opened Toybox, a luxury car club in Boise, Idaho.

Links

  • Jeremiah Grossman
  • Twitter
  • Facebook
  • LinkedIn
  • Grossman Ventures

Subscribe

Posts
Atom
Posts
All Comments
Atom
All Comments
Picture Window theme. Powered by Blogger.