At RSA 2019, SANS Security Insights talked with Dr. Anita D’Amico, Director of Secure Decisions, about DHS-funded startups.
“DHS S&T wants people to adopt good cybersecurity practices, so they’re trying to get innovative cybersecurity technologies into operations as quickly as possible,” says D’Amico, who has commercialized DHS application security R&D through Code Dx.
In April of 2018, D’Amico, through the R&D group Secure Decisions, where she is the director, released a new product, Attack Surface Detector (ASD). The free tool has had nearly 30,000 downloads.
Matt DeLetto, the lead developer of ASD for Secure Decisions says:
“ASD appealed to the DHS because it fills in flaws with conventional brute force and black box application testing... That includes unconnected endpoints and optional parameters left behind by coders and administrators [such as a debug parameter] that can be exploited if left in the code.”