A case study done by MWR on the ASTAM ASD technology. The Challenge In the realm of application security, penetration testing organizations are faced with many serious testing challenges. Organizations developing software are continuously creating larger, more complex software systems, and, as a result, increasingly rely upon penetration testers to devise comprehensive testing strategies and detailed testing scenarios to ensure the security of the web applications they are responsible for testing. Download the full text
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) recently completed the integration of more than 9,700 real-world software test cases from the Static Tools Analysis Modernization Project (STAMP) into the Software Assurance Marketplace (SWAMP).
Secure Decisions releases new technology to help streamline and enhance web application penetration testing
Secure Decisions, has developed a new application security testing technology, the Attack Surface Detector (ASD), that enhances and streamlines software penetration testing. Developed under the DHS S&T Directorate’s multi-year funded ASTAM (Application Security Technologies and Metrics) program.
BSidesLI is an information security conference that’s completely volunteer operated and organized. By bringing a BSides conference here to Long Island, it helps to form a community of like minded people who share similar attributes. It promotes the ability to expand their knowledge or strength by organizing with others of a shared affinity. The event is on Saturday, January 26 at 9:30—4:00pm. (Breakfast and registration starting at 8:30–9:20am.) Schedule for Saturday, January 26 9:45–10:25am – Kickoff Keynote – Dr. Anita D’Amico, Ph.D., Director of Secure Decisions/CEO of Code Dx Human Factors that Influence Secure Software Development 10:30–11:05am – Sam Fahnestock, SD Solutions Continuous Security: Delivering Valuable & Secure Software 2–2:20pm – Matt DeLetto, AVI/Secure Decisions Attack Surface Detector: New OWASP Tool to Aid Application Pen-testing Register to attend the event
Secure Decisions Researcher Chris Horn to participate in DARPA workshop on AI in cyber security teams
Chris Horn was invited to participate in a two-day workshop organized by the DARPA ISAT Study Group. The purpose of the workshop is to explore the requirements for AI systems that act as a functioning member of a cyber security team.
A recent Newsday article by Ken Schachter titled "Progress slow in adding women in the boardrooms" includes Secure Decisions Director, Dr. Anita D'Amico.
Secure Decisions has received an award from the NSF under the SaTC: EDU Program. One of only ten projects funded in 2018 under this highly competitive program from NSF, the CyberMiSTS project aims to provide middle school Career and Technical Education (CTE) teachers with knowledge, skills, and tools they need to develop a cybersecurity curriculum that actively engages their students and exposes them to cybersecurity concepts and careers.
Dr. Anita D’Amico and Chris Horn gave a well-received presentation about the Human factors that influence secure software development. View the Presentation slides ------------------------------- The following Tweets were given during their presentation: 10:37 AM – 12 Oct 2018 Robert A. @robertauger The talk ‘https://appsecus2018.sched.com/event/F04Q…’ at appsec USA is one of the best talks I’ve seen in the last several years. They quantify with several studies, vuln introduction rates and behaviors by dev teams. Lots of good data. Great job @AnitaDamico 10:51 AM – 12 Oct 2018 jamestyack @jamestyack @AnitaDamico talking human factors that influence app security with tons of empirical data. An interesting finding: the more verbose (& low substance) the commit comments, the higher the chance of problems in the code. Beware the “blather factor”. #AppSecUSA18
Dr. Anita D’Amico will speak on a panel about Defense Seed Funding at Columbia University on November 14
Dr. Anita D’Amico will be on a panel about Defense Seed Funding at the Columbia University Startup Lab, 11/14. Dr. D’Amico will share her successes with SBIR awards.
Dr. Anita D'Amico will be speaking on the panel about the subject topic "Are Women in Software Security from Venus or Mars" at 11AM on November 14, 2018.