As organizations continue on their accelerated feature-to-market strategy, they increasingly rely on a streamlined but effective secure development process to enable it.
Led by our foremost Secure SDLC expert, this CoE examines modern software development practices from a people, process and technology ecosystem. Our Secure SDLC expertise includes:
- Conducted Secure SDLC assessments and developed remediation roadmaps for Sony, Citrix, Johnson Controls and many others
- Contributed anonymized customer data, benchmarking analysis, and technical insight to the OWASP OpenSAMM 1.1 project
- Created the Microsoft SDL computer-based training used to train Microsoft development teams
- Co-presented a first of its kind AppSec Maturity Model at RSA conference with IDC
- Well-versed in CMMI, Agile, RUP, and other secure development processes
- Conducted research on the Diffusion of Innovation theory and how it applies to secure development
- Blog: The Great DevOps Debate. Evolution or Revolution?
- Secure SDLC (SSDLC) Consulting
- Webcast: SecureDevOps
- Data Sheet: DevOps Solutions
Get Smarter about Secure DevOps
We can help you build the right processes and skills needed to master secure DevOps:
SDLC Center of Excellence Technical Lead
Senior Security Consultant
Danny is an accomplished cybersecurity specialist, knowledgeable in all phases of software development and deployment. His experience spans the financial, manufacturing, and government sectors where he was responsible for creating security policies, secure coding guidance, and standards. Levering this expertise, he contributed data and insights to OWASP’s SAMM and Top 10 Proactive Controls projects.