Brian chess is a founder of fortify software and serves as fortifys chief scientist, where his work focuses on practical methods for creating secure systems. This article is prompted by a visit to edinburgh in the company of brian chess founder and chief scientist at. Brian chess, cto of fortify software creating confusion. A it isa mathematicallya a impossible for fortify 360 to render software invulnerable to attacks from cyber predators. In the eighth episode of the silver bullet podcast, gary talks with brian chess, cofounder and chief scientist of fortify software. Brian chess is founder and chief scientist of fortify software, where his research focuses on practical methods for creating secure systems. From 2003 to 2012 i was chief scientist at fortify software where i worked on solving software security problems.
Fortify offerings included static application security testing and dynamic application security testing products, as well as products and services that support software security assurance. Im currently working on business software in the cloud at netsuite. Overview motivation dynamic taint propagation sources of inaccuracy integrating with qa related work. Today im talking about software security in the big picture. Brian chess svp of infrastructure and security engineering. Secure code warrior establishes technical advisory board. Everyday discount offer buy 2 or more eligible titles and save 35%use code buy2. May 19, 2020 welcome to the software security gurus webcast with matias madou.
Fortifys software security assurance products and services protect companies from the threats posed by security flaws in businesscritical software applications. Brian was the founder and chief technology officer of fortify software for 10 years. See the complete profile on linkedin and discover brians. Brian chess, fortify software brian chess is a founder of fortify software and serves as fortify. Brian chess gvp cloud operations oracle netsuite linkedin. An alternative to risk management for information and.
Secure programming with static analysis by jacob west and. Brian chess is the chief scientist at fortify software, where his research focuses on methods for creating secure systems. The offline and 0nline comments that resulted from that post were mostly in favor of what id written and one of those comments really caught my eye. Brian chess, svp of infrastructure and security engineering, netsuite.
His book, secure programming with static analysis, shows how static source code analysis is an indispensable tool for getting security right. Secure programming with static analysis addisonwesley. Welcome to the software security gurus webcast with matias madou. August 27, 2014 contrast security, a pioneer in application security solutions, today announced the addition of john m. West head of security research group, brian chess former chief scientist, arthur do former chief architect. Dynamic taint propagation finding vulnerabilities without attacking brian chess jacob west. Discussion on secure programming with static analysis brian chess, chief scientist at fortify software and jacob west, manager of fortifys. An interview with brian chess ieee computer society. He currently serves as fortify s chief scientist, where his work focuses on practical methods for creating secure systems. May 10, 2007 a year ago at javaone, fortify software founder and chief scientist brian chess gave a presentation titled 12 java technology security traps and how to avoid them. Secure programming with static analysis by chess, brian.
Fortify s software security assurance products and services protect companies from the threats posed by security flaws in businesscritical software applications. Brian chess, founder of fortify software now hp fortify. Brian chess is a founder of fortify software and serves as fortify s chief scientist, where his work focuses on practical methods for creating secure systems. Brian chess is a founder and chief scientist at fortify software, an hp company. Presentations secure programming with static analysis. Brian chess, cybersecurity expert and former chief scientist at fortify software.
Secure programming with static analysis by brian chess, jacob. Gary mcgraw and brian chess introduce a software security framework ssf to help understand and plan a software security initiative. Combining deep application security expertise with extensive software development experience, fortify software has defined the market with awardwinning products that assure software. From 2003 to 2012 i was chief scientist at fortify software where i worked. See the complete profile on linkedin and discover brian s. The company has also brought on mark hodgson, a veteran of. Brian chess at fortify software caused some controversy when he said pen testing was a dying art. After fortify, he founded ritual software and is now the svp of infrastructure. Website, micro focus security micro focus fortify software security center server. Owasp is an open web security project sponsored by fortify software.
This book gives them the security development knowledge and the tools they need in order to eliminate vulnerabilities before they move into the final products that can be exploited. This sort of marketing fluff falls under the same class of confusing noise as brian chesss claim that penetration testing will be dead by 2009, total fiction. An alternative to risk management for information and software security february 2009 podcast brian chess fortify software, julia h. The offline and 0nline comments that resulted from that post were mostly in favor of what id written and one of. The building security in maturity model bsimm usenix. Recently i published a post about fortify softwares brian chess because of some outlandish claims that he made in an article about penetration testing being dead by 2009. Technology, like brian chesss technology is a solution to a problem, which by definition means that the problem came first and the technology was always a few steps behind. As a discipline, software security has made great progress over the last decade. Fortify was aquired by hewlett packard in september 2010. Source code analysis is also a critical part of our ca2 process. His book, secure programming with static analysis, shows how static source code analysis is an indispensable tool for getting security.
Since 2017, fortify s products have been owned by micro focus. Schmidt, former white house cyber security advisor brian chess is founder and chief scientist of fortify software, where his research focuses on. Secure programming with static analysis by chess, brian ebook. He currently serves as fortifys chief scientist, where his work focuses on practical methods for creating secure systems. Brian chess is a founder of fortify software and serves as fortify. Why pen testing is central to states app security cio. They discuss their mutual choices to forgo academia, and plunge into their own software projects. Brian is a frequent speaker at industry conferences such as csi and rsa. After fortify, he founded ritual software and is now the svp of infrastructure and security engineering at netsuite where he implements a wide range of security products. Allen in this podcast, brian chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.
A with respect to it security, hackers are always creating new methods for penetrating into networks the problem. We were acquired by hp at the end of last year, and were excited to join the hp family. We introduce a dynamic technique for defending web appli. This article is prompted by a visit to edinburgh in the company of brian chess founder and chief scientist at fortify to open a new owasp chapter. Secure programming with static analysis by brian chess. Jul 12, 2007 brian chess is the chief scientist at fortify software, where his research focuses on methods for creating secure systems. Feb 21, 2011 brian chess is a founder and chief scientist at fortify software, an hp company. View brian chess profile on linkedin, the worlds largest professional community. Schmidt, former white house cyber security advisor brian chess is founder and chief scientist of fortify software, where his research focuses. Followup to my last brian chess fortify software post. Fortify software and whitehat veteran application security. Jack, former ceo of fortify software now hp and brian chess, founder and cto of fortify and currently svp of infrastructure and security at a publicly traded company, as company advisors.
585 549 1560 58 872 182 1652 367 1195 849 982 700 499 977 814 475 670 532 1035 342 661 643 1580 1412 1142 1504 512 1444 1644 392 826 482 271 368 1314 1375 1147 478 1018