Moving from academic research to industry is non-trivial
I was recently interviewed for the Silver Bullet podcast, hosted by Gary McGraw where I discussed the advantages of industry over academic research, why it was non-trivial to start a business in Europe and where the Application Security industry is moving towards in the future.
While it was never my intention to start a business, I did because I saw too many companies struggling with the same problem; writing secure code is a challenge for most developers. We have an entire industry focused on finding security problems in code, and these problems are just piling up.
There are very few solutions that are actually focused on efficiently helping organizations and their development team that struggle with fixing the problems found, and even less on trying to prevent more problems being introduced in code. More and more, organizations are becoming aware of this vicious cycle and are realizing that their development team need to be trained on writing secure code from the beginning and they need to be equipped with the tools and processes to enable them.
If you want to know more about how Gary McGraw and myself see the industry moving forward, check out the the Silver Bullet podcast!
Show 139: Matias Madou discusses secure development training and software security testing research
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
Show 139: Matias Madou discusses secure development training and software security testing research
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demoMatias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as Fortify Software and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon.
Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.
I was recently interviewed for the Silver Bullet podcast, hosted by Gary McGraw where I discussed the advantages of industry over academic research, why it was non-trivial to start a business in Europe and where the Application Security industry is moving towards in the future.
While it was never my intention to start a business, I did because I saw too many companies struggling with the same problem; writing secure code is a challenge for most developers. We have an entire industry focused on finding security problems in code, and these problems are just piling up.
There are very few solutions that are actually focused on efficiently helping organizations and their development team that struggle with fixing the problems found, and even less on trying to prevent more problems being introduced in code. More and more, organizations are becoming aware of this vicious cycle and are realizing that their development team need to be trained on writing secure code from the beginning and they need to be equipped with the tools and processes to enable them.
If you want to know more about how Gary McGraw and myself see the industry moving forward, check out the the Silver Bullet podcast!
Show 139: Matias Madou discusses secure development training and software security testing research
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
I was recently interviewed for the Silver Bullet podcast, hosted by Gary McGraw where I discussed the advantages of industry over academic research, why it was non-trivial to start a business in Europe and where the Application Security industry is moving towards in the future.
While it was never my intention to start a business, I did because I saw too many companies struggling with the same problem; writing secure code is a challenge for most developers. We have an entire industry focused on finding security problems in code, and these problems are just piling up.
There are very few solutions that are actually focused on efficiently helping organizations and their development team that struggle with fixing the problems found, and even less on trying to prevent more problems being introduced in code. More and more, organizations are becoming aware of this vicious cycle and are realizing that their development team need to be trained on writing secure code from the beginning and they need to be equipped with the tools and processes to enable them.
If you want to know more about how Gary McGraw and myself see the industry moving forward, check out the the Silver Bullet podcast!
Show 139: Matias Madou discusses secure development training and software security testing research
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Click on the link below and download the PDF of this one pager.
DownloadSecure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
View reportBook a demoMatias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as Fortify Software and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon.
Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.
I was recently interviewed for the Silver Bullet podcast, hosted by Gary McGraw where I discussed the advantages of industry over academic research, why it was non-trivial to start a business in Europe and where the Application Security industry is moving towards in the future.
While it was never my intention to start a business, I did because I saw too many companies struggling with the same problem; writing secure code is a challenge for most developers. We have an entire industry focused on finding security problems in code, and these problems are just piling up.
There are very few solutions that are actually focused on efficiently helping organizations and their development team that struggle with fixing the problems found, and even less on trying to prevent more problems being introduced in code. More and more, organizations are becoming aware of this vicious cycle and are realizing that their development team need to be trained on writing secure code from the beginning and they need to be equipped with the tools and processes to enable them.
If you want to know more about how Gary McGraw and myself see the industry moving forward, check out the the Silver Bullet podcast!
Show 139: Matias Madou discusses secure development training and software security testing research
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
Table of contents
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Secure Code Warrior is here for your organization to help you secure code across the entire software development lifecycle and create a culture in which cybersecurity is top of mind. Whether you’re an AppSec Manager, Developer, CISO, or anyone involved in security, we can help your organization reduce risks associated with insecure code.
Book a demoDownloadResources to get you started
DigitalOcean Decreases Security Debt with Secure Code Warrior
DigitalOcean's use of Secure Code Warrior training has significantly reduced security debt, allowing teams to focus more on innovation and productivity. The improved security has strengthened their product quality and competitive edge. Looking ahead, the SCW Trust Score will help them further enhance security practices and continue driving innovation.
Resources to get you started
Coders Conquer Security: Share & Learn - Cross-Site Scripting (XSS)
Cross-site scripting (XSS) uses the trust of browsers and ignorance of users to steal data, take over accounts, and deface websites; it's a vulnerability that can get very ugly, very quickly. Let's take a look at how XSS works, what damage can be done, and how to prevent it.
Coders Conquer Security: Share & Learn - Cross-Site Scripting (XSS)
Cross-site scripting (XSS) uses the trust of browsers and ignorance of users to steal data, take over accounts, and deface websites; it's a vulnerability that can get very ugly, very quickly. Let's take a look at how XSS works, what damage can be done, and how to prevent it.