Welcome!

Java IoT Authors: Yeshim Deniz, Pat Romanski, Ian Khan, Karyn Jeffery, Anders Wallgren

News Feed Item

Security Innovation CTO Named Microsoft Most Valuable Professional

Security Innovation, an authority in application security assessment and training, announced today that Jason Taylor, Chief Technology Officer, was recognized as Microsoft® Most Valuable Professionals (MVP) in the category of Developer Security. The Microsoft MVP Award is an annual award that recognizes active and credible experts who willingly share their high quality, real world expertise with users and the Microsoft Communities.

Individuals are nominated for the Microsoft MVP Award by their peers or by Microsoft employees, and each nominee's contributions are then compared to the other candidates' contributions for the same year. MVPs reach out and contribute to online and offline communities through a broad range of channels: online forums, wikis, and technical guides; and their own podcasts, Web sites and blogs. Mr. Taylor is a regular external reviewer, contributor and primary author for the Microsoft Patterns & Practices security guidance. He’s been a content contributor to numerous Microsoft online properties for cloud security, software security, and regulatory compliance in the form of articles, videos, whitepapers, eLearning, etc. He has co-authored five Patterns & Practices Guides, and over 100 Patterns & Practices articles.

“The Microsoft MVP Award provides us the unique opportunity to celebrate and honor Jason’s significant contributions and say ‘Thank you for your technical leadership’,” said Mike Hickman, Director of Community Engagement, Microsoft Corporation.

“Security Innovation has been conducting cutting-edge research in the field of application security for more than ten years and is continually developing, refining, and sharing this research with the community at large,” said Ed Adams, CEO, Security Innovation. “Jason is at the core of many of these initiatives; he shares a true passion for secure software development. His willingness and desire to share his expertise with the technical community has undoubtedly helped thousands of individuals to understand how to reduce application security risk.”

Mr. Taylor’s accomplishments while previously serving in various leadership roles at Microsoft are numerous. With Loren Kohnfelder, he co-created STRIDE, an industry recognized vulnerability classification system and DREAD, a technique to qualify risk. He grew the Internet Explorer security test team from a solitary operation to the leading application security test team at Microsoft. Later, he built the Test Model Toolkit, which won a Best Practice Award and led to an in-person briefing with Bill Gates. Jason’s long experience in application security has been incorporated into Security Innovation’s application assessment methodologies and eLearning training platform. Mr. Taylor was the visionary and designer of courses such as “Introduction to Threat Modeling” and “Creating Secure Code for ASP.Net,” which have been taught in many of the world's largest technology organizations.

About Jason Taylor

Mr. Taylor leads the strategic direction for all technology initiatives and manages world-class development teams for the company's product lines. He has spent his career focused on application development and testing with a primary focus on application security. His unrivaled understanding of application behavior provided the impetus for Security Innovation’s industry pioneering fault injection tool, Holodeck Enterprise Edition, and critical enhancements to the company’s internal testing and development tools.

Mr. Taylor has published and co-authored several whitepapers, guides and books including:

  • Team Development with Visual Studio Team Foundation Server with J.D. Meier of Microsoft
  • Improving Web Services Security with Microsoft Patterns & Practices
  • Application Architecture Guide 2.0 with Microsoft Patterns & Practices
  • Security Engineering Explained with Microsoft Patterns & Practices
  • Security Threats: Risks, Protection & Limitations for CIO Update

Security Innovation has established unparalleled expertise across Microsoft platforms and development environments. The two companies maintain a lengthy and successful relationship, collaborating on numerous application security initiatives, code reviews, penetration tests, development and research projects:

  • More than 50 direct engagements with various Microsoft groups that include penetration testing, code reviews, research/competitive analysis, customer-facing guidance creation, custom development and training.
  • Several research projects that received high visibility and acclaim, including direct briefing to Bill Gates
  • A.C.E. certified as a third party penetration test organization
  • VisualStudio Integration Partner
  • Member of the Microsoft Security Development Lifecycle (SDL) Pro Network, and close relationship with Microsoft Security Engineering Group for SDL-related work.
  • Co-authored 5 Patterns & Practices Guides

About Security Innovation

Security Innovation is an established leader in the application security space and offers solutions based on the three pillars of the Software Development Lifecycle (SDLC): standards, education and assessment. On a mission to help eliminate the root cause of most data breaches – insecure software applications – Security Innovation helps organizations build internal expertise, uncover critical vulnerabilities and integrate security into their software development lifecycle.

The company’s flagship products include TeamMentor, “out of the box” secure development standards and TeamProfessor, the industry’s largest library of application security eLearning courses. The TeamProfessor eLearning platform serves as the foundation for security awareness and application vulnerability assessment, remediation and prevention skills development. It offers more than 45 courses and over 100 hours of real-world content, with popular topics including Mobile Security (awareness and secure development for Android, iPhone, and Blackberry), secure coding (.NET, Java, C/C++, C#, PHP, Oracle), PCI-DSS and OWASP.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
24Notion is full-service global creative digital marketing, technology and lifestyle agency that combines strategic ideas with customized tactical execution. With a broad understand of the art of traditional marketing, new media, communications and social influence, 24Notion uniquely understands how to connect your brand strategy with the right consumer. 24Notion ranked #12 on Corporate Social Responsibility - Book of List.
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
Businesses are struggling to manage the information flow and interactions between all of these new devices and things jumping on their network, and the apps and IT systems they control. The data businesses gather is only helpful if they can do something with it. In his session at @ThingsExpo, Chris Witeck, Principal Technology Strategist at Citrix, will discuss how different the impact of IoT will be for large businesses, expanding how IoT will allow large organizations to make their legacy ap...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
What does it look like when you have access to cloud infrastructure and platform under the same roof? Let’s talk about the different layers of Technology as a Service: who cares, what runs where, and how does it all fit together. In his session at 18th Cloud Expo, Phil Jackson, Lead Technology Evangelist at SoftLayer, an IBM company, spoke about the picture being painted by IBM Cloud and how the tools being crafted can help fill the gaps in your IT infrastructure.
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
SYS-CON Events announced today that Sheng Liang to Keynote at SYS-CON's 19th Cloud Expo, which will take place on November 1-3, 2016 at the Santa Clara Convention Center in Santa Clara, California.
In his session at @ThingsExpo, Kausik Sridharabalan, founder and CTO of Pulzze Systems, Inc., will focus on key challenges in building an Internet of Things solution infrastructure. He will shed light on efficient ways of defining interactions within IoT solutions, leading to cost and time reduction. He will also introduce ways to handle data and how one can develop IoT solutions that are lean, flexible and configurable, thus making IoT infrastructure agile and scalable.
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, provided tips on how to be successful in large scale machine learning...
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace.
An IoT product’s log files speak volumes about what’s happening with your products in the field, pinpointing current and potential issues, and enabling you to predict failures and save millions of dollars in inventory. But until recently, no one knew how to listen. In his session at @ThingsExpo, Dan Gettens, Chief Research Officer at OnProcess, will discuss recent research by Massachusetts Institute of Technology and OnProcess Technology, where MIT created a new, breakthrough analytics model f...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, will discuss the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports. The session will include a working demo and a technical d...
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business in 2016. However, IoT is far more complex than most firms expected. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, a renowned visionary and thought leader, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology and business models to adopt and leverage IoT. He will drill down to the components in this fra...
Digital transformation is too big and important for our future success to not understand the rules that apply to it. The first three rules for winning in this age of hyper-digital transformation are: Advantages in speed, analytics and operational tempos must be captured by implementing an optimized information logistics system (OILS) Real-time operational tempos (IT, people and business processes) must be achieved Businesses that can "analyze data and act and with speed" will dominate those t...
If you had a chance to enter on the ground level of the largest e-commerce market in the world – would you? China is the world’s most populated country with the second largest economy and the world’s fastest growing market. It is estimated that by 2018 the Chinese market will be reaching over $30 billion in gaming revenue alone. Admittedly for a foreign company, doing business in China can be challenging. Often changing laws, administrative regulations and the often inscrutable Chinese Interne...
I'm a lonely sensor. I spend all day telling the world how I'm feeling, but none of the other sensors seem to care. I want to be connected. I want to build relationships with other sensors to be more useful for my human. I want my human to understand that when my friends next door are too hot for a while, I'll soon be flaming. And when all my friends go outside without me, I may be left behind. Don't just log my data; use the relationship graph. In his session at @ThingsExpo, Ryan Boyd, Engi...