Welcome!

Java IoT Authors: Carmen Gonzalez, JP Morgenthal, Elizabeth White, Liz McMillan, Pat Romanski

News Feed Item

Security Innovation CTO Named Microsoft Most Valuable Professional

Security Innovation, an authority in application security assessment and training, announced today that Jason Taylor, Chief Technology Officer, was recognized as Microsoft® Most Valuable Professionals (MVP) in the category of Developer Security. The Microsoft MVP Award is an annual award that recognizes active and credible experts who willingly share their high quality, real world expertise with users and the Microsoft Communities.

Individuals are nominated for the Microsoft MVP Award by their peers or by Microsoft employees, and each nominee's contributions are then compared to the other candidates' contributions for the same year. MVPs reach out and contribute to online and offline communities through a broad range of channels: online forums, wikis, and technical guides; and their own podcasts, Web sites and blogs. Mr. Taylor is a regular external reviewer, contributor and primary author for the Microsoft Patterns & Practices security guidance. He’s been a content contributor to numerous Microsoft online properties for cloud security, software security, and regulatory compliance in the form of articles, videos, whitepapers, eLearning, etc. He has co-authored five Patterns & Practices Guides, and over 100 Patterns & Practices articles.

“The Microsoft MVP Award provides us the unique opportunity to celebrate and honor Jason’s significant contributions and say ‘Thank you for your technical leadership’,” said Mike Hickman, Director of Community Engagement, Microsoft Corporation.

“Security Innovation has been conducting cutting-edge research in the field of application security for more than ten years and is continually developing, refining, and sharing this research with the community at large,” said Ed Adams, CEO, Security Innovation. “Jason is at the core of many of these initiatives; he shares a true passion for secure software development. His willingness and desire to share his expertise with the technical community has undoubtedly helped thousands of individuals to understand how to reduce application security risk.”

Mr. Taylor’s accomplishments while previously serving in various leadership roles at Microsoft are numerous. With Loren Kohnfelder, he co-created STRIDE, an industry recognized vulnerability classification system and DREAD, a technique to qualify risk. He grew the Internet Explorer security test team from a solitary operation to the leading application security test team at Microsoft. Later, he built the Test Model Toolkit, which won a Best Practice Award and led to an in-person briefing with Bill Gates. Jason’s long experience in application security has been incorporated into Security Innovation’s application assessment methodologies and eLearning training platform. Mr. Taylor was the visionary and designer of courses such as “Introduction to Threat Modeling” and “Creating Secure Code for ASP.Net,” which have been taught in many of the world's largest technology organizations.

About Jason Taylor

Mr. Taylor leads the strategic direction for all technology initiatives and manages world-class development teams for the company's product lines. He has spent his career focused on application development and testing with a primary focus on application security. His unrivaled understanding of application behavior provided the impetus for Security Innovation’s industry pioneering fault injection tool, Holodeck Enterprise Edition, and critical enhancements to the company’s internal testing and development tools.

Mr. Taylor has published and co-authored several whitepapers, guides and books including:

  • Team Development with Visual Studio Team Foundation Server with J.D. Meier of Microsoft
  • Improving Web Services Security with Microsoft Patterns & Practices
  • Application Architecture Guide 2.0 with Microsoft Patterns & Practices
  • Security Engineering Explained with Microsoft Patterns & Practices
  • Security Threats: Risks, Protection & Limitations for CIO Update

Security Innovation has established unparalleled expertise across Microsoft platforms and development environments. The two companies maintain a lengthy and successful relationship, collaborating on numerous application security initiatives, code reviews, penetration tests, development and research projects:

  • More than 50 direct engagements with various Microsoft groups that include penetration testing, code reviews, research/competitive analysis, customer-facing guidance creation, custom development and training.
  • Several research projects that received high visibility and acclaim, including direct briefing to Bill Gates
  • A.C.E. certified as a third party penetration test organization
  • VisualStudio Integration Partner
  • Member of the Microsoft Security Development Lifecycle (SDL) Pro Network, and close relationship with Microsoft Security Engineering Group for SDL-related work.
  • Co-authored 5 Patterns & Practices Guides

About Security Innovation

Security Innovation is an established leader in the application security space and offers solutions based on the three pillars of the Software Development Lifecycle (SDLC): standards, education and assessment. On a mission to help eliminate the root cause of most data breaches – insecure software applications – Security Innovation helps organizations build internal expertise, uncover critical vulnerabilities and integrate security into their software development lifecycle.

The company’s flagship products include TeamMentor, “out of the box” secure development standards and TeamProfessor, the industry’s largest library of application security eLearning courses. The TeamProfessor eLearning platform serves as the foundation for security awareness and application vulnerability assessment, remediation and prevention skills development. It offers more than 45 courses and over 100 hours of real-world content, with popular topics including Mobile Security (awareness and secure development for Android, iPhone, and Blackberry), secure coding (.NET, Java, C/C++, C#, PHP, Oracle), PCI-DSS and OWASP.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Unsecured IoT devices were used to launch crippling DDOS attacks in October 2016, targeting services such as Twitter, Spotify, and GitHub. Subsequent testimony to Congress about potential attacks on office buildings, schools, and hospitals raised the possibility for the IoT to harm and even kill people. What should be done? Does the government need to intervene? This panel at @ThingExpo New York brings together leading IoT and security experts to discuss this very serious topic.
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"At ROHA we develop an app called Catcha. It was developed after we spent a year meeting with, talking to, interacting with senior citizens watching them use their smartphones and talking to them about how they use their smartphones so we could get to know their smartphone behavior," explained Dave Woods, Chief Innovation Officer at ROHA, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Dave McCarthy, Director of Products at Bsquare Corporation; Alan Williamson, Principal...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
An IoT product’s log files speak volumes about what’s happening with your products in the field, pinpointing current and potential issues, and enabling you to predict failures and save millions of dollars in inventory. But until recently, no one knew how to listen. In his session at @ThingsExpo, Dan Gettens, Chief Research Officer at OnProcess, discussed recent research by Massachusetts Institute of Technology and OnProcess Technology, where MIT created a new, breakthrough analytics model for ...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.