Badges
75 Points
8 Years
User Activity
Almost 7 years ago
Answered a question: What Application Security Solution Do You Use That Is DevOps Friendly?
You can also add a vulnerability scan to your CI/CD pipeline with Qualys, either on-site or in the cloud. It's a non-trivial task to filter out the false-positives, but once you're able to account for all the output in your baseline, you can quickly focus in on deltas from…
Over 7 years ago
Contributed a review of Qualys Web Application Scanning: We’re a Linux shop and Qualys gave us good Linux vulnerability scanning; no experience with it on MSFT products.
Projects
Almost 9 years ago
FISMA Moderate system for NIH, architecture to ATOFISMA Moderate system for NIH, architecture to ATO in 6 months
Reviews
Over 7 years ago
Qualys Web Application Scanning
Answers
Almost 7 years ago
Static Application Security Testing (SAST)
About me
I've spent years successfully designing, building and qualifying new products for enterprise data centers and carrier-class networks, digital video systems, server platforms and desktop applications, often while creating or rebuilding the engineering teams, dev environments and quality processes.
I've led teams of up to 150 development engineers scattered around the globe, taken products from marketing concepts to international deployments, while always making some time to write code on every project.
Markets: carrier and enterprise networks; consumer digital video; network mgmt apps; operating systems and embedded platforms; open-source contributions; cloud development and deployment; enterprise and system security.
Platforms: Dozens of Unix/Linux and RTOS products on Intel, PPC, MIPS and ARM architectures.
Languages: Excellent C/C++; at least one product in Perl, Python, Java, Lisp, Pascal, Basic, PCL, assembler, PHP, Objective-C.
Excellent verbal and written communication skills; experience building and managing out-sourced development teams.
Interesting Projects and Accomplishments
Almost 9 years ago