I'm proud to welcome Luke Welling to OmniTI. Luke is a prominent member of the open source community, probably best known as the co-author (along with Laura) of one of the best selling open source books of all time, PHP and MySQL Web Development. Those who know him are more familiar with his keen sense of humor and undying urge to bait people for his own amusement.
He is working with me as part of our growing web application security practice, focusing on three key areas:
- Security Training Program
- Help clients avoid security problems. (Teach a man to fish.)
- White Box (Inside) Security Assessments
- Help clients identify security problems by thoroughly reviewing the source code.
- Black Box (Outside) Security Assessments
- Help clients identify security problems by actively testing the live application.
As George mentioned last year:
Web security is a relatively misunderstood field; many folks are looking for the silver bullet or one-shot fix that simply doesn't exist.
Our multi-faceted approach has been working very well, but like many others, we are continuously improving our techniques, tools, and expertise. No one can be sure to find every security problem in a web application, but with Luke's help, I think we can get closer than most.
We have some related projects in development that involve fun stuff like Sara's experimental extension, parsekit. I'll probably be blogging more about parsekit in the coming weeks.