VerSprite's Tony Uceda Velez quoted regarding iPhone unlocking case for the San Bernardino Shooting investigation. See the complete article belowSomeone Seriously Dropped the Ball During the San Bernardino Shooting Investigation
VerSprite's Tony Uceda Velez quoted in Atlanta area news investigation regarding social media scamming reported by Emory students. See the article below.Emory students say they were targeted by scam calls
Security researchers at VerSprite have tested and discovered a few vulnerabilities in Western Digital's My Cloud NAS (Network Attached Storage) hard drive, marketed by the company as your own personal cloud server.
See the article below.Western Digital My Cloud Devices Can Be Hacked by Local or Remote Attackers
VerSprite's Tony Uceda Velez quoted in Atlanta area news investigation regarding billboard hacking. See the article below.FBI investigating after pornographic image appears on billboard
VerSprite research led by Benjamin Watson on 10 alternative Android browsers has found at least one major security vulnerability in all of them, posing a significant security risk for enterprise Android users.
See the complete articleFlaws in alternative Android browsers pose underestimated risk
Developers increasingly rely on a variety of open source components, but a VerSprite researcher warns that security issues accompany many popular frameworks. See the complete article below.Programmers unknowingly inherit development framework security issues
This webcast overviews our Hybrid Risk Assessment Methodology (HRAM). We discuss how HRAM is more effective and efficient than other current assessments, the cost-savings, HRAM's benefits in today's changing threat landscape, and how HRAM produces a more unified picture of your organization's risks, making them easier to address and over come.Listen to Webcast
In this feature, VerSprite discusses using a threat model to integrate compliance regulations into daily business activities, ensuring that requirements are met in a functional way that benefits the business' overall security.Reframing Compliance with a Threat Model
VerSprite outlines how to reduce compliance risk by using automation tools to help increase compliance assessments' reliability and value.How to Use Compliance Automation to Reduce Compliance Risk
As big data becomes more popular, companies must know how to react. VerSprite outline the benefits of using big data, some privacy concerns associated with big data, and best practices to ensure big data is not used inappropriately.Managing Big Data Privacy Concerns: Tactics for Proactive Enterprises
Tony Uceda Velez discusses the importance of translating IT security risk into business risk, and how to do so in a way that emphasizes the potential cost to the business.Closing the gap between IT security risk management and business risk
VerSprite briefly introduces web application threat modeling in this video, giving a summary of how threat modeling works and the business benefits to having a working threat model.
While FedRAMP helps organizations understand what to secure within the cloud, it does not completely take care of security. VerSprite discusses the pros and cons on FedRAMP in this video.
This 2011 BSides presentation introduces the P.A.S.T.A Threat Modeling methodology that is a risk or asset centric way to perform threat modeling on application environments. The purpose of the web cast is to introduce what steps, resources, and testing support this new methodology aimed at delivering a collaborative approach that leverages elements of risk assessments, business impact assessments, pen tests, vulnerability scans, social engineering, incident management and more.
This talk is about reviewing the vulnerabilities discovered for Java Web Application Frameworks, the impact they present, and why stack traces should never be considered a low risk. It will serve as an introduction to the vulnerability classes, how to identify and test for them in web application security assessments and penetration tests.