InfoWorld Home / Security Central / Steve Orrin believes in location, location,...

January 23, 2004

Steve Orrin believes in location, location, location

Sanctum CTO stridently advocates embedded security

Follow @infoworld

Print |

When it comes to enterprise security, Steve Orrin believes in building it in rather than tacking it on. And the CTO of Sanctum spends much of his time evangelizing the importance of embedding security in applications by participating in two OASIS working groups established in 2003. The WAS-XML working group focuses on Web application security; he’s also working on formulating the Application Vulnerability Description Language.

Within Sanctum, early in 2003, Orrin led the development of AppScan DE, an automated testing tool that helps developers create secure Web applications using either Microsoft .Net or Java code. Orrin has also lead Sanctum's development of software that searches the Web for purloined documents, something companies use to prove that data has been stolen.

Tags: Security

Print |

Sign up for InfoWorld's Today's Headlines: First Look Newsletter.

Video

Bringing the Cloud to the Data Center

Discover a new breed of data protection that meets the needs of small and midsize businesses because it is simple to deploy, safe and cost effective.

View now »

White Paper - Converged Communications: People and Applications in Synch

Webcast

Straight Talk on Cloud Storage for SMBs

Combine the ease of an appliance with the agility of the cloud. Learn how to share data across your enterprise while simultaneously delivering performance and security for that access.

View now »

White Paper

The iEverything Enterprise: Understanding and Addressing IT's Dilemma in a World Dominated by Wireless Smart Devices

Reduce the cost and complexity of wireless networks with cloud-enabled, distributed Wi-Fi and routing. By removing the architectural limitations of traditional WLANs, you can support identity-based access and enable delivery of mission-critical applications and services to any user, on any device, at any time without a single point of failure.

View now »

View the discussion thread.

See all White Papers / Webcasts Recommended Resources

See All Jobs » Post a job for $295 »

Jobs powered by SimplyHired

White Paper

Sophos Security Threat Report 2011

Last year's cyberattacks, like Aurora and Stuxnet, demonstrates that malware lurks everywhere and tricks even the most scrupulous user. Our threat experts see 30,000 new malicious URLs each day—70% of which are legitimate websites that were hacked. Let our new 2011 Security Threat Report be your weapon in the battle against malware. It describes the significant threats of 2010, what to watch for in 2011, and more importantly, what you need to do to get ahead of them.

Download now! »

White paper

Eight threats your anti-virus won't stop: Why you need endpoint security

News headlines are a constant reminder that malware attacks and data leakage are on the rise. High-profile incidents that make big news might seem out of the ordinary. Yet businesses of every size face similar risks in the everyday acts of using digital technology and the internet for legitimate purposes. This paper outlines eight common threats that traditional anti-virus alone won't stop, and explains how to protect your organization using endpoint security.

Download now! »

White Paper

Malicious JavaScript Attacks: What Can You Do?

As an IT manager, you need to be able to effectively secure all of the websites you manage to avoid attack and the subsequent infection of site visitors. You also need to protect the users within your organization from becoming victims of malware. Organizations can use specific technologies and layered protection strategies to safeguard websites and shield employees. We'll review what to watch for, as well as the security strategies that will help keep you safe.

Download now! »