OWASP Cornucopia Online And Mobile
Our online threat modelling system, Copi, is now an open source OWASP project and the Cornucopia team have released a new deck for mobile apps!
Toby Irvine
Product Security Expert
Security and compliance doesn't have to be a complicated drag on delivery. We change the game with world-leading security improvement programmes for your software engineers, product managers and leadership – delivered by experts in software security and delivery.
Some of the wonderful people and teams we've worked with
Working with us is the best way to build your organisation's secure software delivery capability and we have a flexible approach that ensures you get the outcomes you need to achieve.
Meet and exceed your compliance requirements by establishing product security understanding across your delivery teams
Introduce continuous security capabilities and roll out a secure delivery model that's tailored for your organisational needs
Measure the outcome that shows you're working effectively – secure software products that your customers will value
Secure Delivery Academy
All clients have access to the Secure Delivery Academy, our all-in-one platform for training and assessment delivery. Everything needed to start building scalable and effective security capabilities into your organisation.
We'd love to hear from you and talk about the challenges you face with security at your organisation. We're the people you've been looking for.
Insights from our practitioners across the field of software security.
See more
Our online threat modelling system, Copi, is now an open source OWASP project and the Cornucopia team have released a new deck for mobile apps!
Toby Irvine
Product Security Expert
Our expert in medical device security and DFIR, Vee Schmitt, takes a critical look at the recently-released guidance on medical device security from the FDA.
Vee Schmitt
DFIR & Devices Expert
Benjamin Franklin said that three people can keep a secret only if two of them are dead. If you want to keep your teammates around, let's look at safely handling secrets.
Toby Irvine
Product Security Expert
The IT industry takes simple practices and turns them into monstrous delivery methods with little of the original left. We'll wind back to see what's really going on.
Toby Irvine
Product Security Expert
Analogies are terrible, but the factory one has shown some use in software engineering. Let's gird our analogous loins and take a look at how we secure this digital factory.
Toby Irvine
Product Security Expert
So you wanna hack an API? Let's analyse an API using the OWASP API Security Top 10 to guide our effort and hack it, together. Maybe we'll capture some flags while we're at it?
Grant Ongers
CISO & Community Leader
We'd love to hear from you. Let's start your journey to world-class secure software product delivery today!