For all press inquiries, please contact Paul Jauregui (512) 410-0350 x209.
When you're constantly advancing your industry and helping secure today's leading organizations, people notice. Explore our newsroom to learn more about what's happening at Praetorian.
Monday, April 27, 2015, 4:24 PM | Praetorian coverage on The Register
A new study has found that password structure is a key flaw in making login IDs hard to guess.
Security firm Praetorian analyzed 34 million stolen passwords from the LinkedIn, eHarmony and Rockyou breaches and found that 50 per cent of all passwords followed 13 basic structures. This lack of entropy makes it possible to use statistical analysis to make cracking faster and more effective.
A key part of the problem is with the websites themselves, as they don’t go far enough in prompting user security. Just requiring one upper case letter or number is not good enough when too many users go for the same password structure, as Praetorian explains.
Tuesday, April 14, 2015, 12:56 PM | Praetorian coverage on CNBC
Cybercriminals can still exploit the vulnerability to gain usernames and passwords as well as sensitive business and financial data. "Heartbleed is still prevalent," said Josh Abraham, vice president of services at Austin Texas- headquartered Praetorian, a cybersecurity company that helps organizations minimize risk. Heartbleed affects OpenSSL, a software which allows websites to communicate information securely over the Internet.read more »
Monday, February 09, 2015, 3:19 PM | Praetorian coverage on MarketWatch
Samsung Electronics says its SmartTV is programmed to pick up surrounding voices as it scans airwaves for commands. Data is collected and transmitted to a third-party vendor that converts speech to text.
A recent study points to a “clear connection” between consumer perception regarding the safety of their data and the commercial success of products, said Paul Jauregui, VP of cyber-security and risk consulting company Praetorian. In the study, 80% of consumers said they’re more likely to purchase from companies they believe do a better job of protecting their information.
“It’s getting to a point where it’s going to influence buying decisions,” he said.
Thursday, August 21, 2014, 10:19 AM | Praetorian coverage on CNN Money
Econolite's traffic lights are used in 100,000 U.S. and Canadian intersections, although it's unclear if all of those systems are susceptible to hacking.
The problem extends beyond just Econolite -- the U.S. traffic light communications standard, called "NTCIP 1202," is present in all modern signal systems. They can all be hacked if cities don't change their default settings.
Researchers said that the lights can be made much more difficult to hack with little effort: Guard the network. Cities that install the traffic control systems can enable encryption and set passwords for their networks -- both options are available on the Econolite systems. It's as simple as clicking on a box on the device's screen.
But that isn't likely to happen anytime soon. Local governments are cash-strapped and aren't easily convinced they must manually update every signal controller, said Adam Pridgen, a security consultant at Praetorian.
Wednesday, August 20, 2014, 3:47 PM | Praetorian Newsroom
Praetorian, an information security provider dedicated to helping organizations achieve risk-management success, has been honored by Inc. Magazine's 33rd annual Inc. 500 | 5000, an exclusive ranking of the nation's fastest-growing private companies. The list represents the most comprehensive look at the most important segment of the economy—America’s independent entrepreneurs. Companies such as Yelp, Pandora, Timberland, Dell, Domino’s Pizza, LinkedIn, Zillow, and many other well-known names gained early exposure as members of the Inc. 500|5000.read more »
Friday, April 25, 2014, 8:59 AM | Praetorian Newsroom
Recognized as one of the “20 Most Promising Enterprise Security Consulting Companies,” Praetorian rises above the rest in an evolving security market.
AUSTIN, Texas – April 25, 2014 – Praetorian, a leading information security provider, was named one of this year’s “20 Most Promising Enterprise Security Consulting Companies” by CIO Review Magazine. A distinguished panel comprising CIOs and CEOs of public companies, industry analysts and the CIO Review editorial board finalized the selection earlier this year. The annual listing represents not only the leading high-value enterprise security consulting companies in the U.S. but also recognizes companies impacting the information technology marketplace.
Wednesday, April 09, 2014, 2:02 PM | Praetorian coverage on NBC News
"You can run to update your password everywhere, but it won't do any good on the sites that haven't pushed out a fix yet," Josh Abraham, director of professional services for security firm Praetorian, told NBCNews.
Companies including Google, Amazon, Yahoo, Tumblr and Facebook said they have investigated the issue and are working to update their sites. But the fix could be slower for small businesses who use OpenSSL -- and entering a new password into a potentially compromised site could do more harm than help.
Sunday, February 23, 2014, 2:23 PM | Praetorian coverage on CNN Money
Without the patch, a hacker could be what experts call a man-in-the-middle -- it's like a game of Telephone you don't even know you're playing.
"Alice wants to communicate securely with Bob," explained Nathan Sportsman, a mobile security expert and CEO of Praetorian. But Eve, a hacker, uses this vulnerability to put herself between the two. "Now Alice is talking to Eve and Eve is talking to Bob," he explained. Alice and Bob think they're talking to each other privately.
This lets hackers view the communications, such as bank deposits or Facebook (FB, Fortune 500) posts. If they intercept a username and password, the hacker could return to your account later and cause more damage, Sportsman said.
Friday, February 21, 2014, 2:43 PM | Praetorian coverage on Ars Technica
WhatsApp, the mobile messaging app developer that Facebook is acquiring for $19 billion, may be an attractive addition to the social network, thanks to WhatsApp's 450 million active users and en vogue status. It may also be attractive to government spies and criminal hackers, thanks to several weaknesses in the encryption WhatsApp uses to protect messages from eavesdropping, researchers say.
Among the most serious problems with WhatsApp's implementation of secure sockets layer (SSL) encryption is its support of version 2 of the protocol, according to a blog post published Thursday by a researcher from security consultancy Praetorian. That version is susceptible to several well-known attacks that allow people monitoring a connection between the two end points to decipher and in some cases manipulate the traffic as it passes through.
Friday, February 21, 2014, 2:40 PM | Praetorian coverage on ThreatPost
Security researchers at Praetorian, who have been running a project known as Project Neptune to assess the security of mobile apps, did a limited assessment of the iOS and Android versions of WhatsApp and discovered a number of issues around the way the app uses SSL.
“Within minutes, Project Neptune picked up on several SSL-related security issues affecting the confidentiality of WhatsApp user data that passes in transit to back-end servers. This is the kind of stuff the NSA would love. It basically allows them—or an attacker—to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic. These security issues put WhatsApp user information and communications at risk,” Paul Jauregui of Praetorian wrote in an explanation of their test.
Friday, February 21, 2014, 10:29 AM | Praetorian coverage on Forbes
On Thursday, researcher Paul Jauregui of the security firm Praetorian outlined a series of oversights in how WhatsApp ensures the encryption of its users’ communications, the latest in a series of concerns raised over the degree to which the company protects its 450 million users’ privacy from hackers, spies and now its new owners at Facebook.
Wednesday, February 12, 2014, 2:19 PM | Praetorian coverage on NBC News
"When you're asking companies to spend money to keep their lights on, or spend it on cybersecurity, you can guess what wins every time," said Nathan Sportsman, CEO of security firm Praetorian. "Without offering a tax break for compliance, or [levying] a fine to those who don't follow it, you're not going to change behavior."read more »
Thursday, December 12, 2013, 2:24 PM | Praetorian coverage on Dark Reading
Security experts this month tested 275 Apple iOS- and Android-based mobile banking apps from 50 major financial institutions, 50 large regional banks, and 50 large U.S. credit unions. Overall, they found that eight out of 10 apps were improperly configured and not built using best practices software development. Among the big-name banks whose mobile apps were tested by security firm Praetorian include Bank of America, Citigroup, Wells Fargo, Goldman Sachs, Morgan Stanley, Capital One Financial, and Suntrust Banks. Praetorian did not disclose how each bank's apps fared in the tests.
Nathan Sportsman, founder and CEO of Praetorian, says the security weaknesses in the mobile banking apps he and his team tested are not pure software vulnerabilities, so they are relatively low-risk issues that could ultimately lead to exploitation.
Thursday, December 12, 2013, 7:50 AM | Praetorian Newsroom
Praetorian released a study that explores challenges faced by today’s megabanks, regional banks, and credit unions while building and maintaining secure mobile banking apps. Praetorian has identified build and configuration weaknesses in the overwhelming majority of mobile banking apps available on the App Store and Google Marketplace. While cursory, the results of the analysis indicate a need for continued improvement in mobile application security as the critical underpinnings of society become increasingly dependent on mobile technology.read more »
Thursday, August 01, 2013, 2:32 PM | Praetorian coverage on SecurityWeek
Praetorian, an Austin, Texas-based provider of information security solutions, has launched a new cloud-based platform that leverages the computing power of Amazon AWS in order to crack password hashes in a simple fashion.
Online at PWAudit.com, the service provides organizations with reports that measure password strength and policy effectiveness to identify potential risks stemming from weak passwords.
Wednesday, July 31, 2013, 8:00 AM | Praetorian Newsroom
Praetorian, a leading information security provider, has announced the launch of PWAudit.com, a new cloud-based password auditing platform. Building on years of experience, Praetorian has designed a scalable, on-demand, cost-effective, and secure solution leveraging the elastic computing resources of Amazon AWS. Coupled with advanced reporting, organizations can finally measure password complexity and policy effectiveness to illuminate potential exposures due to weak passwords.read more »
Thursday, April 04, 2013, 6:59 AM | Praetorian Newsroom
New service simulates real-world advanced threats, enabling Fortune 500 and other high-profile enterprise clients to better understand and prepare for the next major security incident.read more »
Tuesday, January 22, 2013, 5:05 PM | Praetorian Newsroom
Praetorian is excited to welcome Anthony Marquez to its growing team of information security professionals. As a member of the technical execution team, Anthony will be responsible for client-facing engagements under Praetorian’s tactical and strategic service offerings.
Prior to joining Praetorian, Anthony worked at Lawrence Livermore National Labs (LLNL) where he was a key contributor to several projects that emphasized the lab’s mission of strengthening national security. During his time at LLNL, Anthony was able to work with an array of technologies including ultra-wideband radar systems, various biometric sensors, and mobile application development.read more »
Tuesday, October 30, 2012, 4:18 PM | Praetorian Newsroom
Praetorian is excited to be a platinum sponsor for the upcoming ISSA Chapter Meeting on Wednesday, November 7 from 11:00am to 3:00pm at St. Edwards Professional Education Center. The event will feature the famous/infamous security researcher Charlie Miller.
Charlie Miller is currently on the Product Security Team at Twitter. Previously he was a security consultant with various firms, and also spent five years working for the National Security Agency. A four time winner of the CanSecWest Pwn2Own competition, he was the first with a public remote exploit for both the iPhone and the G1 Android phone. In 2011, he found a security hole in an iPhone’s or iPad’s security, whereby an application can contact a remote computer to download new unapproved software that can execute any command that could steal personal data or use iOS application functions for malicious purposes. As a proof of concept, Miller created an application called Instastock that got approved by Apple’s App Store. He then informed Apple about the security hole, who then promptly expelled him from the App Store. He has hacked batteries, Second Life, and iOS codesigning. Charlie has authored three information security books and holds a Ph.D. in mathematics from the University of Notre Dame.read more »
Tuesday, October 09, 2012, 3:12 PM | Praetorian Newsroom
Praetorian is excited to sponsor and attend the upcoming 2012 Boston Application Security Conference (BASC). The Boston Application Security Conference (BASC) will be held Saturday, Oct. 13, from 10 a.m. – 6:30 p.m. at Microsoft’s New England Research & Development Center at One Memorial Drive, Cambridge. Admission to the BASC is free but registration is required for breakfast, lunch, and the evening social time.read more »
Wednesday, August 01, 2012, 4:15 PM | Praetorian Newsroom
Praetorian, an industry-leading information security service provider and cyber research firm, announced it is partnering with ITT Exelis (NYSE: XLS) as part of the Agile Cyber Technologies (ACT) indefinite delivery, indefinite quantity contract issued by the U.S. Air Force Research Laboratory (AFRL). The award has a potential value of up to $300 million over the life of the five-year task order-based contract.read more »
Thursday, April 26, 2012, 10:00 AM | Praetorian Newsroom
Praetorian, an industry-leading information security service provider, has just launched a major recruiting initiative that comprises both a comprehensive overhaul to its corporate website at www.praetorian.com and a company-wide effort aimed at attracting talented job applicants. “An overhaul to our website was needed to reflect where we are as a company,” comments Praetorian’s CEO Nathan Sportsman. “The new site is a more accurate portrayal of Praetorian.” The goal of this initiative is to find the very best candidates to fill numerous information security job openings.read more »
Monday, April 16, 2012, 12:18 PM | Praetorian Newsroom
Praetorian is pleased to announce the addition of Sachin Patel to their Business Development team. Sachin will serve as Director of Business Development and will strengthen the growth and expansion of Praetorian’s service offerings through targeted partner relations and new recurring revenue models.read more »
Saturday, April 14, 2012, 10:23 AM | Praetorian Newsroom
Praetorian proudly sponsored the first annual Hack-A-Thon, organized and hosted by The University of Texas chapter of IEEE Communications Society (ComSoc). ComSoc is an entirely student-led and student-organized group that promotes information security education on the UT campus. ComSoc holds regular student-led lectures on both offensive and defensive security techniques, with the goal of spreading knowledge and awareness of computer security issues to the students of UT’s ECE and CS departments.read more »
Monday, March 26, 2012, 1:58 PM | Praetorian Newsroom
Praetorian today announced that it has appointed Josh Abraham as Director of Professional Services. Josh most recently served in technical roles at Rapid7 and Hasbro Corporation. In his new role at Praetorian, he will be a key member of the technical execution team. In this capacity, he is responsible for leading, directing and executing client-facing engagements that include Praetorian’s tactical and strategic service offerings.read more »
Monday, March 19, 2012, 6:11 PM | Praetorian Newsroom
Is Android’s open mobile platform more secure than others? At the 2012 Honeynet Project Security Workshop, Praetorian’s Ryan W. Smith will share his belief that Android’s openness provides opportunities for attackers and defenders alike, and it’s time for defenders to regain the upper ground by leveraging this openness.read more »
Wednesday, February 29, 2012, 1:55 PM | Praetorian Newsroom
read more »
Thursday, February 09, 2012, 8:06 PM | Praetorian Newsroom
UT Students… Please join us on Thursday, February 9th from 7:00-8:00PM for an informative session on career opportunities in information security. The event will be held in the Engineering-Science (ENS) Building, room 116, at 2501 Speedway. Pizza and refreshments served.read more »
Friday, January 27, 2012, 8:08 PM | Praetorian Newsroom
Praetorian’s VP of Research and Development, Ryan W. Smith, will join other security professionals on the Getting the Most From Third-Party Security Auditors and Penetration Testers panel at the Clouds, Outsourcing & Security Services event sponsored by InformationWeek & Dark Reading on February 15th, 2012.read more »
Friday, January 06, 2012, 8:10 PM | Praetorian Newsroom
Praetorian is excited to announce that Matt Starolis has joined our ranks. Matt will be responsible for driving Praetorian’s strategic growth and rapid expansion of the client base, partnerships, and revenue. Prior to joining Praetorian, Matt spent five years at National Instruments as a District Sales Manager covering Northern California’s Silicon Valley area. His client accounts ranged from Fortune 500 companies to startups in the energy, semiconductor, and medical device sectors. Key accounts included Lockheed Martin, NASA-Ames Research Center, Space Systems/Loral, and BAE.read more »
Ryan W. Smith to Present on STAAF at HICSS 2012
Thursday, December 22, 2011, 10:41 PM CDT
Praetorian’s VP of Engineering, Ryan W Smith, is presenting on STAAF (Scaling Android Application Analysis with a Modular Framework) at HICSS 2012. Mr. Smith’s research paper on STAAF has officially been nominated for the conference’s Best Paper award. For more information, visit the HICSS website.
“The Dragon is Awakening” voted Best Presentation of the Year
Thursday, December 15, 2011, 11:10 PM CDT
Last month, Nathan Sportsman presented on the dramatic escalation of State sponsored espionage to a full-house during ISSA Austin’s November meeting. The presentation attracted record attendance-levels and was recently voted “Best Presentation of the Year” by ISSA members. An updated video version of the presentation will soon be available online - Stay tuned.
Nathan Sportsman to Present at Austin ISSA Meeting on Nov 17, 2011
Monday, November 14, 2011, 11:21 PM CDT
Praetorian CEO, Nathan Sportsman, is delivering a presentation called “The Dragon is Awakening” to ISSA in Austin, TX on November 17, 2011. The presentation will illustrate how State sponsored espionage has dramatically escalated over the years [China in particular], while explaining how non-conventional solutions are required to combat the growing problem (register to attend).
Praetorian to Host Annual Security Vault Dinner in Austin, TX
Thursday, October 20, 2011, 11:20 PM CDT
A group of leading Information Security Executives will gather in Austin, TX on Thursday October 27th to explore top-of-mind security challenges, opportunities and recent successes within their industries. The dinner will be held in Perry’s private vault dinning room, which is a converted bank vault complete with an 18-inch steel bank vault door. The annual Security Vault Dinner falls on the eve of LASCON, a premier gathering of Information Security leaders and web application developers in Texas.
Ryan W Smith Presents STAAF at OWASP Austin Meeting
Tuesday, September 27, 2011, 11:21 PM CDT
Ryan W Smith presented STAAF, the framework for scalable and shareable Android app analysis, to OWASP Austin today (9/27/2011). In his STAAF Presentation, Ryan covered the framework’s architecture, current status and available implementations - as well as a quick demo with a handful of applications.
Daniel Herrera Selected to Present at LASCON 2011 in Austin, TX
Wednesday, September 21, 2011, 11:32 PM CDT
Praetorian’s newest team member, Daniel Herrera, has been selected to present at this years LASCON 2011 Conference in Austin, TX on Oct 28th. In his LASCON presentation, Daniel will focus on common obfuscation techniques identified in the wild that function in all modern browsers. The talk is targeted at a technical audience and each technique will be explained with functional examples demonstrating how and why a particular obfuscated method works.
Wednesday, September 07, 2011, 11:32 PM CDT
Praetorian’s Ryan W Smith and Adam Pridgen to speak at OWASP AppSec USA 2011. The two security researchers will present their work on STAAF, an efficient distributed framework for performing large scale android application analysis.read more »
Daniel Herrera Joins Praetorian
Monday, August 01, 2011, 11:30 PM CDT
Praetorian is excited to announce that Daniel Herrera has joined our ranks. Prior to joining Praetorian, Daniel worked as a security engineer at SecTheory and WhiteHat Security where he specialized in application penetration testing.
Mr Herrera has extensive security experience in web related technologies and is a contributing member of the Web Application Security Consortium (WASC). He participated in several projects and has authored content for the WASC Threat Classification v2.0. An avid researcher, his recent analysis and security discoveries in Palm WebOS were reported on by several news outlets including Information Week and Dark Reading.
At Praetorian, Daniel will continue research and development of advanced attack techniques against emerging technologies.
Agile Austin Meeting: Building Security into the Next Iteration
Tuesday, July 12, 2011, 12:03 AM CDT
Praetorian’s Matt Tesauro, OWASP Board Member and WTE Project Lead, to speak at Agile Austin’s July 12th meeting. Using the OWASP Web Test Environment (WTE), he will showcase best practices and demonstrate secure methods for designing and testing your software for ruggedness.
Matt Tesauro Joins Security Panel at Austin SecureSDLC
Tuesday, June 14, 2011, 12:05 AM CDT
Praetorian’s Vice President of Services, Matt Tesauro, will join Michael Howard (Microsoft), Mano Paul, and Wendy Nather (451 Group) on the security panel at Austin SecureSDLC on June 14th.
Ryan W Smith Speaks on Mobile Application Privacy
Wednesday, May 18, 2011, 12:05 AM CDT
Ryan W. Smith, Praetorian and Tyler Shields, Veracode deliver a highly anticipated webinar that looks under the hood of a huge selection of Android applications and provides a quantitative examination of the application security posture of today’s mobile application space.
Nathan Sportsman Contributes to NIST SP 800-53 Rev 4
Friday, April 29, 2011, 12:06 AM CDT
Nathan Sportsman has provided feedback on the next release of NIST special publication 800-53. Proposed changes focused on software assurance and its related controls. The Join Task Force is expected to incorporate contributions later this year.
Ryan W Smith has been Accepted as a Google Summer of Code (GSoC) Mentor
Monday, April 11, 2011, 12:08 AM CDT
Ryan Smith will be the primary mentor for a proposed Android Static Malware Analysis project and a secondary mentor on another related Android Dynamic Malware Analysis project. Praetorian is proud to support Ryan’s continued work through The Honeynet Project during this year’s Google Summer of Code where he will be mentoring a college student through a new project in mobile security.
Adam Pridgen selected as a National Physical Science Consortium Fellow
Tuesday, March 22, 2011, 12:09 AM CDT
The Praetorian Team is proud to announce that Adam Pridgen has been selected as a National Physical Science Consortium (NPSC) Fellow. The NPSC awards fellowships to outstanding students who are pursuing degrees in Sciences, Technology, Engineering and Mathematics fields and who have shown promise with their past achievements and current academic standings.
Matt Tesauro Gives SC World Congress Keynote
Tuesday, February 22, 2011, 12:11 AM CDT
Matt Tesauro set to give the keynote “Why do vulnerabilities in web apps still linger?” at the SC World Congress eSymposium on February 24, 2011 @ 11:30 CST. The webinar is free and event registration can be done here.
Matt Tesauro Interviewed by InfoQ
Monday, February 14, 2011, 12:10 AM CDT
InfoQ caught up with WTE project lead Matt Tesauro to learn more about the background, current state, various tools it supports and the future road map of the project.
Matt Tesauro Releases New OWASP Live CD
Saturday, February 05, 2011, 12:12 AM CDT
The most exciting release since its inception! The main goal of the OWASP Live CD, recoined the Web Testing Environment (WTE) project, which is a part of The Open Web Application Security Project (OWASP) organization, is to make application security tools and documentation available to the application developers and QA testers so the security is built into every aspect of the software development life cycle.
Adam Pridgen Volunteers for KIPP Outreach Program
Friday, January 28, 2011, 12:13 AM CDT
Today Adam Pridgen participated in Science, Engineering, Technology, and Mathematics Day at KIPP Academy Middle School in Southwest Houston. “KIPP, the Knowledge Is Power Program, is on a mission to develop in under served students the academic skills, intellectual habits, and qualities of character necessary to succeed at all levels of pre-kindergarten through 12th grade, college, and the competitive world beyond.
This is the first year professionals and graduate students were invited to participate in the event, which lasts all day. Adam learned of the opportunity through a posting at Rice, and as part of Praetorian’s Outreach Initiatives, he volunteered to speak with sixth graders about computer engineering and computer science. During this event, Adam spent time with sixth graders to talk about what it means to be a computer engineer and computer scientist and the impact these professions will have on the future.
Ryan W Smith Founds Texas-Based Honey Project Chapter
Thursday, January 13, 2011, 12:13 AM CDT
As a show of support for high quality open source and collaborative research, Praetorian’s own Ryan W Smith has founded a Texas-based Honeynet Project chapter, The RoT-1 Honeynet Project. Ryan is no stranger to The Honeynet Project. He was an active member of The University of Texas Honeynet Project from 2002-2008 and has spoken on the topic to numerous professional security organizations and government agencies throughout Texas.
Many of the other members of the new RoT-1 chapter have also been involved with the Honeynet Project previously including Praetorian’s Adam Pridgen, who was also active in The University of Texas Honeynet Project. With such a seasoned and capable member list, the project is expected to hit the ground running and quickly become one of the most active chapters in the project and the project’s ambassadors to Texas and the surrounding region.
Praetorian is proud to support Ryan and Adam in their involvement with the RoT-1 Honeynet Project Chapter, and their mission “to learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”
Greg Genung Joins Praetorian
Monday, January 03, 2011, 12:15 AM CDT
Praetorian is excited to announce Greg Genung has joined our team. As Vice President of Sales, Greg is responsible for Praetorian’s market expansion and growth. Greg will be closely involved with the leadership team to grow the consulting, research, and products practices. Over the last five years, Greg has built strong relationships with CIO’s and CISO’s in both the public and private sector. His efforts have helped his clients achieve secure, rugged, and resilient enterprise software.
Prior to joining Praetorian, Greg was a Business Development Manager for the Denim Group, Ltd. where he led significant sales growth in public Sector and Fortune 500 Market-Entry. His background and experience includes sales, marketing, and brand awareness for new information security service and product segments. Greg currently serves on the Austin OWASP Chapter Board, has served on Austin’s ISSA Board since 2008, and also served on the TASSCC TAG Board as Education Director in 2010. Greg is a graduate of Trinity University in San Antonio, Texas.
Matt Tesauro Gives Keynote @ OWASP LASCON
Friday, October 29, 2010, 12:16 AM CDT
Matt Tesauro delivered the keynote “Why does bad software happen to good people?” at OWASP’s Lonestar Security Conference. His presentation showed the pervasiveness of software in modern society, demonstrated the implications poorly written software can have, and provided suggestions for a way forward.
Matt Tesauro Joins Praetorian
Monday, October 18, 2010, 12:16 AM CDT
Praetorian is pleased to announce Matt Tesauro has joined our team. Matt has been involved in the Information Technology industry for more than 10 years. Prior to joining Praetorian, Matt was a Security Consultant at Trustwave’s SpiderLabs. Matt’s focus has been in application security including testing, code reviews, design reviews and security training. His background in web application development and system administration helped bring a holistic focus to Secure SDLC efforts he’s driven.
Matt is currently on the board of the OWASP Foundation and highly involved in many OWASP projects and committees. Matt is the project leader of the OWASP WTE (Web Testing Environment) which is the source of the OWASP LIVE CD Project and Virtual Machines pre-configured with tools and documentation for testing web applications.
He has taught both graduate level university courses and for large financial institutions. Matt has presented and provided training a various industry events including DHS Software Assurance Workshop, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil. Matt Tesauro has a B.S. in Economics and a M.S in Management Information Systems from Texas A&M University.
OWASP LASCON Sponsorship
Monday, August 30, 2010, 12:24 AM CDT
Praetorian is proud to announce they are sponsoring the OWASP LASCON 2010 conference held October 29th in Austin, TX. LASCON 2010 is a premier gathering of Information Security leaders and web application developers in Texas. Texas has more Fortune 500 companies than any other state. Executives from these companies along with technical thought leaders, security architects and lead developers gather to share cutting-edge ideas, initiatives, and technology advancements.
Adam Pridgen Speaks @ Defcon 18
Sunday, August 01, 2010, 12:24 AM CDT
Adam Pridgen provided a joint presentation at Defcon 18. The presentation is a case study about an approach to building reverse engineering tools, but in this case, a network bridge between IDA Pro and Debuggers. The presentation will cover the development side of things, and discuss how to leverage open source projects as supplements for code and learning aids, detail useful sources for this type of development, and provide insight about how to build C++ extensions for WinDbg and IDA, as well as building Python plugins for ImmunityDebugger and VDB.
Ryan W. Smith Joins Praetorian
Monday, July 12, 2010, 12:25 AM CDT
Praetorian is excited to announce Ryan W. Smith has joined our ranks. Ryan’s current focus is on the research and development of technology and systems in support of computer network defense, attack, and exploitation.
Prior to joining Praetorian, Ryan Smith was an Associate Staff member of the Information Systems Technology Group at MIT Lincoln Laboratory. His previous work at Lincoln Labs was in the code analysis group, in which he focused on the development of a prototype tool to automate the malware analysis process using information flow and virtual machine introspection. Prior to Lincoln Laboratory, Mr. Smith worked at 21st Century Technologies and Applied Research Labs in Austin, TX, and PricewaterhouseCoopers in Dallas, TX. Previous work has included graph-based network attack correlation, steganography, netflow traffic analysis, vulnerability and risk analysis, and identity management.
Ryan received a M.S. in Security informatics from Johns Hopkins, where he focused on network and systems security as well as privacy and technical public policy. He also received a B.S in Electrical Engineering from The University of Texas in Austin, where he focused on information assurance and network communications.