Jeremiah Grossman, a former information security officer at Yahoo, is on a quest to make Web apps more secure. He's ambitious, having founded WhiteHat Security in 2001--when many tech companies were closing up shop--to provide continuous security monitoring of Web-based apps, which he knew would play a major factor in the Web's resurgence. And he's not afraid to break a sweat.
CTO Of WhiteHat Security
Interview by Larry Greenemeier
Photograph by Jeffery Newbury
Keeping out every phishing attack is important, Grossman says. "It only takes one phishing attack, and nobody wants to click on your links anymore. Once customers lose trust, it's really hard, if not impossible, to get it back."
A founder of the Web Application Security Consortium and a contributing member of the Center for Internet Security Apache Benchmark Group, Grossman regularly posts his insights on several security e-mail lists. One clear message: "The payloads being delivered by Web application attacks are much more severe than in years past."
A fan of contact sports, Grossman has played Australian rules football in the Bay Area for three years. In football, "I play the ruck. That's the guy who always goes up for the ball and gets hit."
DEFENSE IN DEPTH
When he's not defending Web apps, Grossman is studying self-defense. He took up Brazilian jujitsu last year. "I've been an Ultimate Fighting Championship fan for years, and the jujitsu style of fighting is a lot of ground and pound; I really wanted to give it a try."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
InformationWeek Tech Digest August 03, 2015The networking industry agrees that software-defined networking is the way of the future. So where are all the deployments? We take a look at where SDN is being deployed and what's getting in the way of deployments.