Jeremiah Grossman, a former information security officer at Yahoo, is on a quest to make Web apps more secure. He's ambitious, having founded WhiteHat Security in 2001--when many tech companies were closing up shop--to provide continuous security monitoring of Web-based apps, which he knew would play a major factor in the Web's resurgence. And he's not afraid to break a sweat.
CTO Of WhiteHat Security
Interview by Larry Greenemeier
Photograph by Jeffery Newbury
Keeping out every phishing attack is important, Grossman says. "It only takes one phishing attack, and nobody wants to click on your links anymore. Once customers lose trust, it's really hard, if not impossible, to get it back."
A founder of the Web Application Security Consortium and a contributing member of the Center for Internet Security Apache Benchmark Group, Grossman regularly posts his insights on several security e-mail lists. One clear message: "The payloads being delivered by Web application attacks are much more severe than in years past."
A fan of contact sports, Grossman has played Australian rules football in the Bay Area for three years. In football, "I play the ruck. That's the guy who always goes up for the ball and gets hit."
DEFENSE IN DEPTH
When he's not defending Web apps, Grossman is studying self-defense. He took up Brazilian jujitsu last year. "I've been an Ultimate Fighting Championship fan for years, and the jujitsu style of fighting is a lot of ground and pound; I really wanted to give it a try."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.