Grant Ongers
Grant Ongers (@rewtd) is co-founder of the bearded trio called Secure Delivery focused on optimal delivery and security in one dynamic package. Grant's experience spans Development: building platforms for telcos, MSPs, and financial services firms for more than 10 years. He also has over 20 years of experience in Operations, running operational teams in global NOCs to managing mainframe and database systems. On the Security side of the business, Grant has over 30 years pushing the limits—mostly white hat. He’s done time on both sides of the TPSA table, working for and with regulated organizations to ensure compliance and match “appetite for” with “acceptance of” risk. Grant is involved in numerous organizations: staff at BSides, Goon at DEF CON, DC2721 cofounder, staff at BlackHat, and OWASP global board member.
Subscribe Now- Thought Leaders
- Application Security
- Contrast News
- DevOps
- AppSec
- vulnerabilities
- Hacked
- Threat
- Runtime Security
- DevSecOps
- ADR
- API security
- Product
- cyberattacks
- Contrast Protect
- RASP
- Contrast Assess
- AI
- CodeSec
- Security
- APIs
- MFA
- Metrics
- cybersecurity
- cybersecurity awareness month
- CVE
- OSS
- 2FA
- CISA
- IAST
- incident response
- SCA
- data breach
- passwords
- runtime protection
- application attacks
- ransomware
- regulation
- AWS
- CISO
- CISOs
- Contrast Scan
- JavaScript
- Log4j
- MTTR
- SAST
- Vulnerability Management:
- backlog
- threat detection
- threat modeling
- GitHub
- OpenSource
- SOC
- Security Observability
- WAF
- attack
- breach
- critical infrastructure
- cyberespionage
- observability
- path traversal
- scan
- software development
- transparency
- .Net
- AST
- Application Detection and Response (ADR)
- Awards
- ChatGPT
- Community Edition
- Contrast SCA
- DBIR
- DHS
- Gen AI
- KVE
- Log4Shell
- Log4Shell attacks
- Log4Shell exploit
- Log4j vulnerability
- NIST CVE Backlog
- OpenAI
- RSA
- React
- Runtime Application Security
- SIEM
- SQL injection
- XSS
- application layer
- artificial intelligence
- awareness
- chat apps
- cybercrime
- data privacy week
- detection
- financial institutions
- financial sector
- jQuery
- malware
- okta
- python
- remediation
- sbom
- secure by design
- security culture
- security monitoring
- shift smart
- supply chain
- vulnerability disclosure
- workplace
- zero-day
- .Net
- AI Act
- Angular
- Architecture design
- Article 25
- Attack Detection and Response (ADR)
- Below the Waterline
- CISA Log4Shell
- CISA Vulnrichment
- CISO Insights
- CSRF
- CVE Enrichment
- CVE-2021-44228
- CVSS Scores
- Chris Hughes
- Cloud Native Security
- Cloud platform protection
- Cloud security
- Console
- Contrast One
- Cyber Bank Heists
- Cybersecurity Collaboration
- Cybersecurity Funding
- DAST
- DORA
- Dependabot
- Developers
- Digital Operational Resilience Act
- Drupal
- EDR
- EL injection
- European Union
- Gartner Peer Insights
- Genie
- Git
- GitHub Action
- GitLab
- Go
- Incident Response challenges with CVE backlog
- IoT
- Known Exploited Vulnerabilities
- LLMs
- Log4Shell remediation
- Log4Shell vulnerability
- Log4j remediation
- MLflow
- MOVEit
- Managed Security Services
- Managed security service providers
- Microsoft
- Namasday
- Netflix
- Node.js
- Open source security risks
- OpenSourceSoftware
- PATs
- Protect data
- RCA
- RCE
- Regulation (EU) 2022/2554
- Risk assessment
- Ruby
- SEC
- SEC disclosure rules
- SOAR
- SOC (Security Operations Center)
- SecOps
- Secure from within
- Security Vulnerability Management
- Security engineering
- Software supply chain security
- Splunk
- Third-party software vulnerabilities
- Threat Detection and Response
- Threat Intelligence
- TypeScript
- Zero-Day Exploits
- agents
- attack data
- authentication security
- automatic updates
- benefits
- best practices
- brute force attack
- burnout
- certificates
- compliance
- corporate culture
- crime
- data privacy
- data security
- deep fakes
- digital resilience
- directory traversal
- dwell time
- false positive
- financial
- github application security
- github secure code
- github security scanning
- hackers
- happiness
- hiring
- insecure deserialization
- insider threat
- instrumentation
- java
- labor shortage
- languages
- legislation
- liability
- machine learning
- malicious actors
- method tampering
- nation states
- open-source software
- organized crime
- passkeys
- password managers
- pen test
- pen testing
- penetration testing
- perks
- personal access tokens
- phishing
- policies
- proactive security
- quantum encryption
- regulatory
- resilience
- retention
- risk management
- risk ranking
- root account
- scams
- security blueprint
- security debt
- security posture
- social engineering
Loving our content? Subscribe now!
Get the latest application security news, trends, tips and insights content from Contrast directly to your inbox. By subscribing, you will stay up to date with all the latest and greatest from Contrast Security.