Steve Springett
Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development life cycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research and defensive programming techniques. Steve's passionate about helping organizations identify and reduce risk from the use of third-party and open-source components. He is an open-source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS), and is the Chair of the OWASP CycloneDX Core Working Group.
Subscribe Now- Thought Leaders
- Application Security
- Contrast News
- DevOps
- vulnerabilities
- AppSec
- Hacked
- Threat
- Runtime Security
- DevSecOps
- Product
- RASP
- Contrast Assess
- Contrast Protect
- API security
- CodeSec
- Security
- cyberattacks
- AI
- Metrics
- APIs
- CVE
- cybersecurity
- CISA
- IAST
- MFA
- OSS
- SCA
- passwords
- runtime protection
- 2FA
- AWS
- Contrast Scan
- JavaScript
- SAST
- backlog
- cybersecurity awareness month
- CISO
- GitHub
- MTTR
- OpenSource
- breach
- data breach
- incident response
- ransomware
- regulation
- scan
- software development
- threat modeling
- transparency
- .Net
- Awards
- ChatGPT
- Community Edition
- Contrast SCA
- DBIR
- DHS
- Gen AI
- KVE
- Log4j
- OpenAI
- RSA
- React
- SQL injection
- Security Observability
- WAF
- artificial intelligence
- attack
- awareness
- chat apps
- critical infrastructure
- data privacy week
- jQuery
- observability
- okta
- python
- remediation
- supply chain
- threat detection
- workplace
- zero-day
- .Net
- AI Act
- AST
- Angular
- Article 25
- Below the Waterline
- CISO Insights
- CISOs
- CSRF
- Cloud Native Security
- Console
- Cyber Bank Heists
- DAST
- DORA
- Dependabot
- Developers
- Digital Operational Resilience Act
- Drupal
- European Union
- Gartner Peer Insights
- Genie
- Git
- GitHub Action
- GitLab
- Go
- IoT
- Known Exploited Vulnerabilities
- MLflow
- MOVEit
- Microsoft
- Namasday
- Netflix
- Node.js
- OpenSourceSoftware
- PATs
- RCE
- Regulation (EU) 2022/2554
- Ruby
- Secure from within
- TypeScript
- agents
- application attacks
- authentication security
- benefits
- best practices
- brute force attack
- burnout
- certificates
- compliance
- corporate culture
- crime
- cybercrime
- cyberespionage
- data privacy
- digital resilience
- directory traversal
- false positive
- financial
- financial institutions
- financial sector
- github application security
- github secure code
- github security scanning
- happiness
- hiring
- instrumentation
- java
- labor shortage
- languages
- legislation
- machine learning
- malicious actors
- malware
- nation states
- organized crime
- passkeys
- password managers
- path traversal
- penetration testing
- perks
- personal access tokens
- phishing
- proactive security
- quantum encryption
- regulatory
- retention
- risk ranking
- root account
- sbom
- scams
- secure by design
- security blueprint
- security culture
- security debt
- security monitoring
- security posture
- shift smart
- social engineering
- tracking
- verizon
- voice cloning
- voice of the customer
- vue.js
- vulnerability
- work-life balance
Loving our content? Subscribe now!
Get the latest application security news, trends, tips and insights content from Contrast directly to your inbox. By subscribing, you will stay up to date with all the latest and greatest from Contrast Security.