💜 _{Hit ‘reply’ to send me a message or give me feedback!}

Hello my friends!

My new book, Alice and Bob Learn Secure Coding, is now available for pre-sale! I’ve submitted my last chapter recently, I’m working on edits now, and I am SO EXCITED for it to be available on February 5th, 2025! It’s been a long road (3 years), but it’s almost done! You can pre-order it at any of the links below.

• Amazon.com

• Amazon.ca

• Indigo

• Barnes and Noble

Bonus: and my first book is on sale for 50% off!

For Security Awareness Month (October) I am still offering FREE live secure coding training (based on my first book, not my upcoming one), which you can sign up for here. Also, the security awareness month deal (I will virtually speak for your company for free, if you sit down with sales from Semgrep) is still on! You can sign up here.

New Content!

• What can small businesses do to force vendors to create more secure software?

• By the skin of your teeth, a very sad security story

• I was on Splunk’s Security Detail Podcast!

• InfoSec On Tap podcast

• Choosing a Static Analysis Tool (yes I work at Semgrep, and I know I’m biased, but I hope this helps you choose whatever tool is best for you and your team!)

Older content that was re-released:

1. Building Security Champions

2. https://semgrep.dev/blog/2024/recruiting-security-champions

3. https://semgrep.dev/blog/2024/engage-your-champions

4. https://semgrep.dev/blog/2024/teaching-security-champions

5. https://semgrep.dev/blog/2024/recognizing-rewarding-security-champions

6. https://semgrep.dev/blog/2024/overcommunication-with-your-security-champions

7. https://semgrep.dev/blog/2024/security-champions-metrics-data

8. https://semgrep.dev/blog/2024/conclusion-security-champions

Events!

• TOMORROW Oct 8th, 5:00 pm OWASP Seattle is talking about my book and I will (virtually) be there!

• October 11, The Rules with Kurt Boberg, an interactive Semgrep rule writing workshop, virtual, free, and live!

• October 23, Almost-Free live secure coding training at LASCON, all proceeds to OWASP, sponsored by Semgrep!

• October 24-25 2024, Austin, Texas, USA, Lascon, I’m excited to announce that I will be the keynote and the other keynote is HD Moore!

• Oct 30 and 31st: Free Secure Coding Training from Semgrep Community! Virtual, 2 4-hour sessions. We will cover secure coding as per “Alice and Bob Learn AppSec”, the OWASP Top Ten (2017 and 2021), Secure Design, and incident Response for Devs. Sign up here.

• November 7, 2024, online, The Elephant in AppSec Conference

• January 20-23, 2025 NDC Security in Oslo, Norway - That’s right, I’m coming to Europe!!!! Email me if I will be close and I will see if I can visit your city!

• January 2025 more events in Europe in the works! Oslo, Norway, and London, England!

Random Topics Go Here

We end with a meme.