This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Corporate Supporter Bios

Revision as of 14:16, 21 November 2019 by Lisa.jones (talk | contribs) (updated scsk bio)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Disclaimer: Corporate Supporter Bios are not endorsements and reflect the message of the supporter only.

Elite Corporate Members

{{{size}}}       Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America, serving more than 16 million households nationwide. Founded in 1931, Allstate has been dedicated to protecting our customers from life’s uncertainties and preparing them for the future for more than 85 years. As the needs of our customers evolve, so does our technology and security practices to ensure our customers remain in good hands.
{{{size}}}       Our purpose is to build trust in society and solve important problems. In today's digital world that requires a focus on cybersecurity in order to build a secure digital society. We help clients across society to understand their cybersecurity risk; build and assure their defenses; identify and respond to attacks, and to navigate the complex legal and regulatory environment for cybersecurity. For more information please visit

Premier Corporate Members

Company Company Description Contact
300px90px       Adobe is the global leader in digital marketing and digital media solutions. Our tools and services allow our customers to create groundbreaking digital content, deploy it across media and devices, measure and optimize it over time, and achieve greater business success. We help our customers make, manage, measure, and monetize their content across every channel and screen.
{{{size}}}       HackerOne ( is the #1 hacker-powered security platform, helping organizations receive and resolve critical vulnerabilities before they can be exploited. More than 1,000 organizations, including the U.S. Department of Defense, U.S. General Service Administration, General Motors, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities. HackerOne customers have resolved over 57,000 vulnerabilities and awarded over $22M in bug bounties. HackerOne is headquartered in San Francisco with offices in London and the Netherlands.
{{{size}}}       Netsparker develops an industry leading automated web application security scanner. Available as Windows desktop software and as a Cloud service, the Netsparker scanner is very easy to use and its proof-based vulnerability scanning technology enables you to easily and automatically detect SQL Injection, Cross-site scripting and other vulnerabilities in your websites, web applications and web services. Netsparker’s unique scanning, detection and auto exploitation techniques allow it to be dead accurate. Therefore you do not have to waste time manually verifying the scanner’s findings and instead can focus on fixing the identified vulnerabilities. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.
{{{size}}}       Qualys is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps - including Web Application Scanning (WAS) - help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence and automating the full spectrum of auditing, compliance, and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).
300px90px       Salesforce is the world’s #1 customer relationship management (CRM) platform. Our cloud-based applications for sales, service, marketing, and more don’t require IT experts to set up or manage — simply log in and start connecting to customers in a whole new way.
300px90px       Signal Sciences secures the most important web applications, APIs, and microservices of the world's leading companies. Our next-gen WAF and RASP help you increase security and maintain site reliability without sacrificing velocity, all at the lowest total cost of ownership. Learn how our patented approach can help you.

Contributor Corporate Members

Company Company Description Contact
Acunetix logo 200.png       Acunetix’s team of experienced engineers developed a lead in website, web application, and Internet-facing server analysis and vulnerability detection. Available both on-premise and online, Acunetix uses deep crawling techniques to detect exploitable vulnerabilities such as SQL injection, and all forms of Cross-Site scripting – while providing concise vulnerability reports and information on how to fix them allowing you to protect your business against impending hacker attacks. Acunetix customers include Cisco, NASA, American Express, Sony, HSBC, The Pentagon, Skype, and many more. You can find us online at
{{{size}}}       Altitude Networks tackles data security in the cloud to protect enterprises against unauthorized data access, accidental or malicious sharing to unintended individuals, and data theft.
{{{size}}}       Aon’s Cyber Solutions offers holistic cyber security, risk and insurance management, investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.

Cyber security services provided by Stroz Friedberg Limited and its affiliates. Cyber risk services provided by Aon UK Limited and its affiliates
{{{size}}}       Arxan, the global trusted leader of application protection solutions, delivers the confidence to build, deploy, and manage an organization’s most innovative and valuable applications. Currently protecting more than 1 billion application instances across industries including financial services, mobile payments, healthcare, automotive, gaming, and entertainment, the company provides the industry’s most comprehensive application protection solution. Unlike legacy security providers that rely on perimeter-based barriers to keep bad actors out, Arxan protects applications at the source and binary code level to expand the area of trust and provides a broad range of enterprise services and patented security capabilities such as code hardening, obfuscation, encryption, and Whitebox cryptography. Founded in 2001, the company is headquartered in North America with global offices in EMEA and APAC.
{{{size}}}       Avatao is an online training platform for building secure software. It offers a rich library of hands-on IT security exercises for software engineers to teach secure programming from design to deployment in a fun and intuitive way. Educating for secure software can significantly improve software quality, increase trust in a company’s brand, reduce development costs and reduce the risks of suffering significant losses from cyber-attacks. In today’s world, secure software development practices are a basic requirement and we believe the solution should be integrated into the ground roots of software development teams. The platform can be used to provide security awareness to software engineers, to enrich existing IT security training, meetups or allow self-directed learning for continuous professional development. Avatao hackathons are also an excellent method to discover talented developers and engage and build brand awareness in the community. Avatao is a creation out of CrySyS Lab, world-renowned experts in IT security. Learning communities like business teams use Avatao for an improved and efficient learning experience. Mid-size and large software and financial companies use Avatao’s gamified online training to organize security hackathons, onboard new hires or upskill software developers to build secure software. The Avatao platform was publicly launched in 2016 for end-users and business customers. Initial customers include LogMeIn (US), Prezi (HU), Microsec (HU), Emarsys (HU), Photobox (UK), and many other companies are piloting the platform including Fortune 100 companies. Avatao currently has 5000+ users and 500+ exercises.
{{{size}}}       Avi Networks completes enterprises’ digital transformation with its software load balancer, intelligent Web Application Firewall, and modern application services. The Avi Vantage Platform is deployed across data centers and clouds, delivering better elasticity, intelligence, and cost savings by providing granular per-tenant and per-app services. Customers enjoy 5X faster application rollouts, actionable analytics, and 70% lower costs.
{{{size}}}       Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to the business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights, and improved communication. Founded in 2008 by industry leaders in risk management with a proven track record in delivering cutting edge, innovative and cost-effective solutions. Brinqa’s award-winning software and cloud services are trusted by fortune 500 companies across risk disciplines such as information technology risk, vendor risk, and regulatory compliance risk. Brinqa is headquartered in Austin, Texas and has a global presence.
{{{size}}}       CA Technologies helps customers succeed in a future where every business—from apparel to energy—is being rewritten by software. From planning to development to management to security, at CA we create software that fuels transformation for companies in the application economy. Learn more at
{{{size}}}       Cequence Security is a venture-backed cybersecurity software company founded in 2015 and based in Sunnyvale, CA. Its mission is to transform application security by consolidating multiple innovative security functions within an open, AI-powered software platform that protects customers web, mobile, and API-based applications – and supports today’s cloud-native, container-based application architectures. The company is led by industry veterans that previously held leadership positions at Palo Alto Networks and Symantec. Customers include F500 organizations across multiple vertical markets, and the solution has earned multiple industry accolades. Learn more at
{{{size}}}       Checkmarx is an Application Security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications. Amongst the company's 1,000 customers are 5 of the world's top 10 software vendors and many Fortune 500 and government organizations. Checkmarx CxSAST is a highly accurate and flexible Source Code Analysis product that allows organizations to automatically scan a un-compiled/un-built code and identify hundreds of security vulnerabilities in the most prevalent coding languages. Learn more at
CodeDx-logo (1) (1).png       Code Dx is committed to reducing barriers to effective application security. Our automated application vulnerability correlation and management tools help find and fix insecure code faster, with less effort and a smaller team. Focus your precious resources on developing valuable new features, and ship secure code faster and more often. For more information, please visit
{{{size}}}       Contrast Security delivers the world’s fastest application security software that eliminates the single greatest security risk to enterprises today. Industry research shows that application security flaws are the leading source of data breaches. Contrast can be deployed, automatically discover applications and identify vulnerabilities within seven minutes. Relying on sensors instead of expensive security experts, Contrast runs continuously and is 10 times more accurate than the competition. Unlike tedious, painful and slow legacy approaches, Contrast analyzes a complete portfolio of running applications simultaneously in real-time at any scale. As a result, organizations can act faster against threats and immediately reduce risk. More information on Contrast Security can be found at
{{{size}}}       Cybozu is a Japanese cloud computing vendor founded in 1997. Its service supports effective team collaboration hence our services are widely used from large-scaled teams like multinational enterprises to small-scaled teams like volunteer groups, clubs even families. “kintone” is one of the Cybozu’s key products released in 2011. It is called "no-code application platform" which makes work more productive through business applications. It is recognized as one of the leading vendors in” Gartner 2016 Enterprise application Platform as a Service (aPaaS), Worldwide Magic Quadrant”. Cybozu has been focusing on security enhancement. It has started "bug bounty project" in 2013 to find any vulnerabilities which may exist in its product in order to provide its customers with the most secure service possible.
{{{size}}}       Dell Technologies (NYSE: DELL) unique family of businesses that helps organizations and individuals build their digital future and transform how they work and live. The company provides customers with the industry's broadest and most innovative technology and services portfolio spanning from edge to core to cloud. The Dell Technologies family includes Dell, Dell EMC, Pivotal, RSA, SecureWorks, Virtustream and VMware.
{{{size}}}       Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.
{{{size}}}       Duo Security helps defend organizations against data breaches by making security easy and effective. Duo Beyond, the company's category-defining zero-trust security platform, enables organizations to provide trusted access to all of their critical applications, for any user, from anywhere, and with any device. The company is a trusted partner to more than 10,000 customers globally, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. Founded in Michigan, Duo has offices in Ann Arbor and Detroit, as well as growing hubs in Austin, Texas; San Mateo, California; and London, UK.
Entrust DataCard logo.png       Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure transaction technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates, and secure communications. With more than 2,000 Entrust Datacard colleagues around the world and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit
{{{size}}}       Facebooks AppSec team is focused on discovering vulnerabilities and crafting creative solutions to eliminate them. We achieve this by doing code and design reviews, building tools, and automation, and manage our bug bounty program. Come to our booth to find out more and sign-up to win a FREE Oculus Go.
{{{size}}}       https: / gosecure.
HERE Logo MFL Horizontal RGB.png       Mapping has always been about discovery. For centuries, two-dimensional maps guided us through the unknown to our destination. But we are no longer limited by the edges of our physical maps. In 1985, we began with the simple goal to digitize mapping and pioneer in-car navigation systems. Over the next three decades, as NAVTEQ and Nokia, we’ve built a legacy in mapping technology. Today, we're creating living three-dimensional maps that grow upwards, breathing with layers of information and insights. By partnering with world-leading automakers, we are powering 4 out of 5 in-car navigation systems in North America and Europe. But we’re not just on the road. We are capturing the world in three dimensions, readying for an autonomous future. And we’re looking beyond. From autonomous driving to the Internet of Things, we are building the future of location technology through strategic partnerships with industry leaders like Intel, NVIDIA, Mobileye, and Tencent. With headquarters in Amsterdam and development sites that span Chicago to Berlin and across to Mumbai, we are a global team with a shared passion. From data scientists and software developers to product engineers and mapping specialists, we come together from many different backgrounds to build a better future for location technology.
{{{size}}}       We combine know-how in the areas of security consulting, IT governance, risk & compliance with conceptual strength, innovation and implementation expertise. In addition to protecting applications and networks, our core competencies also include organizational tasks such as setting up security, risk, and service management system. HiSolutions AG is one of the leading consulting specialists for IT management and information security in Germany. More than 200 experts advise in the areas of security consulting, IT governance, business continuity management, and digitalization. We actively participate in the development of national and international standards and are involved in various research projects and university teachings.
{{{size}}}       High-Tech Bridge is a global provider of web and mobile Application Security Testing (AST) services. Our award-winning AST platform ImmuniWeb® combines the genius of Human Intelligence with the power of Artificial Intelligence and Machine Learning. ImmuniWeb® leverages Artificial Intelligence (AI) and Machine Learning (ML) for intelligent automation of application vulnerability scanning and acceleration of application penetration testing. High-Tech Bridge's security experts from our CREST-accredited SOC look for the most complicated application vulnerabilities and attack vectors in instant synchronization and correlation with automated vulnerability scanning. Invented by High-Tech Bridge, this type of hybrid security testing, enhanced with AI/ML, delivers the most comprehensive vulnerability detection rate, continuously reduces human intervention without impacting the quality of testing, and contractually guarantees zero false-positives to every customer.
{{{size}}}       Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Founded in 2002, we have enjoyed a steady history of growth and success, generating $264 million in 2016, with over 5,200 customers and more than 500 partners in 100+ countries worldwide.
IBI Logo.jpg       Founded in 1975, Information Builders continues to deliver state-of-the-art technology that is transforming business in all commercial industries, government, and education. We remain one the largest independent, privately held companies in the software industry. Headquartered above Madison Square Garden in New York, Information Builders operates in more than 60 global locations and has built an active customer base of tens of thousands of major installations at the world's leading organizations. Information Builders is not only a major software supplier to our customers, but also a major provider to the leading software vendors in the industry including HP, IBM, Oracle, SAP, Teradata, and many others. In addition to our commitment to superior software engineering, we are equally proud of our people. Some of the most talented and creative professionals in the industry work at Information Builders and are passionate about what they do. In fact, the professionalism and tenure of our employees is often cited as a major differentiator by our customers. Our reputation for customer service has garnered us the highest honors from “CRM” magazine, the SSPA, and the American Business Awards. Our products and services have received top recognition from independent analyst research firms including Gartner, Forrester, Ventana Research, BARC, Butler, Bloor, and The Data Warehouse Institute (TDWI). Most importantly, our customers have received the most information technology and business awards for their accomplishments. More than 50 of our customers have had their information systems inducted into the Smithsonian Institute for superior information technology achievement through the Computerworld Honors Program.
{{{size}}}       Ipswitch is an IT management software developer for small and medium-sized businesses. The company was founded in 1991 and is headquartered in Burlington, Massachusetts and has operations in Atlanta (Alpharetta) and Augusta, Georgia, American Fork, Utah, Madison, Wisconsin and Galway, Ireland. Ipswitch sells its products directly, as well as through distributors, resellers, and OEMs in the United States, Canada, Latin America, Europe, and the Pacific Rim.
{{{size}}}       IriusRisk makes DevSecOps a reality with its pioneering threat modeling and SDL risk management platform. IriusRisk is a powerful tool to ensure security is woven into the design phase and followed up into production. It operates as a central orchestration point for teams to threat model and manage risk with real-time updates throughout the SDL. Built for integration, simplicity, scale, and speed, IriusRisk is the glue to bind Security, Operations & Development together. IriusRisk is a trusted partner of some of the largest financial institutions in the world and we pride ourselves on being fast to adapt, agile, flexible, responsive and ahead of the curve. IriusRisk operates globally and stands ready to partner with you. Contact us for more information and to request a demo.
{{{size}}}       Johnson Controls is a global diversified technology and industrial leader serving customers in more than 150 countries. Our 130,000 employees create quality products, services, and solutions to optimize energy and operational efficiencies of buildings; lead-acid automotive batteries and advanced batteries for hybrid and electric vehicles; and seating components and systems for automobiles. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. Through our growth strategies and by increasing market share we are committed to delivering value to shareholders and making our customers successful. In 2015, Corporate Responsibility Magazine recognized Johnson Controls as the #14 company in its annual “100 Best Corporate Citizens” list.”
{{{size}}}       Jscrambler is the leader in JavaScript Application Integrity and the only to offer RASP capabilities to your JS applications.As JavaScript becomes the standard for building websites, hybrid mobile applications, or other application types, most of the code is still completely exposed. With Jscrambler you can make your application self-defensive and resilient to both tampering and reverse-engineering attempts. Jscrambler is trusted by hundreds of companies (including Fortune 500) around more than 130 countries and is supported by a team of JS experts.
{{{size}}}       Kenna Security provides a Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna accomplishes this by automating the integration of customer’s vulnerability scan data with exploit intelligence data from multiple sources, including 0-day data. Kenna then analyzes the data against active Internet breaches to identify the most critical threats before hackers can attack.
{{{size}}}       Kiuwan provides an end-to-end Software Analytics platform that offers objective data to make informed decisions to secure, analyze and control the entire SDLC of any application portfolio. With Kiuwan Code Security, the scope in threat mitigation is unparalleled, with over 4000+ custom rules, ability to suppress defects and create tailored action plans while meeting the most stringent industry standard requirements. In constant evolution, it boasts broad language support and integration with Jira, Jenkins, and Github to name but a few of the possibilities brought about by the platform.
{{{size}}}       ‎The Media Trust is on a mission: fixing the internet. To make the internet a healthier, more valuable place for businesses, governments and consumers, The Media Trust’s centralized platform provides real-time visibility and insight into non-compliant activity and threats operating in enterprise website and mobile app environments. With an emphasis on third-party code beyond libraries, the platform identifies all executing code (including code from first, third and nth parties), analyzes its behavior, assesses compliance with company policies, and resolves violating behavior. The ability to manage third-party digital risk helps defend against website breaches which can lead to regulatory fines, revenue loss, and reputational harm.
{{{size}}}       Mercari is a C2C marketplace app that makes it easy for people to safely sell and ship their things. Launched in 2013, it's now among the largest peer-to-peer selling platforms globally. From fashion to toys, shoes to electronics and beyond, Mercari's mission is to ‘create value in a global marketplace where anyone can buy and sell’.
NETSPI Logo 2017 PNG-01.png       NetSPI is a privately held information-security consulting company founded in 2001. By using its consulting team's deep security knowledge and its CorrelatedVM vulnerability management & reporting solution, the company is a trusted advisor to large enterprises. NetSPI provides a range of assessment and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. Clients include large financial services firms, retailers, healthcare organizations and technology companies.
{{{size}}}       Only the NowSecure Platform delivers automated 360-degree coverage of mobile app security testing with the speed and depth modern enterprises require. The world’s most demanding organizations and advanced security teams trust NowSecure to identify the broadest array of security, privacy, and compliance gaps in custom, third-party, and business-critical mobile apps.
Oneconsult 2018 logo.png      ‎ Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1500+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 35+ highly qualified cyber security experts, including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, One consults incident response & IT forensics team supports you with around-the-clock expert assistance (24 h x 365 days). English:


{{{size}}}       Since 1995 we have always developed the most up-to-date and progressive digital solutions designed to empower people. Our mission is to deploy the latest proven technology to deliver unique products with astounding performance. Our Oxford based team are responsible for delivering our full range of services which includes the design, development, hosting, supporting and testing of interactive Web Applications and websites.
{{{size}}}       100 years ago, Panasonic started with a desire to create things with value. Since then, the challenge has continued into various fields including home appliances to realize "A Better Life, A Better World".

Considering product security as part of quality management, we have strived to improve the security of products. Specific activities include threat analysis during the design process, and vulnerability testing before shipment. After shipment, Panasonic PSIRT: Product Security Incident Response Team works to respond to incidents toward a quick resolution. To provide products that our customers can use with peace of mind, we will continue product security initiatives.
{{{size}}}       Ping An Technology (PATech), a wholly-owned subsidiary of Ping An Group, is committed to using AI, intelligent cognition, blockchain, cloud and other cutting-edge technologies to create a new cloud-based human life. PATech is the high-tech core and tech business incubator among Ping An Group, and be responsible for the development and operation of the critical platforms and services for the Group. As an independent entity, with smart technology as a means and smart manufacturing as a blueprint, PATech focuses on the finance, healthcare and smart city areas, applies the technological capabilities certified by international authoritative certifications to actual business scenarios.
{{{size}}}       Rakuten, Inc. and its consolidated subsidiaries and affiliates ("Rakuten Group") are full-line Internet services companies. Since its founding in 1997, Rakuten, Inc. ("Rakuten") has spent a decade evolving its business model centered on e-commerce, to create a market completely new to Japan. The Rakuten Group is focusing on two approaches, in particular, to target growth in the decade to come. The first is to empower people and society through continuous innovation and business operations based on our five concepts of success. The second is to establish a "Rakuten eco-system" which enables us to maximize our customers lifetime value and leverage synergies. Guided by the key phrase "more than Web", the Rakuten Group is taking on the challenge of creating new value by driving convergence between the Internet and traditional "bricks and mortar" businesses.
{{{size}}}       Salt Security makes it safe to innovate by protecting the APIs at the core of every SaaS, web, mobile, microservices and IoT application. Our API Protection Platform is deployed in minutes, and requires no configuration or customization. We use patented behavioral protection to automatically and continuously discover and learn the granular behavior of each unique API to ensure protection. The company was founded in 2016 by alumni of the Israeli Defense Forces (IDF) and serial cybersecurity executives. In 2019 Salt Security was selected as a finalist for the RSA Innovation Sandbox and as the winner of the OWASP Innovation Fair.
{{{size}}}       SCSK provides a full lineup of services to support any area of IT solution required for businesses from system integration to IT infrastructure implementation, IT management, BPO(business process outsourcing), and IT hardware and software sales.In addition, we take advantage of the capability to support a global IT system network for customers including Sumitomo Corporation, aiming for further leaps ahead as a global IT services company.
{{{size}}}       ‎ SecureBrain (A Hitachi Group Company) is a leader in providing software and services to help protect enterprises and their customers against cybercrime including online fraud and malware attacks.

To ensure that our customers are always protected from the latest trend of cybercrime, SecureBrain has its own advanced security research center. Team of security researchers works closely with many Japanese government research agencies to research and develop solutions against the latest cyber threats.
{{{size}}}       Security Journey is the leader in application security education using security belt programs. We guide our clients – many in tech, healthcare, and finance – to building long-term, sustainable application security culture. We incorporate everything you need to deploy and manage an education program.

Our cloud-based platform delivers application security lessons from an ever-growing library of content, provides hands-on, immersive experiments, measures student and organizational growth, rewards student achievements, and transforms an enterprise’s security culture. We promote security awareness organization-wide with learning that is engaging, motivating, and fun. In short, we provide security education developers, testers, and managers love.
{{{size}}}       Secure Code Warrior is a global security company that makes software development better and more secure. Our vision is to empower developers to be the first line of defense in their organization by making security highly visible and providing them with the skills and tools to write secure code from the beginning. We have built a powerful platform that moves the focus from reaction to prevention, training and equipping developers to think and act with a security mindset as they build and verify their skills, gain real-time advice and monitor skill development. Our customers include financial institutions, telecommunications providers and global technology companies in Europe, North America and the Asia Pacific. To learn more, visit
{{{size}}}       Security Compass is a leader in helping customers proactively manage cybersecurity risk without slowing down their business. Offering Advisory Services, Training, and SD Elements, an award-winning policy to procedure platform for security and compliance. Security Compass enables organizations to rapidly and efficiently deliver technology that's secure by design. Security Compass serves some of the world's largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America.
{{{size}}}       Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, CMD+CTRL Cyber Range, is the industry’s only simulated Web site environment designed to build the skills teams need to protect the enterprise where it is most vulnerable – at the application layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit or connect with us on LinkedIn or Twitter.
{{{size}}}       ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution.
{{{size}}}       There are a staggering volume and variety of open source and third-party component parts flowing through every development environment in the world. If properly sourced and managed, these components are a tremendous source of energy for accelerating innovation. If not, they lead directly to security vulnerabilities, licensing risks, enormous rework, and waste. With over 120,000 installations and counting, Sonatype’s Nexus products are helping modern development organizations intelligently source, manage, assemble, and maintain open-source and third-party components, so they can improve the quality, security, and speed of their software supply chains.
{{{size}}}       StackHawk is dynamic application vulnerability scanning built for modern development teams. With simple configuration, easy invocation via docker command, and interpretable results, StackHawk is built for developers to take control of their AppSec. Learn more at
{{{size}}}       Snyk is a developer-first security solution that helps you use open source code and stay secure. Building on its unique vulnerability database, Snyk continuously finds and fixes known vulnerabilities & license violations in open source dependencies and containers. Snyk integrates seamlessly into the developers’ workflow and enables them to own the open source security of their code thus supporting security at scale.
{{{size}}}       SpringCM delivers an innovative document workflow and management platform, powering the leading contract management application. SpringCM empowers companies to become more productive by reducing the time spent managing mission-critical business documents. Intelligent, automated workflows enable document collaboration across an organization from any desktop or mobile device. Delivered through a secure cloud platform, SpringCM’s document and contract management solutions work seamlessly with Salesforce or as a standalone solution. Every day, more than 600 companies use SpringCM to improve customer experience and get more done, faster. For more information about SpringCM, visit
{{{size}}}       Symantec Corporation (NASDAQ: SYMC), the world’s leading cybersecurity company, helps organizations, governments, and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud, and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For more information, please visit
{{{size}}}       Synopsys technology is at the heart of innovations that are changing the way we live and work. The Internet of Things. Autonomous cars. Wearables. Smart medical devices. Secure financial services. Machine learning and computer vision. These breakthroughs are ushering in the era of Smart, Secure Everything―where devices are getting smarter, everything’s connected, and everything must be secure. Powering this new era of technology are advanced silicon chips, which are made even smarter by the remarkable software that drives them. Synopsys is at the forefront of Smart, Secure Everything with the world’s most advanced tools for silicon chip design, verification, IP integration, and application security testing. Our technology helps customers innovate from Silicon to Software, so they can deliver Smart, Secure Everything.
{{{size}}}       tCell moves application security out of the network for cloud-first organizations. Using advanced runtime application self-protection technology, tCell protects applications in-production from XSS, Commandi, SQLi, Account Takeover, and OWASP Top 10 attacks. Whether an organizations’ applications are on-premises or cloud-based, tCell's unique approach makes application security easy.
ThoughtWorks Logo.png       We are a software company and community of passionate, purpose-led individuals. We think disruptively to deliver technology that addresses our clients’ toughest challenges, all while seeking to revolutionize the IT industry and create positive social change. ThoughtWorks' 3,000 professionals serve clients from offices in Australia, Brazil, Canada, China, Ecuador, Germany, India, Italy, Singapore, South Africa, Turkey, Uganda, the United Kingdom, and the United States. ThoughtWorks releases a regular technology radar, a study that looks at the key trends that impact software development and business strategies. The Radar helps companies stay on top of topics that are constantly evolving, such as security, and offers insight and practical tools to build secure systems at every stage of the development process.
{{{size}}}       Twistlock is the most complete, automated and scalable cloud native cybersecurity platform. Trusted by hundreds of customers worldwide, Twistlock uses the strengths of cloud native to provide better security for teams using Docker, Kubernetes, Lambda, Fargate, and other modern technologies.
{{{size}}}       UBsecure is a leading web application security company based in Japan since 2007. We offer various security solutions for web application and smartphone application by utilizing in-house developed application security testing tool, Vex. Vex built by a tremendous amount of experience in professional security scanning and by its continuous feedback. The unique characteristic of the tool is that it used as a stand-alone security testing tool as well as the seamless security testing component within the SDLC. Therefore, Vex is not only for professional security auditors but also for software developers who need secure development cycles. Please visit our site for more information about Vex.
{{{size}}}       Veracode gives companies a comprehensive view of security defects so they can create secure software, and ensure the software they are buying or downloading is free of vulnerabilities. As a result, companies using Veracode are free to boldly innovate, explore, discover, and change the world.
{{{size}}}       Verizon Digital Media Services offers a global, PCI-compliant content delivery network to protect websites, applications and user data at every layer. Integrated with our industry-leading platform, our Cloud Security Solution offers world-class protection, performance and scale to keep your business online. Our network features:
  • An advanced Web Application Firewall (WAF) to protect web applications against attacks
  • Robust DDoS protection with massive capacity to thwart the largest attacks
  • Bot mitigation to defend against automated threats and bad bots
  • Added protection for web servers to defend against direct-to-origin attacks
  • Built-in DNS protection with DNSSEC to prevent injection of fraudulent records
  • A security operations team ready to provide a fully managed security offering

Contact us today to learn more about our Cloud Security Solution or visit us at
{{{size}}}       The Waratek ARMR Platform provides unique protection in the applications runtime environment. This unique security layer provides fast and accurate security in the compilation pipeline, providing protection that becomes part of your application – but never requires changes to source code.

● Instantly apply code equivalent security patches to Java and .NET applications ● Actively secure against the OWASP Top Ten / SANS 25 / Zero-Day vulnerabilities ● Virtually upgrade & secure out-of-support, vulnerable Java applications. All with no source code changes or False Positives.
Wallarm Logo (1).png       Wallarm delivers automated cloud-native application and API security throughout application development and deployment lifecycle.

Wallarm AI-powered Application Security Platform includes FAST for CI/CD-integrated security test automation during development and Advanced WAF attack blocking and vulnerability protection after deployment. Wallarm platform aligns security and development into a unified pipeline:

  1. Detects OWASP Top 10, 0 day and behavioral issues
  2. Provides highly accurate detection based on patent-pending technology
  3. Improves security test coverage by automatically generating and running tests
  4. Automates issue management with deep learning, policies and build in active rechecker
  5. Provide easy-to-manage multi-tenant multi-application unified management platform
{{{size}}}       WhiteHat Security is the leader in application security, enabling businesses to protect critical data, ensure compliance, and manage risk. Through a combination of technology, over a decade of intelligence metrics, and the judgment of people, WhiteHat Security provides complete web security at a scale and accuracy unmatched in the industry.
{{{size}}}       WhiteSource helps software security teams manage open source components used in their products, automatically and continuously. It becomes part of your SDLC and automates the entire process of open source components selection, approval, and management, including finding and fixing vulnerable components.