Ted Harrington

Ted Harrington is the #1 best-selling author of "HACKABLE: How to Do Application Security Right," and the Executive Partner at Independent Security Evaluators (ISE), the company of ethical hackers famous for hacking cars, medical devices, web applications, and password managers. He’s helped hundreds of companies fix tens of thousands of security vulnerabilities, including Google, Amazon, and Netflix. Ted has been featured in more than 100 media outlets, including The Wall Street Journal, Financial Times, and Forbes. His team founded and organizes IoT Village, an event whose hacking contest is a three-time DEF CON Black Badge winner. He hosts the Tech Done Different podcast.

To get help with security consulting and security assessments, or to book Ted to keynote your next event, visit https://www.tedharrington.com.

Ted Harrington

How to find the perfect security partner for your company

Not all advisors are created equal, so you’ll want to choose carefully and consider a variety of factors.

Security gives your company a competitive advantage

When you properly secure your software system and then can prove it, you obtain a competitive advantage that helps you earn trust and win sales.

3 major flaws of the black-box approach to security testing

By understanding the methodology’s three primary flaws, you and your security team can be more effective in protecting your company’s assets.

Can bug bounty programs replace dedicated security testing?

Bug bounty programs don’t replace the need for a security consulting company that you work directly with for your security testing program. 

The 7 steps of ethical hacking

To beat hackers at their own game, you need to think like them.

What is penetration testing, anyway?

The most commonly referenced type of security testing is “penetration testing.” That has become a catchall term, and, unfortunately, it’s misleading. 

Is your company testing security often enough?

Security is an ongoing process: you’ll need to regularly reassess your system for vulnerabilities.

Why your company should prioritize security vulnerabilities by severity

You want a system in place to grade severity so you know where to focus your efforts, and in what order.

There’s no such thing as “done” with application security

Technology evolves so quickly that it requires you to constantly revisit your security to stay ahead of new vulnerabilities.

Understanding hackers: The insider threat

Companies often think of attackers as something that comes from the outside, yet overlook the far more dangerous threat: attackers from within.

Understanding hackers: The 5 primary types of external attackers

In order to defend, it’s important to understand who the attacker is and what motivates them.

Want to improve the security of your application? Think like a hacker

Explore the assumptions you’ve made about your application, and try to get the system to respond in ways it isn’t supposed to.