BOOKS & TOOLS

Building Code for Medical Device Software Security
Co-Authored by Tom Brennan, the elements presented start builders of software for medical devices that will reduce the vulnerability of their systems to malicious attacks. Just as codes for physical buildings help their designers and builders create structures that resist threats from fire, wind, water and, in some cases, malicious attacks.​ - Click Here

​Building a Better IR Program (IRP)
Co-Authored by Tom Brennan, This project provides a proactive approach to Incident Response planning. The intended audience of this document includes business owners to security engineers, developers, audit, program managers, law enforcement, and legal counsel. This guidance is intended to guide the reader on topics that need to be part of the plan in your organization, and this includes those responsible for managing the business and technical risk of the entire organization. - Click Here 

​Tactical Threat Modeling
Co-Authored by Tom Brennan, Threat modeling, an essential technique for architecting and designing systems securely. This project leverages insights to offer practical ways to integrate threat modeling better. It is an excellent resource for organizations looking to integrate threat modeling into their development processes and teams. Click Here

​Managing Security Risks Inherent in the Use of Third-party Components
Co-Authored by Tom Brennan, the use of third-party components (TPCs), including open-source software (OSS) or commercial off-the-shelf (COTS) components, has become defacto standard in software development. This project breaks down the process and procedures developers need to test, improve, and quantify the security of third-party components. Click Here

How to HACK Web Applications Manually
Co-Authored by Tom Brennan, the OWASP methodology document about conducting web application security assessments is a pre-requisite for those seeking guidance on classes of attack and how to test for them manually. Click Here

​RFP Criteria
Co-Authoried by Tom Brennan, this project is written to raise visibility for software security-related questions that buyers of services should consider when issuing a request for a quote as an example or in the procurement process. Click Here

IT Checklist
Seeking a checklist to manage your business budget to?  Download this free resource and map your spend to the categories needed to demostrate commerically reasonable security. Click Here

SOFTWARE

SwitchBlade is an open-source program that allows you to perform Denial of Service attacks on web applications. If you are a web app developer, use it to test the stability of your web applications against HTTP Post, Slowloris, and SSL renegotiation attacks. Click Here
PROACTIVERISK
290 W Mt. Pleasant Ave, Suite 11309
Livingston, NJ 07039
☎️ 973-298-1160 | GPS Map

© COPYRIGHT 2025. ALL RIGHTS RESERVED.