Yes, you read that right! My friends at Bright bought my company, We Hack Purple! Bright makes a DAST (dynamic application security testing tool), and I have been on their advisory board for some time, so we know each other well and have been working together for years. They also just released a brand new tool for the Lucky Framework (crystal programming language), which creates security-focused unit tests, automagically! Trust me, it’s very cool, and there’s more on the way!
As part of this deal, starting immediately, all of the courses from the We Hack Purple Academy will be available in the We Hack Purple Community, for FREE. Yes, you heard that right. Secure coding for everyone!
So what comes next? I plan to work with Bright for the next couple years, creating more content, running the We Hack Purple Community, speaking at conferences and helping to improve the Bright products until they are absolutely spectacular. I will also start on writing my next book, Alice and Bob Learn Secure Coding.
I joined the NeuraLegion Advisory Board because they’re really fun to work with. Gosh, that would make for a short blog post, wouldn’t it?
When I started my quickly failed startup in 2019, Security Sidekick, Bar Hofesh reached out to me to see if he and Gadi Bashvitz could help. I was pleasantly surprised to have several people in my industry reach out to me, and even other small companies reaching out to see how they could help me with my startup. InfoSec is full of kind and generous people, let me tell you.
When I left Microsoft, I had committed to several speaking engagements before I decided to leave, including the 2020 RSA conference, and rather than be in breach of contract with several conferences and potentially ruin my reputation, I completed all of the obligations that I had made while I worked there. But there was a catch: I had to pay for all my travel myself. Bar and Gadi knew this, so they offered me a free place to stay (in San Francisco!!!!!) which I really appreciated. It didn’t work out in the end, but we met up in person for the first time for some Starbucks, and it was awesome.
You know that feeling when you meet someone, and you like them immediately? Bar and I talked nerdy, and Gadi tolerated us. We continued to stay in touch.
Fast forward a few more months and the NeuraLegion tool NexDast was fully developed, and I had started We Hack Purple. We decided we wanted to find an excuse to work together, because we got along so well, and we all feel really passionately about security and changing our industry for the better.
We decided that we would plan a workshop together; I would teach a bunch of cool DevSecOps stuff, we would use Broken Crystals (more on this in another blog post), and demo their product. We made a GitHub action together, we made a workshop together, and of course we found lots of bugs together. It was super, duper fun and a smashing success!
Then Christmas and Hanukkah came, and Gadi called me up. He asked me if I wanted to join their Advisory Board, so we no longer had to make excuses to work together. What could I say? I said yes.
We have so many ideas of fun and awesome things we are going to work on together, to make their product even better, and to give back to the community. In addition to being great people, we also share a commitment to shifting security left and making sure application security is liberated and automated as part of the SDLC, and put in the hands of developers, not just AppSec people.
I’m honored to be on their Advisory Board, and I feel lucky to have the chance to work with such a talented and fun team.