Casey Dunham

Independent security consultant focused on application security and education

Network Security Assessments are Not Application Security Assessments

When working with clients, often one of the first things I am asked to discuss is what services I have to offer them. My niche is application security. It is important for me to explain that the type of testing I do is different from what they may have received in the past. Most likely, the client at some point has had a network security assessment or "pentest". I use the term assessment throughout this article. It aligns with what I offer more than other familiar testing terms. I also don't consider the auditing of a network or web application

Starting The Year Fresh

As the end of 2019 came closer, I was starting to be overcome by the feelings of  being all the over the place. Distraction was a daily obstacle. Ethical concerns over my usage of certain platforms was also something on my mind constantly. Within the months leading up to the end of the year I withdrew from a lot of activity on social media and other online discussions. I was contemplating whether or not contributing to some of the work I was doing was really essential to my future plans. Contributing to all of this, burnout was a prime factor.

Why I’m Starting a Blog

For the last couple of years as an independent security consultant, I’ve done quite a bit of writing. I’ve created many secure development courses for Synopsys on topics such as NodeJS, Angular, MongoDB, C/C++, ’ve written articles for other companies through my work with Hit Subscribe, and I’ve delivered bespoke training for clients around the country. However, throughout all of this, I’ve written very little for myself. I put this site up almost a year ago intending to get my own blog off the ground, but for a variety of reasons I just never got

You've successfully subscribed to Casey Dunham!
Could not sign up! Invalid sign up link.