In this month’s Computerworld column, Ken delves into the difficulties faced by companies that run app stores. It turns out that vetting apps for security criteria is a really tough problem to solve, and one that’s not likely to happen to any great degree on any of the popular app stores today.

This month in Computerworld, Ken continues to delve into examples of how the security community has failed the everyday computer user. Click here to read more on user base misconceptions regarding e-mail and Web site safety.

In Ken’s February Computer world column, he uses a personal experience to point out how computer security has failed the everyday consumer. Click here to read how this experience further supports his argument for an app store for all users.

Happy New Year! Ever resolve not to repeat mistakes? In January's Computerworld column, Ken discusses IT's 5 big security mistakes that industry never seems to learn from.

Are you an app store fanatic? Click here for Ken's December Computerworld column, where he provides his opinion on the app store model for desktop computers.

Ken's column in November's issue of Computerworld is now available. This month Ken offers his opinion on whether the latest SSL vulnerability can hurt you. Click here to read his column.

In this month's Computerworld, Ken's column discusses why application-layer defenses belong in the applications. Click here to read his column.

Ken has a new monthly column, in Computerworld. Last month’s column discussed vulnerability disclosure, and this month he takes on SQL Injection attacks and how easy they are to prevent.

Ken was recently featured in an OWASP Podcast as part of their ongoing series of podcasts. Click here for a link to the podcast notes.

In Ken’s February column, OWASP: Helping Web Developers Develop Securely, he talks about some of the great work being done at OWASP to help software developers figure out how to write secure web applications.

MITRE’s CWE and the SANS Institute together announced today a list of the 25 most dangerous programming problems. The full story can be found here:

SANS Institute - CWE/SANS TOP 25 Most Dangerous Programming Errors

Ken helped out early on with the effort by reviewing and commenting on early drafts. It’s a useful effort that should help us better understand the major underlying problems in our code today. The list should be a must-read for all software developers.

Ken is quoted in Sharon Gaudin’s latest Computerworld article, Hack forces Twitter into 'full security review'.

This month, Ken takes a look at some of the dangers facing mobile application developers in the iPhone (and other) application gold rush. His column, Security Nightmare in the iPhone App Gold Rush is now up.

In this month’s column, “Safe Online Shopping: a Tech Expert’s Tips,” Ken provides some pointers that end users can take to be secure and confident in their holiday shopping.

In his November column, Ken discusses a major problem that happens far too often in penetration testing: failing to adapt to the language of the audience. If we really want to have penetration testing--or security testing of any kind--affect real change, we need to write to the audience of the software developer, not (just) the IT Security manager. The column can be found here on datamation.

Ken’s October column has hit the web.

This month’s topic was about understanding how users will make use of security features in products, and using that knowledge to make the products better.

Ken was recently a guest on Gary McGraw’s Silver Bullet podcast. The podcast is available for listening or download here.

The topic was on software security, covering many aspects of what is happening in the field today.