Edward Bonver

Location
Greater Los Angeles Area
Industry
Computer & Network Security

As a LinkedIn member, you'll join 300 million other professionals who are sharing connections, ideas, and opportunities.

  • See who you and Edward Bonver know in common
  • Get introduced to Edward Bonver
  • Contact Edward Bonver directly

View Edward's full profile

Edward Bonver's Overview

Connections

500+ connections

Edward Bonver's Languages

  • Russian

Edward Bonver's Publications

  • Practices for Secure Development of Cloud Applications

    • SAFECode, Cloud Security Alliance
    • December 5, 2013
    Authors: Bryan Sullivan, Said Tabet, Edward Bonver, Judith Furlong, Steve Orrin,

    SAFECode and CSA partnered to determine what software security guidance was needed to address unique threats to the cloud computing, and if so, to identify specific security practices in the context of identified threats. This whitepaper is intended to help readers better understand and implement best practices for secure cloud software development.

  • Guidance for Agile Practitioners

    • SAFECode
    • July 17, 2012
    Authors: Vishal Asthana, Izar Tarandach, Niall O'Donoghue, Bryan Sullivan, Mikko Saario, Reeny Sondhi, Edward Bonver, Matthew Coles

    This paper provides practical software security guidance to Agile practitioners in the form of security-focused stories and security tasks they can easily integrate into their Agile-based development environments. SAFECode has also made available quick reference guides from the paper for download.

  • Developing and Retaining a Security Testing Mindset

    • IEEE Security & Privacy
    • September 2008
    Authors: Edward Bonver, Michael Cohen

    Developing a security testing mindset is a hard task. Moreover, as hard as it is to develop it, it's just as hard to retain it and effectively apply it during testing. The authors discuss what it takes to conduct successful software security testing, primarily by describing how to develop a security testing mindset, retain it, and effectively apply it. In particular, they explore the different roles and processes an organization needs to maintain a high level of security assurance.

  • Security Testing of Internal Tools

    • IEEE Security & Privacy
    • January 2008
    Authors: Edward Bonver

    As the software industry continues to mature, software companies are realizing that they must dedicate more resources to quality assurance (QA) processes. But even though security testing as part of an overall QA process for products shipped to customers is starting to gain acceptance in the software industry as a necessity, the majority of software vendors pay little to no attention to the security of the tools they use internally. In this article, the author explore why testing (security testing in particular) on internal tools should be incorporated into the QA process. In short, a responsible software company shouldn't produce insecure software, regardless of whether this software is meant for internal use only.

Edward Bonver's Skills & Expertise

  1. Operating System Development
  2. Unix
  3. Testing
  4. Application Security
  5. Security
  6. Network Security
  7. Software Engineering
  8. Computer Security
  9. Firewalls
  10. Linux
  11. Device Drivers
  12. Software Development
  13. SNMP
  14. Distributed Systems
  15. Networking
  16. Software Design
  17. Operating Systems
  18. TCP/IP
  19. Embedded Systems
  20. High Availability
  21. C
  22. Scalability
  23. CISSP
  24. Information Security Management
  25. Enterprise Architecture
  26. Virtualization
  27. Cloud Computing
  28. PKI
  29. Information Security
  30. Vulnerability Assessment
  31. Web Application Security
  32. System Architecture
  33. Penetration Testing
  34. Cryptography
  35. Identity Management
  36. C++
  37. Object Oriented Design
  38. Java
  39. Enterprise Software
  40. Debugging
  41. Agile Methodologies
  42. Internet Security
  43. Encryption
  44. Architecture

View All (44) Skills View Fewer Skills

Edward Bonver's Patents

  • Secure browser

    • United States Patent 8,051,478
    • Issued November 1, 2011

    A secure browsing manager intercepts load calls, and determines whether intercepted load calls are attempting to load code into the browser. When the secure browsing manager detects that a load call is attempting to load code into the browser, it determines whether that code is trusted. The secure browsing manager processes the attempt to load the code into the browser according to whether or not the code is trusted. If the secure browsing manager determines that the code is trusted, it allows the code to be loaded into the browser, thereby securely allowing the benefits of loaded code. If the secure browsing manager determines that the code is not trusted, it blocks the attempt to load the code into the browser, or alternatively takes other actions, such as allowing the code to be loaded into the browser, but blocking certain user initiated activity.

Viewers of this profile also viewed...