Strong Crypto LLC

has provided world class software security training and services to organizations with critical applications since 2006. We have offices in Northern Virginia and Washington, DC and specialize in working with the US Federal government and Fortune 500 clients in industries such as health care, finance, and real estate.

The CSSLP Prep Guide
The CSSLP™ - Certified Secure Software Lifecycle Professional is a new certification that incorporates government standards and best practices for secure software development. [Read More]


About the Author
Alexander J. Fry is the founder and principal security consultant at Strong Crypto LLC.
[Read More]
Available at Amazon.com
image of SAMM software seurity flow chart

Code Auditor's Corner

CSSLP Deconstructed Available for Download

I gave a presentation at ISSA-NOVA on January 21, 2010 entitled the “The CSSLP Deconstructed”. The slides provide an introduction for the new CSSLP credential and also : describe each of the seven domains of the CSSLP diagram the overlap of the CSSLP with other security certifications discuss security certification in general, if you should pursue the CSSLP, [...]

04/19/10 4:29 am

OWASP Haiti Relief Effort

OWASP has created an “OWASP for Charities” project. They set up a secure and trusted way for those within the OWASP community to donate funds to help the people of Haiti. The following is the e-mail announcing the effort that was posted to the OWASP mailing list: OWASP Members and Supporters, OWASP was founded, and is supported [...]

01/22/10 4:33 am

Seven Domains Of The CSSLP

Here are descriptions for the seven domains of the CSSLP for my presentation at ISSA-NOVA on January 21, 2010: Secure Software Concepts – the fundamental knowledge for understanding the security implications of software development, and the mechanisms to impose security constraints on the behavior, use, and content of a software system. This includes security design and [...]

01/18/10 9:34 am

Tools Are No Silver Bullet

People sometimes ask me how effective and where to apply a software security tool so I thought I would publish a few ideas on the subject. First, there are so silver bullet solutions for application security; tools play a role, but most tools have a greater impact if used earlier in the software development lifecycle. [...]

12/09/09 2:53 pm

Welcome To the Code Auditor’s Corner Blog

The Code Auditor’s Corner is a place to discuss the security issues that I typically encounter while auditing software applications. I also want to share my philosophy on how security should be approached in software development, and many other topics including: the attacker’s perspective auditing source code tools and techniques to facilitate secure programming software security education and training the [...]

09/30/09 9:20 am

Web Development by Wandzilak Web Design - SEO by Mr. Web Guru