Software Integrity Blog

Search Results for 'ethical hacking'


Feds consider a ‘hack the FDA’ bug bounty program

Coming on the heels of a successful “Hack the Pentagon” bug bounty program, in which one 18-year old received a $1K prize, the U.S. Federal Government is considering a similar program for healthcare. Last Thursday, Lucia Savage, chief privacy officer at HHS’s Office of the National Coordinator for Health Information Technology, said that the practice […]

Continue Reading...

Posted in Medical Device Security


4 application security skills every expert ought to have

If you’re thinking about becoming an application security professional, you’ve picked an ideal time to enter the field. According to the U.S. Bureau of Labor Statistics, the demand for security experts is expected to grow exponentially through 2022. More importantly, there’s never been a better time to invest in developing application security skills and gaining […]

Continue Reading...

Posted in Security Training, Web Application Security


Is conventional penetration testing enough to secure eCommerce applications?

Can your customers trust you to process their transactions and safeguard their personal information? Can you be sure online sales follow the business rules you’ve put in place? If you are like most eCommerce companies, you’ve been pushing the envelope to create applications that are increasingly easy to use, accessible from any device, and personalized […]

Continue Reading...

Posted in Software Architecture and Design, Web Application Security


SEC getting more aggressive on financial cyber lapses

SEC security measures, or cyber enforcement actions, are powerful incentives for financial institutions to protect investments and data from theft and fraud.

Continue Reading...

Posted in Featured, Financial Services Security, Security Standards and Compliance


Want to close the software security skills gap? Tanya Janca says start mentoring!

Tanya Janca believes that one of the reasons most connected products are insecure from day one is the software security skills gap that comes from developers not learning security in school. Her solution: Those who know should teach those who don’t. Janca discusses mentoring in the software security industry with us. Tanya Janca has no […]

Continue Reading...

Posted in General


Synopsys launches the Fault Injection Podcast

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. Hosts Chris Clark, Principal Security Engineer at Synopsys, and Robert Vamosi, CISSP and Security Strategist at Synopsys, provide a forum for industry experts to talk about software security topics and their intersection with specific verticals such as medical, automotive, and […]

Continue Reading...

Posted in Web Application Security


5 security industry buzzwords we love to hate

Computing security is an interesting space. One of the main aspects that makes it interesting is that there are many security terms that are ambiguous. With some words, we have no idea why we’ve come to use them! While these buzzwords aren’t going away any time soon, here is a list of buzzwords that most of the […]

Continue Reading...

Posted in Cloud Security