Software Integrity Blog

Search Results for 'government security'

 

GAO report confirms major gaps in government cybersecurity

The September GAO cybersecurity report stated that there are about 1,000 outstanding recommendations for automotive, military, and IoT security, among others.

Continue Reading...

Posted in Automotive Security, General, Internet of Things

 

Security lessons from the House Oversight and Government Reform Committee

The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.

Continue Reading...

Posted in Data Breach, Open Source Security

 

U.S. government stresses security in procurement and acquisitions

U.S. National Counterintelligence and Security Center (NSCS) will soon supply specific critical U.S. telecommunications, energy and financial organizations with classified supply chain threat reports. Last Thursday, the NSCS released a video highlighting the need for greater security around the supply chain. The video points out that during the Cold War, one could protect secrets by […]

Continue Reading...

Posted in General

 

Experts talk application security at RSA

We asked a couple of AppSec experts and BSIMM participants about 2019 application security trends, challenges, obstacles, and solutions. Here’s what they said.

Continue Reading...

Posted in Maturity Model (BSIMM)

 

The IoT: Still feature rich, security poor

How to prevent IoT hacks: Secure your software before you release it. It’s not that hard. So why aren’t more IoT device manufacturers doing it?

Continue Reading...

Posted in Internet of Things

 

2019 software security predictions

Our experts share their 2019 software security predictions about AI/machine learning, design and standards, cloud adoption, and IoT, routers, and data in transit.

Continue Reading...

Posted in General

 

President’s ‘cybersecurity moonshot’: Transformational or pie in the sky?

Making the internet safe and secure in 10 years isn’t going to be easy, if it’s even possible. And that’s why NSTAC’s new proposal is a cyber security moonshot.

Continue Reading...

Posted in General

 

For sale: voter data, ‘unbowed’ by Florence or ransomware, and binding email security

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Voter records for sale on the dark web, what the ONWASA ransomware attack says about the state of critical infrastructure security, and the government does […]

Continue Reading...

Posted in General

 

Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys

Cyber security jobs are dynamic, stimulating, and in high demand as cyber threats multiply out of control. What can we do to make sure these jobs are filled?

Continue Reading...

Posted in General

 

CVE-2018-11776 and why you need Black Duck Security Advisories

In August I wrote about a new Apache Struts vulnerability that affected Struts 2.3 and Struts 2.5. Apache Struts, an open source framework for developing web applications, is widely used by enterprises worldwide, including (at least at one point in time) the Equifax credit reporting agency. When Equifax did not identify and patch a vulnerable version of […]

Continue Reading...

Posted in Open Source Security