Software Integrity

Search Results for 'insider threat'

 

Ex-CIA employee insider threat, FlightTrader24 hack, and RedHat licenses

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup episode. What’s in this week’s Security Mashup episode, you ask? Ex-CIA employee insider threat and how he was outed, insight into the FlightTrader24 hack, and what you need to know about the RedHat […]

Continue Reading...

Posted in Data Breach, Government Security, Open Source Security, Weekly Security Mashup | Comments Off on Ex-CIA employee insider threat, FlightTrader24 hack, and RedHat licenses

 

10 critical cloud security threats in 2018 and beyond

Explore 10 critical cloud security threats: data breaches, human error, data loss, insider threats, DDoS attacks, insecure APIs, exploits, account hijacking, APTs, and CPU flaws.

Continue Reading...

Posted in Cloud Security, Infographic | Comments Off on 10 critical cloud security threats in 2018 and beyond

 

For sale: voter data, ‘unbowed’ by Florence or ransomware, and binding email security

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Voter records for sale on the dark web, what the ONWASA ransomware attack says about the state of critical infrastructure security, and the government does […]

Continue Reading...

Posted in Weekly Security Mashup | Comments Off on For sale: voter data, ‘unbowed’ by Florence or ransomware, and binding email security

 

Creating a secure SDLC, solving open source’s biggest problem, government unprepared for cyber attacks

The cyber security and open source security news that made headlines this week! Synopsys: Changing our culture to follow a secure software development life cycle Case Study: Like members of many other development teams, Synopsys’ own engineers initially resisted anything that might slow developer productivity. However, their reluctance to adopt security practices during development was […]

Continue Reading...

Posted in Open Source Security | Comments Off on Creating a secure SDLC, solving open source’s biggest problem, government unprepared for cyber attacks

 

Blockchain security and the cryptocurrency boom, Part 1: Theory

Thanks to Bitcoin, it’s fair to say that “blockchain” is a buzzword at the moment—like DevOps, or Zumba. This article isn’t going to dive into what a blockchain is, because many others out there already do that. Here’s a pretty good one that has a snappy description of the evolution of Bitcoin and its symbiotic […]

Continue Reading...

Posted in Financial Services Security | Comments Off on Blockchain security and the cryptocurrency boom, Part 1: Theory

 

Top cyber security trends of 2016

As we near the end of 2016, it’s time to reflect on some of the biggest security issues that we saw this year. 2016 was an interesting year in which many security issues came into focus. We saw many attacks with a goal of financial gain. We saw nation-states threatening cyber attacks around the US election. And, […]

Continue Reading...

Posted in Data Breach | Comments Off on Top cyber security trends of 2016

 

If you’re only as strong as your allies, should you trust third-party code?

Originally posted on SecurityWeek Doing business is a highly interactive endeavor and software is increasingly at the heart of those interactions. Agility becomes a key component of staying competitive, so organizations are seeking allies to help them obtain the software they need to stay in the race. Notice I said “obtain” rather than “build” or […]

Continue Reading...

Posted in Open Source Security, Software Security Initiative (SSI) | Comments Off on If you’re only as strong as your allies, should you trust third-party code?

 

3 security risks that architecture analysis can resolve

Verizon performs an annual assessment of a large sample of breaches and attacks that take place all over the world and analyzes the most common problems and key areas which lead to major attacks. In this article, we discuss three specific security incident patterns from Verizon’s report and how architecture analysis assessments can help organizations […]

Continue Reading...

Posted in Software Architecture and Design, Web Application Security | Comments Off on 3 security risks that architecture analysis can resolve

 

Detection strategies to unmask the source of malicious code

Let’s imagine you discover a string of suspicious code within one of your applications. Perhaps a routine scan by your application testing team finds a point of interest that indicates malcode, such as a time bomb or backdoor, has been inserted by a malicious insider within your software supply chain. First, you breathe a huge […]

Continue Reading...

Posted in Software Architecture and Design | Comments Off on Detection strategies to unmask the source of malicious code

 

How to integrate cloud security into your SSI

Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features. What is also true now, given that the large majority of organizations have already migrated or are planning to migrate some or all of their […]

Continue Reading...

Posted in Cloud Security | Comments Off on How to integrate cloud security into your SSI