Election security requires that voters trust the results. But many U.S. electronic voting systems are clearly insecure, and untrustworthy. What are we doing about it?
Being the most innovative and successful cloud monitoring company on the market, developing new features to production every day, it’s not only crucial to deliver the best user experience, performance and high reliability, but also guarantee the highest SECURITY for our customers. To not let security measures slow down our agile and innovative value creation […]
Most organizations follow common development processes when creating software. Unfortunately, these processes offer little support to construct secure software as they typically identify security defects in the verification (i.e., testing) phase. Fixing defects that late in the software development life cycle (SDLC) is often quite expensive. A better practice is to integrate security activities […]
Posted in Infographic | Comments Off on A journey through the secure software development life cycle phases
Over the past decade, most organizations have established a well-oiled process for software development and maintenance. We refer to this as the software development life cycle (SDLC). However, advancing security threats relating to insecure software have brought the focus to security implementation within the SDLC without hampering quality. Let’s examine a few strategies to implement security […]
Posted in Uncategorized | Comments Off on How to implement security measures without negatively affecting software quality
A major factor for companies, and even industries, failing to develop robust security programs is the perceived start-up cost to carry it out. It can be daunting to take large organizations as inspiration when considering how to implement security measures into the software development life cycle (SDLC). Many of these mature security programs have security […]
Posted in Uncategorized | Comments Off on Learn how to implement security and quality into your firm’s SDLC
The all-too-prevalent attacks against large organizations are often those that you’ll see pop up on the news. However, attackers aren’t neglecting small and medium-sized businesses (SMBs). That’s why every organization, irrespective of its size, needs software security. Wondering how to kick-start a robust software security implementation for your start-up? Here, I’ll discuss several essential factors that […]
Posted in Software Security Initiative (SSI) | Comments Off on Software security essentials every SMB should have
What is the difference between “application security” and “software security”? We examine the question and explain when to use each discipline. The terms “application security” and “software security” are often used interchangeably. However, there is in fact a difference between the two. Information security pioneer Gary McGraw maintains that application security is a reactive approach, taking place […]
The Samsung Galaxy phone hack was not caused by “one bug.” It was due to a chain of several failures, which makes it difficult to say who is at fault and how the Samsung hack could have been avoided. Don’t jump to conclusions! How did the Samsung Galaxy get hacked? Issue 1: Samsung uses a […]
Parsia Hakimian and Stark Riedesel presented Tineola at DEF CON 26 Enterprise blockchain platforms are one of the big questions faced by many corporations, including some of our customers. And when our customers come to us with complex problems, we take their unique situations into consideration and come up with tailored solutions. So when our […]
Wading through the alphabet soup of application security testing tools: A guide to SAST, IAST, DAST, and RASP
Every application security testing tool—SAST, IAST, DAST, and RASP—has its distinct advantages, but you’ll get the best results when you use them together.
Posted in Infographic, Interactive Application Security Testing (IAST), Static Analysis (SAST), Web Application Security | Comments Off on Wading through the alphabet soup of application security testing tools: A guide to SAST, IAST, DAST, and RASP