Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security | Comments Off on Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

 

Multiple bills seek to secure elections: Will they do it?

A number of election security bills and discussion drafts are currently before the House and Senate. If passed, could they really lead to secure elections?

Continue Reading...

Posted in Application Security | Comments Off on Multiple bills seek to secure elections: Will they do it?

 

Synopsys CSO: Cybersecurity Awareness Month lessons need to be applied all year

Synopsys CSO Deirdre Hanford discusses what we learned from Cybersecurity Awareness Month, as well as how to create and mature a software security program.

Continue Reading...

Posted in Application Security, Featured, Software Security Program | Comments Off on Synopsys CSO: Cybersecurity Awareness Month lessons need to be applied all year

 

It’s past time to put passwords out of our misery

No password is secure. With so many password alternatives now available, such as FIDO and passwordless authentication, we can get rid of passwords for good.

Continue Reading...

Posted in Application Security, Software Architecture & Design | Comments Off on It’s past time to put passwords out of our misery

 

Don’t let your supply chain undermine your security

How do you vet the security of third-party software from vendors, partners, and contractors? Follow software supply chain risk management best practices.

Continue Reading...

Posted in Software Security Program | Comments Off on Don’t let your supply chain undermine your security

 

How the 2019 CWE Top 25 can boost your application security

You can use the 2019 CWE Top 25 to help focus your application security efforts. Learn more about this list of the 25 most dangerous software weaknesses.

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on How the 2019 CWE Top 25 can boost your application security

 

Best practices for secure application development

Application security is your best defense against the hackers who want your organization’s data. Here are best practices for secure application development.

Continue Reading...

Posted in Application Security | Comments Off on Best practices for secure application development

 

How to choose application security vendors and tools

Unless you build your own AppSec tools, you need to know how to choose an application security vendor and whether to opt for individual tools or a suite.

Continue Reading...

Posted in Interactive Application Security Testing (IAST), Software Composition Analysis (SCA) | Comments Off on How to choose application security vendors and tools

 

Synopsys CSO Deirdre Hanford champions Cybersecurity Awareness Month

We kick off Cybersecurity Awareness Month with an interview with Deirdre Hanford, CSO at Synopsys, about personal accountability and cyber security.

Continue Reading...

Posted in News & Announcements | Comments Off on Synopsys CSO Deirdre Hanford champions Cybersecurity Awareness Month

 

Hackers needed to defeat hackers

What are ethical hackers, and why do we need them? Ethical hacking allows you to see how your systems might be breached, but it goes far beyond pen testing.

Continue Reading...

Posted in Application Security, Security Training & Awareness | Comments Off on Hackers needed to defeat hackers