Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Connected cars: Security and privacy are both trust hurdles

The world is clamoring for connected vehicles, even with their persistent cyber security and privacy issues. What does the future of V2X have in store?

Continue Reading...

Posted in Automotive Security | Comments Off on Connected cars: Security and privacy are both trust hurdles

 

Application security survey at RSA: The good, the bad, and the ugly

Our RSA 2019 survey on the state of application security collected dozens of responses and highlighted some notable trends. Take a look at what we found out.

Continue Reading...

Posted in Featured, General | Comments Off on Application security survey at RSA: The good, the bad, and the ugly

 

Experts talk application security at RSA

We asked a couple of AppSec experts and BSIMM participants about 2019 application security trends, challenges, obstacles, and solutions. Here’s what they said.

Continue Reading...

Posted in Maturity Model (BSIMM) | Comments Off on Experts talk application security at RSA

 

How to protect sensitive data by managing your risk

Want to know how to protect sensitive data? You need a solution to manage risk across your enterprise applications so you can secure them before they go live.

Continue Reading...

Posted in General | Comments Off on How to protect sensitive data by managing your risk

 

The cyber-physical convergence is accelerating—and so are the risks

Cyber-physical attacks are on the rise. As the IoT creeps further into our daily lives, so does the attack surface. What can we do to keep ourselves safe?

Continue Reading...

Posted in Internet of Things | Comments Off on The cyber-physical convergence is accelerating—and so are the risks

 

Want to secure your apps? Build security in with the right toolchain

Having the right application security toolchain is the most effective way to build security in, which is critical to securing modern apps against attacks.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Software Architecture and Design | Comments Off on Want to secure your apps? Build security in with the right toolchain

 

Bug bounties: A good tool, but don’t make them the only tool in security

Bug bounty programs are becoming more popular. Do they work? What are the pitfalls of crowdsourcing application security testing? Our experts weigh in.

Continue Reading...

Posted in Web Application Security | Comments Off on Bug bounties: A good tool, but don’t make them the only tool in security

 

The days (and nights) of an ‘always on’ sales engineer

Being an IT sales engineer isn’t as glamorous as it seems—but the satisfaction of solving customer problems and performing well under pressure is unmatched.

Continue Reading...

Posted in General | Comments Off on The days (and nights) of an ‘always on’ sales engineer

 

Tanya Janca at RSA on better AppSec: Play nice with DevOps

The DevOps and security relationship is often tense—but does it have to be? At RSA 2019, Tanya Janca explained how teams can play nice, and why they ought to.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on Tanya Janca at RSA on better AppSec: Play nice with DevOps

 

At RSA, it is clear encryption divide is as wide as ever

Selective encryption backdoors don’t work; the laws of mathematics don’t know or care who you are. But the concept was still under intense debate at RSA 2019.

Continue Reading...

Posted in General | Comments Off on At RSA, it is clear encryption divide is as wide as ever