Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Better passwords in California won’t help much

The new California password law demonstrates lawmakers’ misunderstanding of how connected devices work, how the internet works, and even how passwords work.

Continue Reading...

Posted in IoT Security, Software Compliance, Quality & Standards | Comments Off on Better passwords in California won’t help much

 

Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys

Cyber security jobs are dynamic, stimulating, and in high demand as cyber threats multiply out of control. What can we do to make sure these jobs are filled?

Continue Reading...

Posted in Security Training & Awareness | Comments Off on Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys

 

Make your home both smart and secure | NCSAM at Synopsys

Smart devices are terrifyingly insecure, and industry and government have failed to fix the issue. Here are seven tips to secure your smart home.

Continue Reading...

Posted in IoT Security | Comments Off on Make your home both smart and secure | NCSAM at Synopsys

 

US vows to go on cyber offense

The White House and DoD have said that the U.S. will no longer just defend against cyber attacks. Attackers should expect U.S. cyber offense to be ready.

Continue Reading...

Posted in Application Security | Comments Off on US vows to go on cyber offense

 

BSIMM9: Not a how-to but a roadmap to a better SSI

The BSIMM isn’t a “how to” on developing an SSI. It’s a “what’s happening now” guide, based on SSI activities and tools used at 120 participating companies.

Continue Reading...

Posted in Software Security Program | Comments Off on BSIMM9: Not a how-to but a roadmap to a better SSI

 

How to integrate cloud security into your SSI

Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features.

Continue Reading...

Posted in Cloud Security | Comments Off on How to integrate cloud security into your SSI

 

Things get ‘seriously’ insecure yet again for Facebook

Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.

Continue Reading...

Posted in Data Breach Security | Comments Off on Things get ‘seriously’ insecure yet again for Facebook

 

IAST defined, plus how it is impacting business-critical software

Continue Reading...

Posted in Interactive Application Security Testing (IAST) | Comments Off on IAST defined, plus how it is impacting business-critical software

 

How and why business is migrating to the cloud

Most businesses either have a cloud migration strategy or have already moved. Cloud is simply better than on-premises—and not just because of lower costs.

Continue Reading...

Posted in Cloud Security | Comments Off on How and why business is migrating to the cloud

 

Medical device security improvements coming—but not anytime soon

Will the cyber security of medical devices improve with the FDA’s adoption of UL 2900-2-1? Most devices weren’t designed to be connected to the internet.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security | Comments Off on Medical device security improvements coming—but not anytime soon