Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Report: Financial services can do cyber security better with the right tools

The financial services industry is falling behind in cyber security. A new report shows where organizations should focus their software security efforts.

Continue Reading...

Posted in Financial Cyber Security | Comments Off on Report: Financial services can do cyber security better with the right tools

 

Apollo 11 software lessons still relevant today

What did Apollo 11 teach us about software development? Coding practices have changed since 1969, but the lessons learned from the moon mission still hold.

Continue Reading...

Posted in Software Compliance, Quality & Standards | Comments Off on Apollo 11 software lessons still relevant today

 

Securing software development: NIST joins the parade

The NIST Secure Software Development Framework (SSDF) is the latest standard aimed at improving software security. Can its novel approach help it succeed?

Continue Reading...

Posted in Software Security Program | Comments Off on Securing software development: NIST joins the parade

 

Why hackers are targeting your web apps (and how to stop them)

How do you protect your web apps from hackers? Forget firewalls. You need an AppSec toolbelt, including software composition analysis and automated testing.

Continue Reading...

Posted in Web Application Security | Comments Off on Why hackers are targeting your web apps (and how to stop them)

 

Patch now or pay later: Report

To prevent data breaches, practice these two fundamentals: shift left (perform application security testing early and often in your SDLC), and always patch.

Continue Reading...

Posted in Data Breach Security | Comments Off on Patch now or pay later: Report

 

It’s not just you they’re after—it’s your supply chain too

Supply chain attacks are not new. But as the supply chain grows longer and more complex, the attacks are evolving to keep up. Is your supply chain secure?

Continue Reading...

Posted in Software Security Program | Comments Off on It’s not just you they’re after—it’s your supply chain too

 

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy, Software Security Program | Comments Off on More medical mega-breaches thanks to third-party insecurity

 

You’re using open source software, and you need to keep track of it

How should you track open source? It’s almost definitely in your codebase, so the question is not whether to track it but what could happen if you don’t.

Continue Reading...

Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on You’re using open source software, and you need to keep track of it

 

Top 4 website security tips for development and hosting

If you design, develop, or host websites for SMBs, your clients are trusting you to keep their data secure. Here are our top 4 website security tips.

Continue Reading...

Posted in Web Application Security | Comments Off on Top 4 website security tips for development and hosting

 

It’s not just autonomous cars of the future that need security

The future of secure autonomous vehicles starts today. But the auto industry has to overcome some challenges, like shifting left and building security in.

Continue Reading...

Posted in Automotive Cyber Security | Comments Off on It’s not just autonomous cars of the future that need security