Software Integrity Blog

Author Archive

Taylor Armerding


Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.

Posts by Taylor Armerding:


Experts talk application security at RSA

We asked a couple of AppSec experts and BSIMM participants about 2019 application security trends, challenges, obstacles, and solutions. Here’s what they said.

Continue Reading...

Posted in Software Security Program


How to protect sensitive data by managing your risk

Want to know how to protect sensitive data? You need a solution to manage risk across your enterprise applications so you can secure them before they go live.

Continue Reading...

Posted in Application Security


The cyber-physical convergence is accelerating—and so are the risks

Cyber-physical attacks are on the rise. As the IoT creeps further into our daily lives, so does the attack surface. What can we do to keep ourselves safe?

Continue Reading...

Posted in IoT Security


Want to secure your apps? Build security in with the right toolchain

Having the right application security toolchain is the most effective way to build security in, which is critical to securing modern apps against attacks.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Software Architecture & Design


Bug bounties: A good tool, but don’t make them the only tool in security

Bug bounty programs are becoming more popular. Do they work? What are the pitfalls of crowdsourcing application security testing? Our experts weigh in.

Continue Reading...

Posted in Web Application Security


The days (and nights) of an ‘always on’ sales engineer

Being an IT sales engineer isn’t as glamorous as it seems—but the satisfaction of solving customer problems and performing well under pressure is unmatched.

Continue Reading...

Posted in Application Security


Tanya Janca at RSA on better AppSec: Play nice with DevOps

The DevOps / security relationship is often tense—but does it have to be? At RSA 2019, Tanya Janca explained how teams can play nice, and why they ought to.

Continue Reading...

Posted in Agile, CI/CD & DevOps


At RSA, it is clear encryption divide is as wide as ever

Selective encryption backdoors don’t work; the laws of mathematics don’t know or care who you are. But the concept was still under intense debate at RSA 2019.

Continue Reading...

Posted in Application Security


Connected cars need better connection to cybersecurity

Even though auto software security is important to the industry, a new report shows that the lack of resources means connected cars can be dangerously unsafe.

Continue Reading...

Posted in Automotive Cyber Security


Advances in healthcare security since the Anthem data breach

The Anthem data breach in 2014–2015 was the largest healthcare data breach ever. But healthcare cyber security has improved since then.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy