Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

How to improve software security testing in the auto industry

In the automotive industry, security is safety. And auto software security testing, like all security testing, needs to shift left to be effective.

Continue Reading...

Posted in Automotive Cyber Security

 

New software standards aim to slow rampant credit card theft

With the new PCI standards, the Payment Card Industry Security Standards Council intends to reduce credit card fraud. But the new standards may not be enough.

Continue Reading...

Posted in Financial Cyber Security, Software Compliance, Quality & Standards

 

More resources needed to improve connected car security

Connected car security is a priority of the automotive industry, according to a recent report. But the shortage of resources and skills is a challenge.

Continue Reading...

Posted in Automotive Cyber Security

 

The IoT: Still feature rich, security poor

How to prevent IoT hacks: Secure your software before you release it. It’s not that hard. So why aren’t more IoT device manufacturers doing it?

Continue Reading...

Posted in IoT Security

 

Study shows security challenges in the auto industry

Automotive cyber security is a high-stakes endeavor, as software vulnerabilities in connected cars can threaten lives. A new report reveals industry concerns.

Continue Reading...

Posted in Automotive Cyber Security, Webinars

 

The future of open source software: More of everything

The past decade charts the reach of open source into every industry. But what does the future of open source hold? Here are some open source predictions.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security

 

Throwback Thursday: Whatever happened to Stuxnet?

Whatever happened to Stuxnet? Since it destroyed hundreds of centrifuges at a nuclear enrichment facility in Iran in 2010, the worm’s been quiet—but not idle.

Continue Reading...

Posted in Application Security

 

GAO report confirms major gaps in government cybersecurity

The September GAO cybersecurity report stated that there are about 1,000 outstanding recommendations for automotive, military, and IoT security, among others.

Continue Reading...

Posted in Automotive Cyber Security, IoT Security

 

Can we please drive passwords into extinction now?

Passwords are antiquated and insecure. It’s time to eliminate them altogether. Experts from FIDO explain how to enable authentication without passwords.

Continue Reading...

Posted in Application Security

 

SEC getting more aggressive on financial cyber lapses

SEC security measures, or cyber enforcement actions, are powerful incentives for financial institutions to protect investments and data from theft and fraud.

Continue Reading...

Posted in Financial Cyber Security, Software Compliance, Quality & Standards