Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Threats obvious, but electronic voting systems remain insecure

Election security requires that voters trust the results. But many U.S. electronic voting systems are clearly insecure, and untrustworthy. What are we doing about it?

Continue Reading...

Posted in Application Security | Comments Off on Threats obvious, but electronic voting systems remain insecure

 

Rachel Tobac explains how ‘polite paranoia’ can derail social engineering attacks

Rachel Tobac thinks people are the first line of cyber security defense, not the weakest link. She talks about social engineering attacks and how to be “politely paranoid” with us.

Continue Reading...

Posted in Security Training & Awareness | Comments Off on Rachel Tobac explains how ‘polite paranoia’ can derail social engineering attacks

 

‘Cyber Pearl Harbor’ unlikely, but critical infrastructure needs a major upgrade | NCSAM at Synopsys

Officials have warned for decades of a “cyber Pearl Harbor” or “cyber 9/11” kind of attack on the nation’s critical infrastructure. Yet no attack has come. It’s either because our attackers can’t do it or haven’t really wanted to so far—and “can’t” seems less likely every day. Are we prepared for what’s next?

Continue Reading...

Posted in Application Security | Comments Off on ‘Cyber Pearl Harbor’ unlikely, but critical infrastructure needs a major upgrade | NCSAM at Synopsys

 

Cooking up digital privacy, indecent (data) exposure, and just another zero-day

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Cook calls for digital privacy laws, user data exposed in the Wife Lovers hack, and just another Windows zero-day. Watch this week’s episode here:

Continue Reading...

Posted in Data Breach Security | Comments Off on Cooking up digital privacy, indecent (data) exposure, and just another zero-day

 

Want to close the software security skills gap? Tanya Janca says start mentoring!

Tanya Janca believes that those who know should teach those who don’t. She discusses mentoring in the software security industry with us.

Continue Reading...

Posted in Security Training & Awareness | Comments Off on Want to close the software security skills gap? Tanya Janca says start mentoring!

 

Lance Spitzner: How to secure the human operating system | NCSAM at Synopsys

It’s everyone’s job to ensure online safety at work. Lance Spitzner, director at SANS Security Awareness, tells us how to secure the human operating system.

Continue Reading...

Posted in Security Training & Awareness | Comments Off on Lance Spitzner: How to secure the human operating system | NCSAM at Synopsys

 

For sale: voter data, ‘unbowed’ by Florence or ransomware, and binding email security

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Voter records for sale on the dark web, what the ONWASA ransomware attack says about the state of critical infrastructure security, and the government does DMARC adoption right. Watch this week’s episode here:

Continue Reading...

Posted in Application Security | Comments Off on For sale: voter data, ‘unbowed’ by Florence or ransomware, and binding email security

 

Retail joins the BSIMM—finally

This year’s BSIMM newcomer is retail. The concept of retail software security isn’t new, so why is retail late to the BSIMM party? We’ve got some theories.

Continue Reading...

Posted in Software Security Program | Comments Off on Retail joins the BSIMM—finally

 

Better passwords in California won’t help much

The new California password law demonstrates lawmakers’ misunderstanding of how connected devices work, how the internet works, and even how passwords work.

Continue Reading...

Posted in IoT Security, Software Compliance, Quality & Standards | Comments Off on Better passwords in California won’t help much

 

Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys

Cyber security jobs are dynamic, stimulating, and in high demand as cyber threats multiply out of control. What can we do to make sure these jobs are filled?

Continue Reading...

Posted in Security Training & Awareness | Comments Off on Cyber security: Not just ‘a’ job but many jobs of the future | NCSAM at Synopsys