Make your home both smart and secure | NCSAM at Synopsys
The original version of this article was published in Forbes.
Posted in IoT Security | Comments Off on Make your home both smart and secure | NCSAM at Synopsys
Taylor Armerding
Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.
Posts by Taylor Armerding:
Remote robbery, an ‘IT incident’ (not a breach?), and face-off on privacy
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.
What’s in this week’s Security Mashup, you ask?
Remote robbery by Hidden Cobra, a breach by any other name, and facing down the Fourth and Fifth Amendments. Watch this week’s episode here:
Posted in Application Security | Comments Off on Remote robbery, an ‘IT incident’ (not a breach?), and face-off on privacy
US vows to go on cyber offense
The White House and DoD have said that the U.S. will no longer just defend against cyber attacks. Attackers should expect U.S. cyber offense to be ready.
Posted in Application Security | Comments Off on US vows to go on cyber offense
BSIMM9: Not a how-to but a roadmap to a better SSI
The BSIMM isn’t a “how to” on developing an SSI. It’s a “what’s happening now” guide, based on SSI activities and tools used at 120 participating companies.
Posted in Software Security Program | Comments Off on BSIMM9: Not a how-to but a roadmap to a better SSI
How to integrate cloud security into your SSI
Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features.
Posted in Cloud Security | Comments Off on How to integrate cloud security into your SSI
Open season on open source, Infinite Campus limited by DDoS, and Mojave’s a bad apple
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.
What’s in this week’s Security Mashup, you ask?
It’s open season on enterprise open source, the Infinite Campus DDoS attack takes the company to its limits, and a Mojave zero-day vulnerability makes that macOS a bad apple. Watch this week’s episode here:
Posted in Open Source Security | Comments Off on Open season on open source, Infinite Campus limited by DDoS, and Mojave’s a bad apple
Things get ‘seriously’ insecure yet again for Facebook
Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.
Posted in Data Breach Security | Comments Off on Things get ‘seriously’ insecure yet again for Facebook
IAST defined, plus how it is impacting business-critical software
Posted in Interactive Application Security Testing (IAST) | Comments Off on IAST defined, plus how it is impacting business-critical software
How and why business is migrating to the cloud
Most businesses either have a cloud migration strategy or have already moved. Cloud is simply better than on-premises—and not just because of lower costs.
Posted in Cloud Security | Comments Off on How and why business is migrating to the cloud
Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.
What’s in this week’s Security Mashup, you ask?
Porous payment portals lead to government data breaches, Magecart pwns Newegg, and the Mirai creators trade in their black hats for white ones. Watch this week’s episode here:
Posted in Data Breach Security | Comments Off on Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats
Remote robbery, an ‘IT incident’ (not a breach?), and face-off on privacy
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Remote robbery by Hidden Cobra, a breach by any other name, and facing down the Fourth and Fifth Amendments. Watch this week’s episode here:
Posted in Application Security | Comments Off on Remote robbery, an ‘IT incident’ (not a breach?), and face-off on privacy
US vows to go on cyber offense
The White House and DoD have said that the U.S. will no longer just defend against cyber attacks. Attackers should expect U.S. cyber offense to be ready.
Posted in Application Security | Comments Off on US vows to go on cyber offense
BSIMM9: Not a how-to but a roadmap to a better SSI
The BSIMM isn’t a “how to” on developing an SSI. It’s a “what’s happening now” guide, based on SSI activities and tools used at 120 participating companies.
Posted in Software Security Program | Comments Off on BSIMM9: Not a how-to but a roadmap to a better SSI
How to integrate cloud security into your SSI
Every organization that develops or integrates software needs a software security initiative (SSI)—that has been true for years. Security is, or ought to be, as important as function and features.
Posted in Cloud Security | Comments Off on How to integrate cloud security into your SSI
Open season on open source, Infinite Campus limited by DDoS, and Mojave’s a bad apple
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? It’s open season on enterprise open source, the Infinite Campus DDoS attack takes the company to its limits, and a Mojave zero-day vulnerability makes that macOS a bad apple. Watch this week’s episode here:
Posted in Open Source Security | Comments Off on Open season on open source, Infinite Campus limited by DDoS, and Mojave’s a bad apple
Things get ‘seriously’ insecure yet again for Facebook
Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.
Posted in Data Breach Security | Comments Off on Things get ‘seriously’ insecure yet again for Facebook
IAST defined, plus how it is impacting business-critical software
Posted in Interactive Application Security Testing (IAST) | Comments Off on IAST defined, plus how it is impacting business-critical software
How and why business is migrating to the cloud
Most businesses either have a cloud migration strategy or have already moved. Cloud is simply better than on-premises—and not just because of lower costs.
Posted in Cloud Security | Comments Off on How and why business is migrating to the cloud
Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Porous payment portals lead to government data breaches, Magecart pwns Newegg, and the Mirai creators trade in their black hats for white ones. Watch this week’s episode here:
Posted in Data Breach Security | Comments Off on Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats
