Software Integrity Blog

Archive for the 'Internet of Things' Category

 

Duck Talks: 20 billion reasons for IoT security

If you haven’t figured it out, at Black Duck by Synopsys we are quackers about security (I can’t resist a good duck pun!). In fact, it’s one of our favorite subjects — so much that we are launching this new video series.

Continue Reading...

Posted in Internet of Things, Webinars | Comments Off on Duck Talks: 20 billion reasons for IoT security

 

Open source banking, 2018 CISO Report, GDPR looming

Cybercriminals are expected to extend their threat deeper into ransomware and IoT. In a just-released report, Synopsys examines the four “tribes” of CISOs, and the characteristics of each.  A link to the complimentary report is below. And with the GDPR going into force in just four months, businesses are scrambling for compliance.

Continue Reading...

Posted in Internet of Things, Open Source Security, Security Standards and Compliance | Comments Off on Open source banking, 2018 CISO Report, GDPR looming

 

What you need to know about BlueBorne Bluetooth flaws

As of Sept. 12, 2017, much of the code vulnerable to BlueBorne Bluetooth attacks remains unpatched. Learn what you can do to secure your code.

Continue Reading...

Posted in Fuzz Testing, Internet of Things, Static Analysis (SAST) | Comments Off on What you need to know about BlueBorne Bluetooth flaws

 

IoT security: Where there is smoke, there is fire

Originally posted on SecurityWeek.  We have collectively heard the saying, “where there is smoke, there is fire” throughout our lives. And, sure enough, it is true far more often than it is false. I have been seeing a lot of smoke lately, so I suspect that there is an interesting fire burning. First, the smoke […]

Continue Reading...

Posted in Internet of Things | Comments Off on IoT security: Where there is smoke, there is fire

 

How will new IoT legislation strengthen the future of cyber security?

New legislation proposed this month in U.S. Congress seeks to mitigate the risk of botnets commandeering Internet of Things (IoT) devices used in the U.S. government. The Internet of Things Cybersecurity Improvement Act of 2017 is a proposal from Sens. Mark R. Warner (D-Va.) and Cory Gardner (R-Colo.), co-chairs of the Senate Cybersecurity Caucus, along […]

Continue Reading...

Posted in General, Internet of Things | Comments Off on How will new IoT legislation strengthen the future of cyber security?

 

Black Hat USA and DEF CON 2017: And that’s a wrap!

Another week of InfoSec in the desert is history. Black Hat USA started as the Black Hat Briefings in 1997, and has remained mostly corporate. It grew out of the hacker-friendly environment of DEF CON which started as a going away party for a friend of the founder, Jeff Moss, in 1993. Together, the two […]

Continue Reading...

Posted in Fuzz Testing, General, Internet of Things | Comments Off on Black Hat USA and DEF CON 2017: And that’s a wrap!

 

How do Internet of Things devices impact retail security?

You’ve probably come across article headlines about parents facing the headache-inducing consequences of their children placing orders online. We’ve reached the day when it has become so easy to shop online that toddlers can (and do) place successful internet orders. In fact, earlier this year, a San Diego news station reported a story about a […]

Continue Reading...

Posted in Internet of Things | Comments Off on How do Internet of Things devices impact retail security?

 

Devil’s Ivy security vulnerability leaves IoT devices at risk

A vulnerability in a single software component, found in an internet-connected security camera, may leave thousands of different security camera models (and other Internet of Things devices) at risk. But Devil’s Ivy and other such flaws can be avoided with effective software supply chain management. On Tuesday, IoT researchers at Senrio disclosed a hackable flaw […]

Continue Reading...

Posted in Internet of Things, Software Composition Analysis | Comments Off on Devil’s Ivy security vulnerability leaves IoT devices at risk

 

Fault Injection Podcast .004: Driving automotive software security

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about automotive software security and the future of connected cars. You can always join the discussion by sending […]

Continue Reading...

Posted in Automotive Security, General, Internet of Things, Security Standards and Compliance | Comments Off on Fault Injection Podcast .004: Driving automotive software security

 

The countdown to codenomi-con USA 2017 is on!

Join the Synopsys team as we host the world’s most exclusive cybersecurity event at the House of Blues inside of Mandalay Bay in Las Vegas on Tuesday, July 25. In addition to an evening of networking and entertainment, our thought leadership program will include presentations on DevOps security, IoT, and building security into your SDLC. […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, General, Internet of Things | Comments Off on The countdown to codenomi-con USA 2017 is on!