Black Duck by Synopsys announces OpsSight 2.0. Abbott strengthens pacemaker software against vulnerabilities. A year after disclosure, the Struts vulnerability is still a danger to thousands of companies. And the new Synopsys Security Mashup video is up. Software Integrity Insight is your resource on the cyber security and open source security news that made headlines […]
Continue Reading...
Posted in Application Security, Blockchain Security, Containers, DevOps, Medical Device Security, Static Analysis (SAST) | No Comments »
Wednesday, RSA 2018: On any given day, there are more than 150 sessions to choose from here. Good luck getting to even 5% of those. The good news is that attendees can get access to most of the sessions they missed after the fact, since the slide presentations are posted and videos are made of […]
Continue Reading...
Posted in Automotive Security, Medical Device Security, Red Teaming, Security Conference or Event | Comments Off on Behavioral security at RSA Conference 2018
Originally posted on SecurityWeek. I recently had reason to spend an overnight visit in the hospital. When friends and family left me late in the evening I was confronted with a subject that I had considered professionally but never had to face personally: the connected medical device. When software security gets personal The device that […]
Continue Reading...
Posted in Embedded Software Testing, Healthcare Security, Medical Device Security | Comments Off on Sobering thoughts when a connected medical device is connected to you
In a new report, Synopsys found that 67% of medical device manufacturers and 56% of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organization is likely to occur over the next 12 months. The Synopsys report, Medical Device Security: An Industry Under Attack and Unprepared to […]
Continue Reading...
Posted in Application Security, Medical Device Security | Comments Off on Synopsys report finds the medical device industry vulnerable to attack
Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report from Synopsys and the Ponemon Institute on medical device security. You can always join […]
Continue Reading...
Posted in Application Security, Healthcare Security, Medical Device Security | Comments Off on Fault Injection Podcast .001: Paging Dr. McCoy
Howard A. Schmidt, a friend to many in the security community, has died. A statement on his Facebook page says that he died today “in the presence of his wife and four sons … following a long battle with cancer.” Schmidt served as the White House Cybersecurity Advisor to Presidents Barack Obama and George W. […]
Continue Reading...
Posted in Fuzz Testing, Government Security, Medical Device Security, Network Security, Software Security Testing | Comments Off on Howard Schmidt, the United States’ first Cybersecurity Czar, has died
This year’s Medical Device Security 101 Conference is just days away. We’re looking forward to meeting attendees January 15-17 in sunny Lake Buena Vista, Florida. Identify, prevent, recover. We’d like to thank the University of Michigan’s Archimedes Center for Medical Device Security for hosting the two-day educational workshop. This synergistic environment explores how to identify, […]
Continue Reading...
Posted in Healthcare Security, Medical Device Security, Security Conference or Event | Comments Off on What to look forward to at the 2017 Medical Device Security 101 Conference
On Wednesday, Philips named Mike Ahmadi, Global Director of Critical Systems Security for Synopsys Software Integrity Group, to its Responsible Disclosure Hall of Honors. Responsible Disclosure, also known as Coordinated Vulnerability Disclosure, means that the first reporter of a new vulnerability has chosen to work with the vendor to demonstrate the validity of the finding […]
Continue Reading...
Posted in Medical Device Security | Comments Off on Philips honors Synopsys researcher with responsible disclosure honor
On Monday, St. Jude Medical said that it planned to set up its own medical advisory board focused on cyber-security issues affecting patient care and safety. According to the Reuters news service, the U.S. Food and Drug Administration has started an investigation into the company’s medical devices after a report in August from short-seller Muddy […]
Continue Reading...
Posted in Healthcare Security, Medical Device Security | Comments Off on St. Jude plans cyber security medical advisory board
They say that laughter is the best medicine. Dr. Kevin Fu, one of the first security researchers to test medical devices, took to the stage at this year’s CodenomiCON for a short, standup comedy routine. Nothing was safe. Fu talked about himself and about recent politics. And of course he also made fun of cybersecurity. […]
Continue Reading...
Posted in Medical Device Security, Security Conference or Event | Comments Off on The comedic stylings of Dr. Kevin Fu
