Software Integrity Blog

Search Results for 'infographic'

 

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy, Software Security Program

 

Ask the Experts: Should the US have a data privacy law similar to GDPR?

U.S. data privacy law is a mishmash of federal, state, and industry regulation. Should we enact a single universal federal data privacy law like GDPR?

Continue Reading...

Posted in Software Compliance, Quality & Standards

 

Application security survey at RSA: The good, the bad, and the ugly

Our RSA 2019 survey on the state of application security collected dozens of responses and highlighted some notable trends. Take a look at what we found out.

Continue Reading...

Posted in Application Security

 

Experts talk application security at RSA

We asked a couple of AppSec experts and BSIMM participants about 2019 application security trends, challenges, obstacles, and solutions. Here’s what they said.

Continue Reading...

Posted in Software Security Program

 

Security lessons from the House Oversight and Government Reform Committee

The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.

Continue Reading...

Posted in Data Breach Security, Open Source Security

 

Hard questions raised when a software ‘glitch’ takes down an airliner

The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death.

Continue Reading...

Posted in Software Compliance, Quality & Standards

 

10 critical cloud security threats in 2018 and beyond

Don’t let cloud security threats rain on your parade. Explore our list of the top 10 security risks in cloud computing and what you can do to mitigate them.

Continue Reading...

Posted in Cloud Security

 

Retail joins the BSIMM—finally

This year’s BSIMM newcomer is retail. The concept of retail software security isn’t new, so why is retail late to the BSIMM party? We’ve got some theories.

Continue Reading...

Posted in Software Security Program

 

Security IRL at RSA Conference 2018

We took the opportunity at RSA Conference last month to survey our booth visitors about their organizations’ application security programs. We’ve sponsored and conducted a number of surveys on topics ranging from DevSecOps to open source security to medical device security, but there’s something about collecting feedback from conference attendees in person that really hits home—a glimpse into security IRL, if you will. Taking a look at security IRL Most attendees (78%) reported direct roles in cybersecurity, risk management or software engineering, representing a wide range of industries. Some of the findings were far from unexpected. For example, 40% of respondents cited a lack of skilled security professionals as the biggest challenge in implementing their application security programs. We also found that a startling number of respondents didn’t even know whether their organizations were the target of a cyber attack in the last two years.

Continue Reading...

Posted in Data Breach Security

 

What’s with the security / DevOps disconnect?

We asked 350 enterprise IT professionals about real-world practices in application security, DevOps, and CI/CD. See highlights in our DevSecOps infographic.

Continue Reading...

Posted in Agile, CI/CD & DevOps