CISO Thoughts with David Lindner – March 25
CISO Thoughts with David Lindner – March 25
March 28, 2022
Subscribe to the Contrast Blog
By subscribing to our blog you will stay on top of all the latest appsec news and devops best practices. You will also be informed of the latest Contrast product news and exciting application security events.
Insight #1
Insight #2
When it comes to your open source software usage, it is extremely important to pin your libraries to a specific version and not just blindly pull the latest. There have been way too many incidents such as the node-ipc issue that we can prevent by simply pinning to a specific version.
Insight #3
You cannot hack yourself secure. There is no way to have a 100% secure system if that system has any functionality at all. The best approach to secure your environments is to put together a layered approach with appropriate controls to identify, protect, detect, respond, and recover (yes the NIST CSF). Understanding what you have, how you are protecting, what you should be detecting, and how quickly you can respond and recover will always win in the race to being as secure as possible.
*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by David Lindner. Read the original post at: https://www.contrastsecurity.com/security-influencers/ciso-thoughts-with-david-lindner-march-25