Log4j 2 Vulnerability – Practical Advice and What’s Next for Software Supply Chain Security
If you are a cybersecurity or DevOps professional, you have probably had a very hectic 96 hours and probably many more to come. The critical Zero-Day vulnerability (CVE-2021-44228, CVssv3 10.0) in Apache Log4j 2, a popular open source Java-based logging library that is part of many widely used Internet, enterprise ... Read More
The Future of the SBOM
Although it might seem premature to discuss the future of the software bill of materials (SBOM) before they have even gained full use and acceptance in the industry. However, the future of the SBOM is intertwined with the maturity of software security practices and risk management for software reuse and ... Read More
What is an SBOM? A deep dive.
By now, you’ve probably heard the term software bill of materials (SBOM). It’s become the security buzzword of the year. Let’s look a little deeper into the what a SBOM is, what it contains, how it is used and how the industry plans to exchange them ... Read More
Automotive Software Safety and Security Still Needs Improvement
A recent blog post, “Automotive software defects”, from Phil Koopman, Carnegie Mellon professor and author of “Better Embedded Software”, talks about increasing number of software defects in automotive software that are significant safety hazards. The post points out an increase in potentially life-threatening software defects being reported yet there is ... Read More
Securing Industrial Automation and Control Systems Starts in Software Development
Following the IEC 62443 standard for security software development ensures quality, safety and security ... Read More
