Security: Getting Off the Patch

/
There’s a whole lot more to patching than fixing a bug or a vulnerability. Patching doesn't eliminate or reduce harm on its own – it’s only a way to add or take away code. At best it either closes an interactive point or fixes a flaw in an existing operation ... Read More

Security: Getting Off the Patch

/
There’s a whole lot more to patching than fixing a bug or a vulnerability. Patching doesn't eliminate or reduce harm on its own – it’s only a way to add or take away code. At best it either closes an interactive point or fixes a flaw in an existing operation ... Read More

Business and Cybersecurity: The Codependency

/
There are a lot of books and blogs written about how cybersecurity should learn the language of business to be taken seriously, and how we need to learn finance and risk to convince the heads of these mighty nations we call corporations. Yet, they will sink without security. So, shouldn’t ... Read More

Assumptions: The Deadliest Vulnerability

Assumptions are the vulnerability you didn’t see coming. When you use assumptions for security, you’re basically guessing with severe bias. And doing that can leave you with a hole in your security large enough to literally drive a truck through ... Read More

The Innovative New World of Breach Prevention

Do you know the story of the ant and the grasshopper? The point of the story is that you work before you have the problem. We know that in cybersecurity, because when it’s breach o’clock you better be ready. But to get there you need to be like the ant ... Read More

How to Be Vulnerable

This is your first and only class on how to be vulnerable. Based on the strongly believed anecdotal evidence that thinking like the enemy makes you better at fighting enemies, we suggest that thinking like the vulnerability will make you better at fighting vulnerabilities. Because believe you me, you will ... Read More

Your Cybersecurity is Made from Human Suffering

Effort alone just doesn’t cut it anymore for security. There’s not enough time or manpower to do all the securing that needs to be done. But the effort doesn’t disappear - it is shifted over to architecture and analysis ... Read More

Weaponized Authentication

/ / security bloggers network
Just a meager 15 years from now you’ll be slotting a hot code pack into your server which teaches it to be like a person walking down the street in a shady neighborhood. How do I know? Because I’ve been working on it for a few years now. Why wait ... Read More

An Open Letter to Advertising Agencies on Application Security

/ / security bloggers network
If you ever thought that advertising is a dirty business, know that it’s even dirtier than you suspected. With minimal effort, marketers often find exactly what they look for. Whether on other copywriters’ portfolios, popular file-sharing sites, or even on public vendor and company websites, private things are left open ... Read More

The Psychology of Machines

We’re putting machines in charge of more and more things in our lives, even our security. It’s no secret that robots are better at modern cybersecurity than humans are. But on the flip side, they are also better than humans at attacking that security. In this blog, Pete Herzog provides ... Read More
Loading...