Debt Metaphor

Start paying down your ‘security debt’ with DevSecOps

Organizations that postpone remediating security issues, or just ignore them, are playing a risky game. But DevSecOps can help reduce your security debt. The post Start paying down your ‘security debt’ with DevSecOps appeared first on Software Integrity Blog ... Read More
Experts: Better IoT security depends on changes in culture, habits

Experts: Better IoT security depends on changes in culture, habits

| | IoT Security
Better IoT security requires a change in consumer culture and habits. But manufacturers should be doing more as well, with better guidance from government. The post Experts: Better IoT security depends on changes in culture, habits appeared first on Software Integrity Blog ... Read More
Want to comply with privacy laws? Start with security

Want to comply with privacy laws? Start with security

How do you comply with privacy laws that haven’t even been enacted yet? Start by securing your software and systems against cyber attacks and data breach. The post Want to comply with privacy laws? Start with security appeared first on Software Integrity Blog ... Read More
PCI DSS compliance isn’t security, but security can boost compliance

PCI DSS compliance isn’t security, but security can boost compliance

The downward trend in organizations passing PCI DSS interim security testing is worrying. PCI DSS compliance requires security every day, not once a year. The post PCI DSS compliance isn’t security, but security can boost compliance appeared first on Software Integrity Blog ... Read More
Privacy still eroding on National Data Privacy Day

Privacy still eroding on National Data Privacy Day

On National Data Privacy Day, we find little has changed in what numerous privacy advocates and experts have called “the golden age of surveillance.” The post Privacy still eroding on National Data Privacy Day appeared first on Software Integrity Blog ... Read More
Why is U.S. infrastructure vulnerable? Its software is vulnerable

Why is U.S. infrastructure vulnerable? Its software is vulnerable

We know that cyber attacks can have physical consequences. How does U.S. critical infrastructure fare in terms of cyber security and resilience to attack? The post Why is U.S. infrastructure vulnerable? Its software is vulnerable appeared first on Software Integrity Blog ... Read More
Social Engineering - Winning SECTF call at DEF CON 25

From video games to government: How to steer clear of social engineering scams

Prevent different types of social engineering attacks, targeting everyone from CEOs to gamers to smart appliance users, with the right training and tools. The post From video games to government: How to steer clear of social engineering scams appeared first on Software Integrity Blog ... Read More
The journey to better medical device security: Still slow, still bumpy

The journey to better medical device security: Still slow, still bumpy

Medical device security is not keeping up with new threats. Among the reasons: funding, delayed initiatives, and a focus on critical service delivery. The post The journey to better medical device security: Still slow, still bumpy appeared first on Software Integrity Blog ... Read More
Consumers, the security of connected toys is pretty much up to you

Consumers, the security of connected toys is pretty much up to you

| | IoT Security
Connected toys, a hot holiday seller, aren’t all fun and games. What questions should buyers be asking about the security and privacy of connected toys? The post Consumers, the security of connected toys is pretty much up to you appeared first on Software Integrity Blog ... Read More
Development Decisions Affect The Security Of Any Application - Tim Mackey - ASW #86

Mackey: Security isn’t ‘front of mind’ in the IoT

| | IoT Security
IoT security isn’t keeping pace with the growth in IoT devices. Apparently, this is still news to many users and creators. What can we do to secure the IoT? The post Mackey: Security isn’t ‘front of mind’ in the IoT appeared first on Software Integrity Blog ... Read More