Collaborate Disseminate
This article was originally published in Forbes. As one of the endless number of acronyms in the software security industry, IAST doesn’t have much going for it—it’s awkward to pronounce and it’s hard to guess what it stands for… Continue reading IAST defined, plus how it is impacting business-critical software
It might not be the best thing to have your head in the clouds. But it has become a very good thing, or at least a very popular thing, to have your business in the cloud—multiple surveys confirm it. Druva, a cloud data management and security com… Continue reading How and why business is migrating to the cloud
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Porous payment portals l… Continue reading Porous portals, Newegg is a broken egg, and Mirai’s creators have new hats
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Dude, don’t take m… Continue reading Tesla key fob issues, Tor Browser zero-day woes, and you’ve got malware!
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? CamuBot malware is the n… Continue reading CamuBot malware, SonarSnoop hacking, and government backdoors
According to privacy advocates, Google has a problem with truth in labeling. No, not about its surreptitious tracking of users who have turned their Location History off, which has sucked up most of the headline space over the past few weeks. This is a… Continue reading Gmail Confidential? Not so much
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Fixing the CVE program, … Continue reading Fixing the CVE program, your personal data checking out and taking flight
“Leaky” is almost never a good thing. The whole idea, in just about any case, is to make things that don’t leak and to plug things that do. And that’s true of cyber security, as demonstrated by a couple of recent incidents invol… Continue reading These hacks brought to you by ‘leaky’ APIs
“You can pay (a little) now or you can pay (a lot) later” is a very old line—a pitch for oil filters almost 40 years ago. Unfortunately, it remains relevant in cyber security, especially when it comes to ransomware. And especially whe… Continue reading SamSam ransomware keeps striking—victims still unprepared
Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup. What’s in this week’s Security Mashup, you ask? Not a real hack, but may… Continue reading A test hack, don’t let Ghostscript haunt you, and a helpful hacker