Collaborate Disseminate
You’d think with all the recent discussion about consent, researchers would more carefully observe ethical boundaries. Yet, a group of researchers from the University of Minnesota not only crossed the line but ran across it, screaming defiantly t… Continue reading University of Minnesota researchers fail to understand consent
Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research reveals. Meanwhile, when asked to rank the importance of security to current project… Continue reading Commercial third party code creating security blind spots
Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security and Cyentia Institute has found. “This data-driven research, built over the c… Continue reading When exploit code precedes a patch, attackers gain a massive head start
As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of factors involved when running sophisticated infrastructures turns this situation into a multidimensional headache with… Continue reading Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools
The TL;DR version of the Infoworld article went something like this: “Companies are shying away from managing their own Kubernetes clusters and more and more, turning to managed Kubernetes solutions” – and I was not surprised. Kubernetes: Complex and e… Continue reading Managing and maturing Kubernetes security in the enterprise
People click on links and attachments and will, unfortunately, keep clicking even if they should know better. They’ll click for the chance of winning a holiday, or even something as cheap as a $2 cup of coffee. No amount of awareness training is going … Continue reading Attackers can teach you to defend your organization against phishing
It is no big secret that infrastructure has changed over the last decade. We went from tools such as autossh, to configuration management, and ended up with Infrastructure as Code (IaC) concepts. We came a long way from racking servers and spinning up … Continue reading Product showcase: Accurics
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift placed significant pressure on developers to push software to market at unprec… Continue reading Digital business requires a security-first mindset
High-level programming languages do a great job of making a programmer’s job easier, but these languages often leave a lot of efficiency on the table as a compromise. While a …read more Continue reading Honey, I Shrunk the Arduino Core
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a significant burden on software developers supporting remote business operations. Deve… Continue reading The growing threat to CI/CD pipelines