Secure by Design – WindowsTechs.com

CISA seeking comments on its ‘secure by design’ guidance

Posted on December 20, 2023 by mbracken

The agency’s request for information on its software security white paper “acknowledges that security by design is not easy,” and that additional comments from manufacturers and other interested parties are needed.

The post CISA seeking comments on its ‘secure by design’ guidance appeared first on CyberScoop.

Continue reading CISA seeking comments on its ‘secure by design’ guidance→

CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model

Posted on December 1, 2023 by Christian Vasquez

Executive assistant director for cybersecurity says the current model “does not account for the capability and the acceleration of the adversaries who we’re up against.”

The post CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model appeared first on CyberScoop.

Continue reading CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model→

Cyber experts applaud the new White House cybersecurity plan

Posted on October 17, 2023 by Jonathan Reed

First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the […]

The post Cyber experts applaud the new White House cybersecurity plan appeared first on Security Intelligence.

Continue reading Cyber experts applaud the new White House cybersecurity plan→

Secure-by-Design: Which Comes First, Code or Security?

Posted on June 7, 2023 by C.J. Haughey

For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price […]

The post Secure-by-Design: Which Comes First, Code or Security? appeared first on Security Intelligence.

Continue reading Secure-by-Design: Which Comes First, Code or Security?→

Secure-by-Design: A 2023 Cybersecurity Prime

Posted on April 18, 2023 by Sue Poremba

The traditional approach to security has been to get the product to market fast and worry about security later. Unfortunately, that approach has never really worked. It puts too much of the cybersecurity responsibilities on the customer and leaves many vulnerabilities primed for exploitation at any point in the supply chain. As cyber threats become […]

The post Secure-by-Design: A 2023 Cybersecurity Prime appeared first on Security Intelligence.

Continue reading Secure-by-Design: A 2023 Cybersecurity Prime→

OWASP Security Knowledge Framework

Posted on March 24, 2020 by Daniel Longest

In this talk (embedded below), brothers Glenn ten Cate and Riccardo ten Cate identify issues in current secure coding practices. They show how to use the Open Web Application Security Project’s security knowledge framework to build apps that… Continue reading OWASP Security Knowledge Framework→

Is a sticky label the answer to the IoT’s security problems?

Posted on May 2, 2019 by John E Dunn

How can IoT security be improved? The UK Government just published new details of its surprising and unfashionable answer. Continue reading Is a sticky label the answer to the IoT’s security problems?→