Collaborate Disseminate
The recent SolarWinds data breach was so pervasive it sent shivers through the industry. Who exactly was affected? How deep were the incursions? What are the long-term implications? How will this impact critical areas of the global supply chain? The u… Continue reading Mitigating Third-Party Supply Chain Breaches
The recent SolarWinds data breach was so pervasive it sent shivers through the industry. Who exactly was affected? How deep were the incursions? What are the long-term implications? How will this impact critical areas of the global supply chain? The u… Continue reading Mitigating Third-Party Supply Chain Breaches
All systems are go. We have liftoff. Let’s write some CodeXM. If you’ve read the previous two posts, you should come away with a sense that writing a CodeXM checker isn’t rocket science. Let’s put that to the test. In order to g… Continue reading Let’s write a CodeXM checker (it’s not rocket science!)
You may have heard about the zero-day vulnerability in the Tor Browser that was disclosed yesterday. It’s a big deal, and not just because of the ethics of buying and selling undisclosed vulnerabilities. Many people who use Tor Browser do so beca… Continue reading What’s so special about zero-day vulnerabilities?
This is the second post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals. As discussed in the previous blog post, static analysis is more likely to have a significant impac… Continue reading Integrating Coverity static analysis into development workflows
Any effort to overhaul the cyber security of connected medical devices is likely to take considerable time and energy. Given that many of them are made to last decades, securing them while they’re in use can make turning an ocean liner look posit… Continue reading How to help your medical devices meet the UL (and FDA) standard