Security Boulevard

OCTOBER 18, 2022

The software supply chain has definitely been in all corners of the news this year, including finance , government , and technology. The post Introducing Our 8th Annual State of the Software Supply Chain Report appeared first on Security Boulevard.

Software 97

Software Data breaches Government Technology 97

Google Security

MARCH 4, 2024

In this post, we share our perspective on memory safety in a comprehensive whitepaper. We'll also highlight our commitments towards implementing several of the solutions outlined in the whitepaper, most recently with a $1,000,000 grant to the Rust Foundation , thereby advancing the development of a robust memory-safe ecosystem.

Software 110

Software Engineering Technology Risk 110

Thales Cloud Protection & Licensing

JANUARY 18, 2022

Understanding Changing Software Delivery Trends and Key Strategies for Growth. State of Software Monetization 2022. The software and software-driven device industry is evolving at breakneck speed, and the stakes have never been higher for software and device vendors entering 2022. Automated software updates.

Software 79

Software Digital transformation Mobile Data collection 79

CyberSecurity Insiders

MAY 5, 2023

By Doug Dooley, COO, Data Theorem The software supply chain has become increasingly complex and dynamic with the rise of cloud computing, open-source software, and third-party software components and APIs. As a result, software supply chain security has emerged as a critical concern for organizations across industries.

Software 80

Software Penetration Testing Mobile Risk 80

Google Security

FEBRUARY 25, 2025

While these advancements are encouraging, achieving comprehensive memory safety across the entire software industry requires more than just individual technological progress: we need to create the right environment and accountability for their widespread adoption. Standardization is key to this.

Software 73

Software Technology Government Architecture 73

Malwarebytes

AUGUST 17, 2021

If you may recall, multiple companies that use SolarWind’s Orion software were reportedly compromised via a supply-chain attack. “We wanted to have that, but we believe after conducting extensive research we came as close as possible to proving it based on the information/evidence available today.”

Ransomware 140

Ransomware Banking Government Malware 140

Security Boulevard

SEPTEMBER 12, 2024

Many companies have already added AI functionality to their software solutions, and many hope to add even more in the coming months. The Cloud Native Computing Foundation (CNCF) recently released a whitepaper that highlights the importance of cloud-native technology and AI as critical technology trends.

Artificial Intelligence 64

Artificial Intelligence Technology Marketing Software 64

Adam Shostack

JULY 8, 2019

“ Safety First For Automated Driving ” is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. One way to read it is that those disciplines have strongly developed safety cultures, which generally do not consider cybersecurity problems.

Risk 140

Risk Architecture Manufacturing Cybersecurity 140

The Last Watchdog

JULY 10, 2023

At Utimaco, we see our role as being not just about creating hardware and software that provides the ‘root of trust in a digital world’, but also communicating to our customers about the social context of that technology. Just decades ago, the internet was something that could only be accessed from large, immobile personal computers.

Identity Theft 189

Identity Theft IoT Banking Internet 189

CSO Magazine

JUNE 30, 2022

This is good, given that organizations are using exponentially more software-as-a-service (SaaS) than infrastructure-as-a-service (IaaS) offerings. That’s why the Cloud Security Alliance (CSA) created the SaaS Governance Best Practices for Cloud Customers whitepaper, for which I was honored to serve as its co-lead.

Government 70

Government Software 70

SecureWorld News

JULY 7, 2020

We sought out to determine how important DevSecOps is within the Software Development Life Cycle (SDLC), the importance of Audits within DevSecOps and the overall impact DevSecOps is having on enterprises. For more stats from the survey results download our Survey Whitepaper. How important is DevSecOps in the SDLC?

Phishing 76

Phishing Software Internet Internet 76

Cisco Security

MARCH 17, 2021

Third-party code reuse can invite untrusted, weak, or malicious software into yours. Microsoft recently reported on a sophisticated attacker group they call Hafnium, which unfortunately exploited on-premises Exchange Server software. MITRE’s description: “Find potentially exploitable software vulnerabilities to remediate them.”.

Architecture 133

Architecture Software Digital transformation Risk 133

Cisco Security

FEBRUARY 17, 2021

According to the city sheriff, someone on the Internet managed to connect to the TeamViewer software that was installed on the workstation used to control the water treatment process. This, and other recommendations, are well described in the whitepaper Cisco recently published on cybersecurity for water utilities. What happened?

Cyber Attacks 117

Cyber Attacks IoT Internet Internet 117

ForAllSecure

FEBRUARY 11, 2021

In software security, competing priorities and long paralyzing vulnerability backlogs are universal. Download the complete whitepaper: How to Address Software Reliability, Security, and Quality Requirements with Fuzz Testing. Download the Whitepaper More Resources. CIA Triad Offers Clarity Amidst the Chaos.

Software 52

Software Authentication Encryption Passwords 52

Security Boulevard

SEPTEMBER 15, 2021

As the economic importance of digital innovation accelerated during the global pandemic, so too did the number of cyber-attacks aimed at exploiting software supply chains. . The post 2021 State of the Software Supply Chain: Open Source Security and Dependency Management Take Center Stage appeared first on Security Boulevard.

Software 59

Software Cyber Attacks 59

Cisco Security

JANUARY 22, 2021

It also covers software development environments and product update/distribution mechanisms. Software Deployment Tools (T1072). Check out our detailed whitepaper that maps all of our solutions to ATT&CK Enterprise, posted to our Cyber Frameworks page. Sounds a bit like the December cyberattack, no? Non-Standard Port (T1571).

Accountability 137

Accountability Firewall Software Risk 137

IT Security Guru

APRIL 15, 2021

Our research found that one in three consumers are extremely lax at updating software, clearing cookies and routinely resetting passwords. To find out more about consumer attitudes and behaviours around security, download our new whitepaper, ‘CISOs under the spotlight ’. Weak cybersecurity is widespread.

Cybersecurity 106

Cybersecurity CISO Passwords Cyber Risk 106

Security Affairs

MARCH 7, 2019

UPnP-enabled devices running outdated software are exposed to a wide range of attacks exploiting known flaws in UPnP libraries. In early 2013, researchers at Rapid7 published an interesting whitepaper entitled “Security Flaws in Universal Plug and Play” that evaluated the global exposure of UPnP-enabled network devices.

Cyber Attacks 107

Cyber Attacks Advertising Firmware Data collection 107

Google Security

MARCH 12, 2021

In 2019, the team responsible for V8, Chrome’s JavaScript engine, published a blog post and whitepaper concluding that such attacks can’t be reliably mitigated at the software level. While the CPU state is rolled back once the misprediction is noticed, this behavior leaves observable side effects which can leak data to an attacker.

Engineering 145

Engineering Architecture Software Firmware 145

CyberSecurity Insiders

JULY 22, 2021

The survey evaluated the opinions of over 1,000 information security professionals, developers and executives in the IT and software development industries. SUNBURST made it absolutely clear that every organization must take urgent, substantive actions to change the way we secure software build pipelines.

Software 40

Software IoT Mobile Risk 40

SC Magazine

MARCH 17, 2021

Number two, the networks have become much more software driven. On top of that move towards software-driven networks is the fact that a lot of software is open source. In fact, well over 90% of all solutions use some level of open-source software. That’s number one. That injects a huge amount of risk.

Telecommunications 87

Telecommunications Wireless Government Risk 87

SecureWorld News

JULY 27, 2023

According to the new Uptycs whitepaper, Detecting the Silent Threat: 'Stealers are Organization Killers' (gated link), a variety of new info stealers have emerged this year, preying on Windows, Linux, and macOS systems. Being cautious when clicking suspicious links • Ensuring all software and browsers are always kept updated"

Malware 91

Malware Social Engineering Passwords Spyware 91

CyberSecurity Insiders

JUNE 22, 2021

Put simply, the foundational technologies 5G will rely on, namely Network Function Virtualisation and Software Defined Networking, will turn many physical network components into software instead. For more information on building a 5G world we can all trust, see our whitepaper here , or tweet us @ThalesDigiSec with your questions.

IoT 101

IoT Mobile Risk Telecommunications 101

ForAllSecure

JUNE 11, 2021

Winning the award in the Publisher's Choice in Application Security validates our mission to make the world's software secure," said David Brumley, CEO of ForAllSecure. "In Download the Whitepaper More Resources. In 2016, we proved that autonomous security was possible by challenging the application security standards.

InfoSec 52

InfoSec Software Cybersecurity 52

ForAllSecure

JUNE 11, 2021

Winning the award in the Publisher's Choice in Application Security validates our mission to make the world's software secure," said David Brumley, CEO of ForAllSecure. "In Download the Whitepaper More Resources. In 2016, we proved that autonomous security was possible by challenging the application security standards.

InfoSec 52

InfoSec Software Cybersecurity 52

Google Security

JUNE 29, 2023

We have multiple partners providing software implementations of the KACLS API that can be used by our customers. More details on KACLS are available in Google Workspace Encryption Whitepaper and CSE reference API. KACLS performs cryptographic operations with encryption keys after validating end-user authentication and authorization.

Encryption 133

Encryption Authentication Engineering Phishing 133

IT Security Guru

APRIL 6, 2021

Together, these differences keep DevOps and security apart, a reality which costs more time and effort when vulnerabilities inevitably arise after a piece of software has already rolled out. Quoting from our Whitepaper: Developer security training is foundational to all the security tracks highlighted in this procedure.

Education 67

Education Technology Government Software 67

CyberSecurity Insiders

MARCH 16, 2021

This includes securing the firmware and software applications of the car using public key infrastructure (PKI) among other tools, key management services and identity issuance. Find out more about vehicle connectivity and cybersecurity in this automotive whitepaper.

Manufacturing 115

Manufacturing IoT Technology Cybersecurity 115

CyberSecurity Insiders

APRIL 21, 2021

Password managers – software that holds all the passwords in a “vault”, requiring a master password to unlock the vault. Identity as a service (IDaaS) is one of the new models, often coupled with software as a service (SaaS). To discover more about CISSP read our whitepaper, 9 Traits You Need to Succeed as a Cybersecurity Leader.

Passwords 89

Passwords Information Security Engineering Authentication 89

ForAllSecure

FEBRUARY 2, 2021

From digital ransoms in the healthcare industry to defective software on airplanes, there are several high-profile security incidents today where the largest cost wasn’t only from the checkbook. Download the Fuzz Testing ROI Framework Whitepaper! Download the Whitepaper More Resources. Lost customers. Want to learn more?

Retail 52

Retail Data breaches Hacking Healthcare 52

Google Security

AUGUST 13, 2024

We also enforce strict software supply chain controls to ensure that only approved and verified code runs in our cloud environment. Keep a lookout for more information about our end-to-end approach to AI privacy in an upcoming whitepaper. Control how you interact with Gemini Apps.

Artificial Intelligence 77

Artificial Intelligence Technology Firmware Engineering 77

Security Affairs

JULY 23, 2018

This attack bypasses all software and microcode patches on our SGX machine” continues the paper. We have already published guidance for developers in the whitepaper, Speculative Execution Side Channel Mitigations. . “an attack against an SGX compartment where a malicious OS pollutes the RSB.

Advertising 74

Advertising Hacking Software 74

Veracode Security

FEBRUARY 24, 2021

Our recent State of Software Security report found that 97 percent of the typical Java application is made up of open source libraries. Our State of Software Security: Open Source Edition report revealed that approximately 42 percent of the third-party code pulled directly by an application developer has a flaw on first scan.

Data breaches 52

Data breaches Software Healthcare Risk 52

Security Boulevard

AUGUST 9, 2022

Whitepaper: Power to the People - Democratizing Automation & AI-Driven Security. Ray’s team has used automation for jobs like reimaging a device after malicious software has been detected and migrating alerts from third-party detection sources into an internal ticketing system. Contenders in the data security ring.

Artificial Intelligence 115

Artificial Intelligence Cybersecurity Accountability Technology 115

NopSec

SEPTEMBER 17, 2013

Mapping Critical Security Controls to Unified VRM We have worked with a number of customers to help address the critical security controls using NopSec’s software-as-a-service, Unified VRM. Many actions can be automated through vulnerability risk management which will result in compliance at dramatically reduced costs.

Risk 40

Risk Engineering Information Security Software 40

SC Magazine

MAY 17, 2021

The researchers presented Monday afternoon at the RSA Conference, to tease a soon-to-be-released whitepaper of their work. The project is based on work Baines did for Europol’s Cyber Crimes Center, Project 2020, which made a similar series of predictions in 2013 targeting last year.

Manufacturing 95

Manufacturing IoT Technology Artificial Intelligence 95

ForAllSecure

JANUARY 12, 2022

Because SAST typically occurs before the software is released, it can be used to prevent vulnerabilities from being introduced during the software development process. Similarly, Software Composition Analysis (SCA) looks at open source code. SAST tools can be used to identify security vulnerabilities in the source code itself.

Software 52

Software Banking Passwords Authentication 52