In a world where the business model is racing to connect everything, security is failing to keep pace. This sets up a dynamic tension within the organization between the network/infrastructure teams and the security teams. … Read more
On Sept. 19, 1980, near the small town of Damascus, Arkansas, someone dropped a socket, and it caused a breach. In terms of breaches, it was nuclear! Paradoxical as it may seem, the story of … Read more
Imagine that under some bizarre set of circumstances, a local high school football team is forced to compete against the New England Patriots. Imagine further that the victory stakes for these teenagers are enormous, perhaps … Read more
In a world with so many AppSec solutions, it can be tricky to decipher your options. For software security testing alone, there are several different options and hundreds of tools to choose from. This article … Read more
We can’t make it from scratch anymore In his TED Talk, “How I built a toaster – from scratch”1, designer Thomas Thwaites demonstrates how our global society stands on the shoulders of giants. Thomas attempted … Read more
In 1889, the New York publisher John Wiley & Sons published an obscure scientific piece by Daniel S. Troy titled The Cosmic Law of Thermal Repulsion: An Essay Suggested by the Projection of a Comet’s … Read more
While the internet has existed for several decades, it’s only in recent years that security has become a popular concern. Cybersecurity tools and products now are a multi-billion dollar industry. Security engineers and executives continue … Read more
The Shift Left principle1 is well known in software and systems development, particularly in relation to testing. It’s the idea of performing test activities earlier in the system development life cycle – developing test cases … Read more
Crowdsourced security programs have grown in popularity to the point where some enterprises have dispensed with traditional pentesting, using the crowdsourced model exclusively for auditing the security of their applications and infrastructure. What is Crowdsourced … Read more
Much of cyber defense today relies on the same approach used in kinetic defense over the last few thousand years. We use hard perimeters (firewalls) to repel attacks, sentries (IDSs) to trigger incident response, and … Read more
