Ransomware is Not the Problem
Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.
Arbitrarily powerful software -- applications, operating systems -- is a problem, as is preventing it from running on enterprise systems.
AppSec Pacific Northwest Conference is a free application security conference that will be held Saturday, June 19th. It is a virtual, online event sponsored by the OWASP chapters of Portland, Vancouver, and Victoria.
Expanding on the UK Government's ‘The Uk Code of Practice for Consumer IoT Security’ and how it aligns with Threat Modeling.
Speaking up
Phil Bull presents an interesting, generally convincing, argument in 'Why you can ignore reviews of scientific code by commercial software developers', with a couple of exceptions.
Most of my time, I'm helping organizations develop the skills and discipline to build security in. We give the best advice available, and I recognize that we're early in developing the science around how to build an SDL that works.
For my first blog post of 2020, I want to look at threat modeling machine learning systems.
Recently, I've seen four cybersecurity approaches for medical devices, and we can learn by juxtaposing them.
Just what the title says.
What have we learned and what steps can we take?
Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) from NIST is open for comment.
The road to mediocre writing is paved with over-simplification and distraction.
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
Recently, I was talking to a friend who wasn't aware that I'm consulting, and so I wanted to share a bit about my new life, consulting!
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]
[no description provided]