Articles Tagged with ''software security''

CSO and software asset management SAM work together for cybersecure environment at the enterprise

CSOs and software asset management teams work together to improve cybersecurity

January 14, 2021

With today’s threat landscape, security and SAM teams need to work together to understand what is installed across network devices and how those are being used for the best asset protection.

Poor-quality software costs US trillions

January 7, 2021

Synopsys, Inc.'s The Cost of Poor Software Quality In the US: A 2020 Report's findings reflect that the cost of poor software quality (CPSQ) in the US in 2020 was approximately $2.08 trillion. This includes poor software quality resulting from software failures, unsuccessful development projects, legacy system problems, technical debt and cybercrime enabled by exploitable weaknesses and vulnerabilities in software.

Culture shift of IT security in agile world

Gerald Pang

December 28, 2020

While the transformation of software development has progressed, the management of information security and risk organization in such environment is not defined and adapted to support such an environment. Based on SAFe Agile Principles by Scaled Agile, this article will suggest 4 culture shift in IT Security organization may consider in order to adapt to the recent trend of Agile Software development.

The 6 stages of a holistic hardware security development lifecycle

Vernetta Dorsey

November 16, 2020

Building security and privacy into product development is more critical today than ever before. First introduced through the Microsoft Trustworthy Computing initiative in the early 2000s, the well-known security development lifecycle (SDL) is a framework designed to do just that. It was originally devised to enhance software security, but an SDL process can and should be applied to all types of products to help root out security and privacy vulnerabilities, while establishing long-term resilience in the rapidly evolving threat landscape.

How to ensure your SaaS solutions are secure

Eric Kaasenbrood

October 20, 2020

But at many businesses, the company security posture hasn’t kept pace with the volume of data flowing to and from multiple SaaS vendors. It’s an urgent issue in an environment where endpoints are proliferating and hacking techniques are getting more sophisticated. That’s why it’s never been more urgent to upgrade the security posture and reduce the risks associated with SaaS solutions.

NSA announces SkillTree, an approach to implementing application training

October 20, 2020

The National Security Agency (NSA) announced the release of SkillTree, an internally-developed open source solution for gamifying user training. SkillTree provides a systematic and interactive way to promote user proficiency of an existing application. The service is based on industry best practices using gamification to provide awareness of tool features, promote best practices, and document user progression and expertise. By reducing an application’s training curve, SkillTree reduces traditional comprehensive training costs while providing a more enjoyable experience for the user.

Anti-cheating software shuts down amid cyber attack

Verificient Technologies' anti-cheating software suffers data breach

October 19, 2020

The company announced news of the breach and decided to shut down the software for maintenance and server upgrades.

Tinker Tailor Business Spy: What entrepreneurs don’t know (that can hurt them)

Craig Singleton

September 28, 2020

As September is National Insider Threat Awareness Month, there is no better time than the present to seriously reconsider how we educate America’s next generation of business leaders about these critical intelligence issues. As we wait on MBA programs to catch up to America’s new geopolitical reality, these are the three most important issues business schools, early stage entrepreneurs, and even seasoned pros should consider as they protect their life’s work.

BSIMM11 study shows fundamental shifts in software security initiatives in response to DevOps & digital transformation

The 11th iteration of the Building Security In Maturity Model reflects how organizations are adapting their software security efforts to support modern software development paradigms

September 17, 2020

Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.

Databases stores, cloud storage and services at risk from exposed access keys

Poor security measures associated with software development puts organizations at risk

September 15, 2020

Digital Shadows revealed new research looking at the growing problem of company access keys inadvertently exposed during software development. Access keys, and their corresponding secrets, are used by developers to authenticate into other systems.

Retail security professionals are facing an increasingly complex array of security challenges — everything from organized retail crime to evolving cyber-physical threats and public safety concerns.