Cigital News
13 security myths you’ll hear — but should you believe?
13 security myths you’ll hear — but should you believe? They’re “security myths,” oft-repeated and generally accepted notions about IT security that arguably are simply not true — in order words, it’s just a myth. Gary McGraw and other security experts share their favorite “security myths.” Read More
Romanian police arrest alleged hacker in Pentagon, NASA breaches
Romanian police arrest alleged hacker in Pentagon, NASA breaches Cigital CTO Gary McGraw comments on Razvan Manole Cernaianu being accused of revealing security holes and publishing information about SQL injection vulnerabilities in Pentagon and NASA. Read More
OWASP/ISSA Threat Modeling Seminar with John Steven
February 9: John Steven will provide half-day seminar on Threat Modeling at OWASP Austin
Software [In]security: vBSIMM Take Two (BSIMM for Vendors Revised)
Software [In]security: vBSIMM Take Two (BSIMM for Vendors Revised) Gary McGraw and Sammy Migues introduce a revised, compact version of the BSIMM for vendors called vBSIMM, which can be thought of as a foundational security control for vendor management of third-party software providers. Read More
TROOPERS – The IT Security Conference
March 19-23: Gary McGraw keynote at Troopers – The IT Security Conference
Gary McGraw at Tufts University
February 1: Gary McGraw speaking at Tufts University
Pentagon-funded games would crowdsource weapons testing
CTO Gary McGraw featured in NextGov article on Pentagon-funded games
Microsoft security–you’ve come a long way, baby
CTO Gary McGraw featured in CNET
White House Launches Electric Industry Security Maturity Model Program
BSIMM mentioned in Threatpost
Software [In]security: BSIMM versus SAFECode and Other Kaiju Cinema
Software [In]security: BSIMM versus SAFECode and Other Kaiju Cinema Gary McGraw and Sammy Migues clarify the intended use of the Building Security In Maturity Model (BSIMM) and compare it to the SAFECode Practices methodology. Read More
