Staying Alive in the Application Security Herd

by Cigital on Friday, March 13, 2015

As any animal indigenous to the African savanna knows one doesn’t necessarily need to be the fastest of the pack to survive; they just can’t be last because those at the back of the pack are a prime target for being attacked.  This same herd theory used in the wild can also be applied to… Read More

The Next Generation of Application Security

by Cigital on Tuesday, March 10, 2015

As time progresses, technology adapts to the new age. The most recent display of this evolution is through the ever growing “Internet of Things” (IOT)  where every day items like toasters, toilets, and TVs are given IP addresses and connected to the internet. While many individuals see this as advancing our technology it also increases… Read More

The Correct Way to Handle Risk Management

by Cigital on Friday, February 20, 2015

In his latest SearchSecurity article, Gary McGraw discusses simple guidelines behind attacking risk management, including prioritizing the risks, the amount of risks that can lead to a bigger issue, and the overall practices to make sure your risk management is in strong standing. Risk Management, being “the mature way to think through information security” is… Read More

Cybercrime Attribution is not that Easy

by Cigital on Thursday, February 12, 2015

When looking at cybercrimes and the perpetrators, it is becoming increasingly difficult to identify the true culprits, especially with their capability of making the crime look like it came from a completely different source. With all of the different ways that attackers can cover their tracks, there has been heavy debate on whether this challenge… Read More

8 IT Leaders React to News of the Anthem Hack

by Cigital on Friday, February 6, 2015

On Thursday, February 5, 2015 the world woke to learn of the largest healthcare data breach to date. Approximately 80 million records were accessed and those records contained the following details: name, birthday, social security number, email and phone. In this story on Becker’s Health IT & CIO Review eight security experts share their perspective… Read More

Web Platform Podcast: Application Security is Done The Right Way

by Cigital on Wednesday, February 4, 2015

In the most recent Podcast from The Web Platform, Gary McGraw, CTO at Cigital, tackles the topic of how web developers and software engineers can best secure applications in the world today. During the discussion, they review the best practices, team collaboration techniques, and other components of making applications the most secure. They also provide… Read More

Security Researchers Expose Bugs and Their Vendors

by Cigital on Friday, January 30, 2015

In the day and age where applications are constantly surveyed and found to have bugs, the communication behind reporting them has stirred much controversy, especially in eyes of security researchers. Many firms have done a poor job listening to the individuals who notify them of bugs, which leads not only to frustration  but also leaves… Read More

The Split Views on the 30-Day Data Breach Law

by Cigital on Wednesday, January 14, 2015

This week there has been much conversation around President Obama’s prosed law calling for organizations to publically disclose breaches within a 30-day window. With 47 different laws on the books this would provide uniformity across the states and provide clarity to organizations about what they must do regardless of their or their customers’ locations. Recent… Read More

ADT Magazine: 2015 App Security Predictions and Opinions

by Cigital on Wednesday, January 14, 2015

For the second part of John K. Walters “2015 Enterprise Dev Predictions on Convergence, Security, Automation and Analytics”, article series Cigital CTO, Gary McGraw, informs the IT industry that “even if we got rid of all of the bug problems and all the coding errors, we would still only be solving half the app security… Read More

McGraw Asks Who’s in Charge of Medical Device Security

by Cigital on Monday, December 1, 2014

In his latest SearchSecurity article, Gary McGraw discusses the risks behind medical devices that are deeper than patient data, including patient safety risk and in worst cases, death, which can result in the corruption from devices used to preserve patient life. All of these risks around medical devices are caused by the simple fact that… Read More

Page 1 of 1912345...10...Last »