Given the recent number of high profile vulnerabilities like Heartbleed many organizations are taking a critical look at their application security programs to determine if what they are doing is enough. The reality is many firms stick with traditional security practices incapable of finding deeper or complex issues. A fundamental way organizations can improve their… Read More
Data brokers collect data from numerous sources for everyone in the US. It is alarming how much data is collected and the potential for security breaches, particularly from wearable devices. Recently our Paco Hope, shared his thoughts on wearable security with Teena Hammond of TechRepublic. Article excerpt: Paco Hope, principal consultant at Cigital, said that… Read More
Do you know someone that has created a piano from fruits and vegetables? Or built a game controller from Play-doh, instead of buying one from the store? I do. Thanks to the Cyberjutsu Girl’s* Graduation, an event sponsored by Cigital, I spent a Saturday with an extraordinary set of 9-16 year old girls who created… Read More
Earlier today a 19-year-old Austrian programmer realized using “&hearts” makes a “♥” symbol in the coding language HTML used on the web. This discovery made it possible to insert program commands via tweet. A security flaw in TweetDeck, made it possible for tens of thousands of TweetDeck users to unwittingly send a line of code… Read More
Not only will we be exhibiting at OWASP AppSec Europe this month, but members of our team will also be conducting two days of training and delivering two talks during the conference. Visit the AppSec EU website to learn more about the agenda and use registration code EU10_CGTL to save an additional £60 (for members) or £54 (non-members) on your registration fee. We look… Read More
We’re busy gearing up for a busy spring! After meeting some lovely folks at e-Crime Congress in London last week we’re heading to Boston, MA and Bloomington, IN. If you are in or around those areas join us for one of our talks or just a quick hello! SecureWorld Boston | March 25 – 26… Read More
Join us on Wednesday, March 12 from 1:00 – 2:00PM EDT to learn more about Ruby on Rails security features, how to use them and how to avoid breaking them.
How can business leaders guarantee that they won’t be the next headline security breach? How should companies even start to address software security? Watch the HP Discover Performance Weekly video featuring Cigital CTO, Dr. Gary McGraw, to find out.
Cigital @theWhiteboard is an exciting new eLearning offering from Cigital that combines live instructor-led content and electronic delivery. This month’s free session, led by Cigital iCTO John Steven, focuses on Secure Password Storage. The subject of Secure Password Storage will be broken into two sessions. The first session will cover the fundamentals of secure password… Read More
Software is in such a vulnerable state today. Most systems and networks were poorly designed and built from the start, which makes them even more difficult to defend against cyberwar, cyberespionage, and cybercrime attacks. We need to design and implement things to be more secure in the first place. Unfortunately, this is not the prevailing… Read More