On May 7, Colonial Pipeline had to shut down its pipelines due to a ransomware attack. Colonial is a major oil pipeline operator in the southern and eastern United States. Its pipelines extend from Texas to New Jersey and reach Louisiana, Mississippi, Alabama...
In early April, numerous sources disclosed discovery of a pool of Facebook records including information on more than 530 million of its users. The leaked information included users’ names, dates of birth, and phone numbers as posted to a website for hackers....
The COVID-19 pandemic drove many companies to rapidly expand their support for remote work. This change was not simply to appease a changing workforce; it was simply to survive. When most of the workforce was suddenly told to stay home, many organizations had...
Data is the new gold. It is a resource that creates and destroys power. With it, individuals, companies, and governments can sway public opinion, gain insight into the competition, and develop the most strategic plans. So it is for this reason that data breac...
One of the obstacles any static analysis tool encounters is the ease with which developers can manage defects that are not pertinent to their development. Oftentimes these “defects” for whatever reason simply do not apply. The most known case of such defects ...
We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true—even inevitable—then cyber crime, by definit...
Application security people, like anyone else, can make mistakes. Hasty actions and bad assumptions lead to a less complete discovery of flaws — or to outright disaster. In the worst case, A clumsy attempt to discover security problems can itself cause a brea...
Returning from Saturday’s LechazoConf 2017, a conference about failures (and successes) of entrepreneurs/startups in Castilla-Leon (and Spain). I enjoyed the conference! Organization was awesome, content was nice, and the lechazo was great (I am from Traspine...
The conversation surrounding application security could go a thousand different directions, technology is a massive landscape after all. For the purposes of this discourse, our focus will be on three particular arms of appsec. Perhaps we could call them the G...
The GDPR is Promoting a Culture Change About Data Privacy The importance and need for security has never been greater, in particular with personal and data security. Among all the great benefits of technology, the internet and the resulting connecti...
The concept of open source software has shifted considerably from what some enterprises once thought about it. Any negative thoughts then were all misconceptions or not understanding what open source really is. Considering open source software is often free o...
Open source licensing isn’t very complicated as license agreements go. Even so, some people find it confusing, and businesses need to pay close attention to how the licenses work. Making a mistake in one direction can result in legal action. Erring in the oth...
App and software breaches can have lasting consequences. They also aren’t going anywhere. Finding vulnerabilities in your app and code early is critical. Maintaining strong security practices during and after development is essential to protecting your business.