CISSP is one of the most prestigious vendor-neutral information systems security leadership certifications. The certification is a credential that signifies its holder possesses professional experience and demonstrates a high level of knowledge across informa...
The ever-increasing popularity and use of smartphones dwarfs that of more conventional computing devices, such as desktop, laptops, tablets and so forth. Here are some numbers to put things in perspective: according to Statista the total number of m...
On May 7, Colonial Pipeline had to shut down its pipelines due to a ransomware attack. Colonial is a major oil pipeline operator in the southern and eastern United States. Its pipelines extend from Texas to New Jersey and reach Louisiana, Mississippi, Alabama...
In early April, numerous sources disclosed discovery of a pool of Facebook records including information on more than 530 million of its users. The leaked information included users’ names, dates of birth, and phone numbers as posted to a website for hackers....
The COVID-19 pandemic drove many companies to rapidly expand their support for remote work. This change was not simply to appease a changing workforce; it was simply to survive. When most of the workforce was suddenly told to stay home, many organizations had...
Data is the new gold. It is a resource that creates and destroys power. With it, individuals, companies, and governments can sway public opinion, gain insight into the competition, and develop the most strategic plans. So it is for this reason that data breac...
One of the obstacles any static analysis tool encounters is the ease with which developers can manage defects that are not pertinent to their development. Oftentimes these “defects” for whatever reason simply do not apply. The most known case of such defects ...
We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true—even inevitable—then cyber crime, by definit...
Application security people, like anyone else, can make mistakes. Hasty actions and bad assumptions lead to a less complete discovery of flaws — or to outright disaster. In the worst case, A clumsy attempt to discover security problems can itself cause a brea...
Returning from Saturday’s LechazoConf 2017, a conference about failures (and successes) of entrepreneurs/startups in Castilla-Leon (and Spain). I enjoyed the conference! Organization was awesome, content was nice, and the lechazo was great (I am from Traspine...
The conversation surrounding application security could go a thousand different directions, technology is a massive landscape after all. For the purposes of this discourse, our focus will be on three particular arms of appsec. Perhaps we could call them the G...
The GDPR is Promoting a Culture Change About Data Privacy The importance and need for security has never been greater, in particular with personal and data security. Among all the great benefits of technology, the internet and the resulting connecti...
App and software breaches can have lasting consequences. They also aren’t going anywhere. Finding vulnerabilities in your app and code early is critical. Maintaining strong security practices during and after development is essential to protecting your business.
