A Bootiful Podcast: engineer, CTO, teacher, and pilot Ken Sipe

Hi, Spring fans, JVM enjoyers, and cloud natives! Have I got a treat for you today! We're going to be talking to my longtime pal Ken Sipe. groovy java kotlin go rust spring jvm...

DevOps Dilemma: How Can CISOs Regain Control in the Age of Speed?

Introduction The Colonial Pipeline ransomware attack 2021 and SolarWinds supply chain attack 2020 were pivotal moments in cybersecurity, starting a new challenge for Chief Information Security Officers CISOs. These attacks highlighted the importance of collaboration between CISOs and DevOps teams...

A Bootiful Podcast: Azul Deputy CTO Simon Ritter

Hi, Spring fans! In this week's installment I talk to Azul Deputy CTO Simon Ritter @speakjava, recorded live at Devoxx Belgium 2023!...

Sandstone CTO shares how to assess cyber risk in the cloud

Chaitanya Pinnamanemi discusses how visibility and prioritization are key to securing your digital attack surface and reducing cyber risk...

A Bootiful Podcast: Simon Ritter, Java Champion and deputy CTO at Azul

Hi, Spring fans! In this installment, Josh Long @starbuxman talks to Azul Deputy CTO and Javas own mad scientist and luminary Simon Ritter @speakjava...

A Log4j Retrospective Part 2: Data Exfiltration and Remote Code Execution Exploits

Akamai CTO Charlie Gero shows how the Log4j threat surface could extend to unpatchable embedded and IoT devices...

Gab's CTO Introduced a Critical Vulnerability to the Site

A review of the open source code shows an account under the executive's name made a mistake that could lead to the kind of breach reported this weekend...

The SolarWinds Attack

SolarWinds attack explained by Wiz CTO Ami Luttwak...

LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection

I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability—called Zerologon—that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable t...

CISO Forum 2019: Vulnerability Management, Red Teaming and a career in Information Security abroad

Today, at the very end of 2019, I want to write about the event I attended in April. Sorry for the delay . This doesn't mean that CISO Forum 2019 was not Interesting or I had nothing to share. Not at all! In fact, it was the most inspiring event of the year, and I wanted to make a truly monumenta...

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who've recently re-indicted him on related charges. NiceHash CTO Matjaž "Iserdo...

Former Mozilla CTO Harassed at the US Border

This is a pretty awful story of how Andreas Gal, former Mozilla CTO and US citizen, was detained and threatened at the US border. CBP agents demanded that he unlock his phone and computer. Know your rights when you enter the US. The EFF publishes a handy guide. And if you want to encrypt your...

Security and Artificial Intelligence: Hype vs. Reality

While artificial intelligence and machine learning are far from new, many in security suddenly believe these technologies will transform their business and enable them to detect every cyber threat that comes their way. But instead, the hype may create more problems than it solves. Recently,...

Black Hat Exclusive Video: The IoT Security Threat Looms for Enterprises

IoT devices are everywhere – from connected smart-home gadgets to industrial IoT systems. And it’s not stopping anytime soon – consumer IoT spending is set to reach $62 billion in 2018, making it the fourth largest industry segment, according to market research firm IDC. Many of these IoT devices...

Podcast: How Cities Can Be Security Smart

The smart city industry is projected to be a 400 billion dollar market by 2020, as municipals look at real-world applications for transportation, waste management, and law enforcement. But with that growth comes privacy issues and security risks, Tenable CTO Renaud Deraison told Threatpost’s...

Sit-down with Wallarm CTO, Alex Golovko

I have had a chance to pose a few questions to Alexander Golovko, one of the co-founders of Wallarm and our CTO. Here are Alex’s reflections on Wallarm and some technology trends. How did Wallarm get its start? Ivan Wallarm’s founder has involved me in various projects on and off since 2010. By...

Adobe Patches Seven Critical Vulnerabilities in Flash, AEM

Adobe fixed eight vulnerabilities, seven critical, in Flash Player and its Adobe Experience Manager AEM Forms product as part of a regularly scheduled update Tuesday morning. All seven of the Flash Player bugs can lead to code execution and should be considered critical, according to a security...

Gary McGraw on BSIMM7 and Secure Software Development

Mike Mimoso talks to Cigital CTO and software security pioneer Gary McGraw about the latest results pulled from the Building Security In Maturity Model BSIMM. The framework measures the secure development activities of some of the world’s largest software companies and enterprises and can be used...

Linux Foundation Badge Program Boost Open Source Security

The Linux Foundation says a new Core Infrastructure Initiative CII Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate projects based on security, quality and stability. The CII Best Practices Badge does not issue certificates...

Ed Felten Joins White house as Deputy CTO

Ed Felten, a professor at Princeton University and a well-respected voice on security and privacy issues, is joining the White House as the deputy CTO. In his new role, Felten will be working under Megan Smith, the CTO of the United States and a former Google vice president. Felten has been at...