SaaS in the Real World: Who's Responsible to Secure this Data?

When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible...

PTP, IoT & the Norwegian Government

We were privileged to be invited to speak an event in Arendal, Norway yesterday to make the case for IoT regulation. 'Arendalsuka' is the largest political gathering in Norway, an open forum event where the public can interact directly with political leaders, business leaders, entrepreneurs,...

Input validation

DISPUTED Twig before 2.4.4 allows Server-Side Template Injection SSTI via the search searchkey parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it...

HP Facing Class Action Suit For Not Disclosing Printer Vulnerability

A class action lawsuit filed in U.S. District Court in California against Hewlett-Packard could have wide ranging implications for software makers, should the court agree with the plaintiff’s claim that the company violated the state’s consumer protection laws by failing to disclose a serious...

lsof.txt

Date: Thu, 18 Feb 1999 12:24:52 -0500 From: Gene Spafford To: [email protected] Subject: Re: HERT Advisory 002 Buffer overflow in lsof People who publish bugs/exploits that are not being actively exploited before giving the vendor a chance to fix the flaws are clearly grandstanding. They're pa...