Insights from our practitioners across the field of software security.
Our expert in medical device security and DFIR, Vee Schmitt, takes a critical look at the recently-released guidance on medical device security from the FDA.
Vee Schmitt
DFIR & Devices Expert
Benjamin Franklin said that three people can keep a secret only if two of them are dead. If you want to keep your teammates around, let's look at safely handling secrets.
Toby Irvine
Product Security Expert
The IT industry takes simple practices and turns them into monstrous delivery methods with little of the original left. We'll wind back to see what's really going on.
Toby Irvine
Product Security Expert
Analogies are terrible, but the factory one has shown some use in software engineering. Let's gird our analogous loins and take a look at how we secure this digital factory.
Toby Irvine
Product Security Expert
So you wanna hack an API? Let's analyse an API using the OWASP API Security Top 10 to guide our effort and hack it, together. Maybe we'll capture some flags while we're at it?
Grant Ongers
CISO & Community Leader
It can be hard to know how to change your ways of working to be more secure. Here we look at the types of security controls and what monkeys can teach us about processes.
Toby Irvine
Product Security Expert
Your security team is overloaded. There are barely enough hours in the day to keep up with incoming requests, let alone improve ways of working. What's the cause of this?
Toby Irvine
Product Security Expert
The internet is a scary place. Thankfully we've got all our services on a private network and only accessible over a dedicated link. That's more secure, right? Right? Oh no...
Toby Irvine
Product Security Expert
We specifically requested that things must be secure. It's detailed at length in our security policies and standards on Sharepoint. Why aren't things more secure?
Toby Irvine
Product Security Expert
Your instinct for safety isn't necessarily correct. Delivering slowly isn't more secure, it's fearful, and if you're afraid of changing a system then the system is not secure
Toby Irvine
Product Security Expert
In this article we explore the concepts of quality and culture within an organisation. And, in a startling break with tradition, actually define what they are and how to change them
Toby Irvine
Product Security Expert
It's hard to manage product security if all you have is a lagging indicator of it. Reacting to data breaches is not planning ahead. How do you know that things are being built securely?
Toby Irvine
Product Security Expert
We'd love to hear from you. Let's start your journey to world-class secure software product delivery today!
