-
Jan 7, 2025 | 
securityboulevard.com | Richi Jennings |Deb Radcliff |Mark Hermeling |George V. Hulme
Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks | | biomedical, biomedical devices, commercial iot security, DNA, DNA Data, Family Tree DNA, Hackable Medical Devices, industrial internet of things, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, internetof things, internetofthings, internte-of-things, Intranet of Things, iot, medical, medical data, medical device, medical device security, Medical Devices,...
-
Sep 25, 2024 | 
securityboulevard.com | Mark Hermeling
Please fill out the form to read this article*** This is a Security Bloggers Network syndicated blog from CodeSecure authored by Mark Hermeling. Read the original post at: https://codesecure.com/learn/what-lurks-in-your-sdk/
-
Sep 11, 2024 | 
securityboulevard.com | Mark Hermeling
We get a lot of questions from our customers around the topic of artificial intelligence in combination with SAST (Static Application Security Testing). Everybody is looking for the next level of efficiency around DevSecOps. With CodeSonar the answer to this is a resounding yes, the reason for this is the elaborate amount of information that CodeSonar provides around SAST findings and the deep integration into CI/CD platforms.
-
Aug 6, 2024 | 
securityboulevard.com | Mark Hermeling
A Software Bill of Material (SBOM) lists the software components that are used in a piece of software. It typically also provides an overview of known vulnerabilities (N-day vulnerabilities) as well as the software licenses that cover the components used.
-
Jul 23, 2024 | 
securityboulevard.com | Mark Hermeling
The ProblemA common coding error in a CrowdStrike Falcon update caused critical system outages around the world starting on Friday July 19 th 2024. The culprit? A Null Pointer Dereference (also known as CWE-476) in a piece of C++ program that ran with privileged access to the Windows operating system. X posters offered all kinds of hypothesis on the specific coding errors and access to Windows that managed to crash systems worldwide to the point of blue screen.
-
Jul 23, 2024 | 
securityboulevard.com | Mark Hermeling |Deb Radcliff |Walter Capitani
By Mark Hermeling,Deb Radcliff,Walter Capitani In a world where software transparency is becoming increasingly critical, CodeSecure is helping lead the charge with the first-ever, Binary Composition Analysis (BCA) Marketplace. With the enforcement of the January 2024 cybersecurity ...
-
Jan 16, 2024 | 
securityboulevard.com | Mark Hermeling
There is lot of talk about Software Bill of Materials (SBOMs) in industry publications, social media, and even the news. Different countries have either already instigated regulations or are in the process. Instead of piling on the why and how let's dive into the topic with a couple of examples. Let's look at some SBOM examples: we will look at some of the snippets from an SBOM from software that I use on a semi-regular basis.
-
Dec 22, 2023 | 
financederivative.com | Mark Hermeling
by Mark Hermeling, CTO, AlveoHeading into 2024, the financial services industry is at the threshold of a transformation driven by technological advancements, especially in artificial intelligence (AI). Here, we highlight our predictions for financial data management, emphasizing the critical roles of AI, cloud computing, enhanced data governance and staff training.
-
Sep 29, 2023 | 
embedded.com | Mark Hermeling
In today’s interconnected world, embedded software security has far-reaching implications. This is particularly so for safety-critical applications in sectors such as automotive and aerospace, where software vulnerabilities can lead to consequences that go far beyond financial losses, including physical harm and loss of life. Ensuring the security of embedded software from the earliest stages of development has become a priority for organizations and is often known as ‘shift feft’.
-
Sep 14, 2023 | 
embeddedcomputing.com | Mark Hermeling
BlogOpenSSL, a fundamental open-source cryptographic library, ensures secure communications across TCP/IP networks. It is widely used for SSL or TLS encryption by applications, systems, and devices worldwide. However, as OpenSSL version 1.1.1 is reaching its end-of-life (EOL) in September 2023, there's growing urgency to migrate to newer versions to avoid another Heartbleed incident, which exposed two-thirds of the world’s web servers to attack.
