April 26, 2024 at 12:37PM Government and security-sensitive firms are requiring software bills of material (SBOMs), listing components of applications. Attackers could exploit this information without sending packets. Larry Pesce warns that publicly accessible SBOMs can expose vulnerabilities. Yet, SBOMs aim to enhance software security, with 60% adoption expected by next year. Pesce advises using … Read more
April 15, 2024 at 11:06AM NightVision, a US-based startup founded in 2022, raised $5.4 million in seed funding from angel investors. The company focuses on application security testing, aiding in the identification and resolution of software security vulnerabilities early in the development lifecycle. Its technology simulates attacks, integrates with development workflows, and enables secure development … Read more
January 18, 2024 at 06:38AM The concept of “secure by design” is crucial in the face of increasing supply chain attacks, with a shift towards proactive security measures. The Cybersecurity and Infrastructure Security Agency (CISA) is pushing for this in software development practices, emphasizing collective responsibility. It involves building security into software from the ground … Read more
November 28, 2023 at 05:40AM The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre have released new guidelines for secure AI system development. The guidelines focus on building security into AI systems but do not impose any rules or regulations on the industry. The guidelines cover secure design, development, … Read more
November 27, 2023 at 06:02PM The US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre have released Guidelines for Secure AI System Development. The guidelines provide an outline for building security into AI systems but do not impose regulations on the industry. The guidelines cover secure design, development, deployment, and … Read more
November 27, 2023 at 02:36AM The U.K., U.S., and 16 other countries have released guidelines for secure AI system development. The guidelines prioritize security outcomes, transparency, accountability, and secure design. The aim is to increase cybersecurity levels, address societal harms and privacy concerns, and allow vulnerability reporting through bug bounty programs. The guidelines cover secure … Read more