Application and Cybersecurity Blog | Security Innovation
6,493 FOLLOWERS
Security Innovation is a global provider of application security & cryptography solutions. The company helps build internal security expertise, reduce application risk, and improve the process by which applications are built.
Application and Cybersecurity Blog | Security Innovation
3w ago
March 1st kicks off Women's History Month in the U.S., which was launched in 1987 as a celebration of women’s contributions to history, culture, and society. To celebrate, we're highlighting women who were pioneers in the field of cybersecurity.
Their contributions in the areas of coding, analysis, pattern matching, and computing laid the foundation for today's cyber defenses. These ladies were rocking code before the internet was invented ..read more
Application and Cybersecurity Blog | Security Innovation
1M ago
Q1 CMD+CTRL UPDATE: 2 NEW COURSES AND 9 NEW LABS
Security Innovation is proud to add two new courses and nine new labs to the CMD+CTRL training catalog for Q1 2024. Concentrating primarily on AI Privacy and Risk, .NET Programming, Secure Android Development, Secure Coding labs based on CWE Top 25 vulnerabilities, and Host Vulnerability Scanning. All new content will be available to learners on February 14, 2024 ..read more
Application and Cybersecurity Blog | Security Innovation
3M ago
This is a 2-part series where we'll explore vulnerabilities in systems that use Trusted Platform Modules (TPMs) for disk encryption, exposing the risks of unverified initramfs images and bus sniffing attacks.
In this article, we'll look at how disk encryption uses the initramfs and you'll see why using PCR 9 is so important for properly securing a system ..read more
Application and Cybersecurity Blog | Security Innovation
3M ago
In my previous post, I explained how TPM disk encryption works and how simply including PCR 9 fixes a relatively major security hole in many setups. This time I'm looking at a hardware attack, bus sniffing. This attack also works against Windows BitLocker, although the solution can't be implemented on Windows unless you happen to work at Microsoft ..read more
Application and Cybersecurity Blog | Security Innovation
3M ago
Mobile development is under pressure to incorporate more rigorous security measures into apps, while the demand for continuous development is unrelenting. Although DevSecOps typically addresses enterprise, web, and cloud application development, it can work for mobile app development, too ..read more
Application and Cybersecurity Blog | Security Innovation
5M ago
Q4 CMD+CTRL UPDATE: 3 NEW COURSES AND 10 NEW LABS
Security Innovation is proud to add thirteen new courses and labs to the CMD+CTRL training catalog for Q4 2023. Concentrating primarily on alternative development methods, the next generation of Web Application Firewall, Secure Coding labs based on CWE Top 25 vulnerabilities, and MITRE ATT&CK® Enterprise Techniques and Mitigations; all new content will be available to learners on October 17, 2023 ..read more
Application and Cybersecurity Blog | Security Innovation
6M ago
Four Steps to Help You Tackle AppSec Training—and Succeed
Teams across the SDLC are grappling with resource constraints, accumulated technical debt, skills gaps, and tight deadlines. Even though developers are on the front lines in preventing vulnerabilities, designing and implementing security training programs to stay ahead of threats can be challenging ..read more
Application and Cybersecurity Blog | Security Innovation
6M ago
How to Rock Cybersecurity Awareness Month 2023 marks 20 years of Cybersecurity Awareness Month!
Cybersecurity Awareness Month was launched by the National Cybersecurity Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 to communicate the importance of cybersecurity and help consumers stay safe online ..read more
Application and Cybersecurity Blog | Security Innovation
6M ago
The old-school phone whistling is back!
Well, almost, but this audio below isn’t that far off.
On July 13th, we discovered an interesting vulnerability. A particular webpage was tracking digital radio chatter and it would display a running log of what its station was hearing ..read more
Application and Cybersecurity Blog | Security Innovation
6M ago
How to Rock Cybersecurity Awareness Month 2023 marks 20 years of Cybersecurity Awareness Month!
Cybersecurity Awareness Month (CSAM) was launched by the National Cybersecurity Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 to communicate the importance of cybersecurity and help consumers stay safe online ..read more