Application Security Risk in 2019: It's All About The Supply Chain
5 minute read time
Cyber criminals are intentionally planting vulnerabilities directly into the global supply of open source components.
Read More...
Equifax was 100% preventable -- But 18,000 others at risk
2 minute read time
Karpovich reflected on findings from the House report that the breach at Equifax was 100% preventable -- as the vulnerability at the root of the breach was one.
Read More...
Three Days of DevSecOps: Lessons from Equifax
2 minute read time
In 2017, one might have considered "three days" to be the new normal for lead time for changes in DevSecOps. In 2018, that window closed to "one second".
Read More...
Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)
2 minute read time
Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed on August 22, 2018.
Read More...
Struts One-Two Punch Knocks Out India
2 minute read time
The social security system of India, AADHAAR, was just breached due to a Struts related vulnerability exploited on their website.
Read More...
Mr. Smith Goes to Washington: Lessons Learned from Equifax in Congress
2 minute read time
Perspective on what Rick Smith, former Equifax CEO, will say today to Congress this week when he testifies.
Read More...