By Andrew Storms|2019-11-08T11:26:49-08:00October 30th, 2019|Categories: Secure Software Development|Tags: CMMC, Department of Defense|
Earlier this year, the Department of Defense (DoD) announced the development and enforcement of new cyber security compliance requirements to be eligible for DoD contracts. Because the upcoming requirements affect so many companies (large and small) as well as prime and subcontractors, many organizations are looking for answers. Here [...]
By Andrew Storms|2019-11-18T09:30:24-08:00August 18th, 2019|Categories: DevSecOps, Secure Software Development|Tags: information security, infosec, secure software|
Software doesn’t write security in by itself; it takes best practices and intent to write good secure software. The industry is starting to agree on this, and the talk by Kelly Shortridge and Dr. Nicole Forsgren at Blackhat 2019 about bringing InfoSec and DevOps together is a great addition [...]
By Andrew Storms|2019-10-31T15:19:09-07:00February 12th, 2019|Categories: Secure Compliant Data Platform, Secure Software Development|Tags: cyber threat intelligence, cybersecurity, IT/OT, machine-to-machine learning|
Last week at DistribuTECH 2019, I had the opportunity to participate in a panel discussion on How AI and Machine-to-Machine Learning Are Enabling Cybersecurity Threat Intelligence. I was joined by fellow members of the California Energy Systems for the 21st Century (CES-21) program. Over the past 4 years, [...]
By Andrew Storms|2019-10-31T10:58:20-07:00November 28th, 2018|Categories: Secure Software Development, Tips & Tricks|Tags: data security, information security, infosec, Lean Security, software development, STIX/TAXII|
Thanksgiving in the US is passed and year end is in sight. As the end of the calendar year draws near, let's consider a few short term objectives you can complete right now that will have a long lasting effect on your security programs in 2019. 1. [...]
By Daniel Riedel|2019-10-31T10:59:19-07:00August 22nd, 2018|Categories: Secure Software Development|Tags: critical infrastructure, SBOM, SECURE, software bill of materials, software development|
Allan Friedman’s vision of the SBOM is Kubrickian indeed. Stanley Kubrick made films that looked with deep introspection into the future of our society, often as a polite and sometimes troubling warning of things to come. Like Kubrick, the cybersecurity expert Allan Friedman is calling attention to how [...]
By New Context|2019-10-31T15:51:02-07:00July 24th, 2018|Categories: Secure Software Development|
Although the big push around GDPR data management is (mostly) behind us, our customers are finding regulatory compliance will slow innovation if it's not a strategic priority. Everyone in the C-suite wants to do more with their data. They want to stream every byte through their tensorflow oracles [...]
By Andrew Storms|2019-11-18T09:16:50-08:00July 24th, 2015|Categories: DevSecOps, Secure Software Development|Tags: Devops, lean, Lean Security, Orchestration, pipeline, SECURE, security, threat|
All business leaders are faced with an ever growing list of challenges. Those of us who manage teams of software developers struggle with our own set of difficulties. The drums beat for us to address the unknown threats from Cyber Security risk while also developing and delivering software faster and [...]
