Research, SDLC and Security - Information Technology Zone

Safeguarding Ethical Development in ChatGPT and Other LLMs

SecureWorld News

AUGUST 7, 2023

This first installment is "Safeguarding Ethical Development in ChatGPT and Other LLMs through a Comprehensive Approach: Integrating Security, Psychological Considerations, and Governance." Three key elements require our attention: security measures, psychological considerations, and governance strategies.

Development

Development SDLC Security Tools

Why Fuzz Testing Is Indispensable: Billy Rios

ForAllSecure

SEPTEMBER 2, 2021

I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. Rios is an author, researcher, venture advisor, and entrepreneur. At that point, you’re just overwhelming security and development teams and they’re not handling them (the bugs).

SDLC

SDLC Programming Applications Security

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. Waste : How much of this developer effort will eventually be wasted due to FPs with no measurable improvement in the security of an application? Compliance however is not security. Another approach is required.

Applications

Applications Security Analysis Software

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The FuzzCon 2021 Real Talks Panel

ForAllSecure

SEPTEMBER 29, 2021

In the Fuzzing Real Talks session, Ransome was joined by industry experts Anmol Misra of Autodesk, Larry Maccherone of Contract Security, Damilare D. Fagbemi of Resilient Software Security, and Jeff Costlow of Extrahop Networks to discuss the ins and outs of a successful security testing program. Is this important to me today?

SDLC

SDLC Study Programming Development

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. Waste : How much of this developer effort will eventually be wasted due to FPs with no measurable improvement in the security of an application? Compliance however is not security. Fuzzing is the next evolution.

Applications

Applications Security Analysis Software

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. Waste : How much of this developer effort will eventually be wasted due to FPs with no measurable improvement in the security of an application? Compliance however is not security. Fuzzing is the next evolution.

Applications

Applications Security Analysis Software

FuzzCon 2021 Addresses Ease-of-Use in Fuzz Testing

ForAllSecure

SEPTEMBER 9, 2021

Director of Microsoft Research NExT Special Projects, echoed this sentiment: “Fuzzing seems like black magic and it just seems impossible to bring into [a] company. “Security testing is more important, and available than ever. It truly is the future of application security. At FuzzCon 2020, Mike Walker, Sr.

SDLC

SDLC Applications Security Analysis

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Like any software-based system, aerospace must continually and proactively find and fix security and safety issues before cyber-attackers can exploit them. In 2018 the aerospace industry published DO-356A, Airworthiness Security Methods and Considerations , to provide updated guidance on airworthiness cybersecurity.

Analysis

Analysis Security Software Software

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Like any software-based system, aerospace must continually and proactively find and fix security and safety issues before cyber-attackers can exploit them. In 2018 the aerospace industry published DO-356A, Airworthiness Security Methods and Considerations , to provide updated guidance on airworthiness cybersecurity.

Analysis

Analysis Security Software Software

How Fuzzing Redefines Application Security

ForAllSecure

JULY 8, 2021

The application security testing market is highly fragmented. From SAST to DAST to SCA to IAST to RASP, the current state of the market is a byproduct of various assertions on what is believed to be the best way to address application security testing. This is undesirable. Our answer? Why Fuzzing Is the Answer.

Applications

Applications Security Analysis SDLC

When least privilege is the most important thing

CIO Business Intelligence

NOVEMBER 2, 2023

In the ever-evolving realm of information security, the principle of Least Privilege stands out as the cornerstone of safeguarding sensitive data. Organizations that follow the principle of least privilege can improve their security posture by significantly reducing their attack surface and risk of malware spread.

Backup

Backup Information Security Security Operating Systems

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

When defects are uncovered and fixed the same set of security testing must be performed, once again, to validate fixes -- also known as regression testing. Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes.

Open Source

Open Source Licensing Applications Analysis

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

When defects are uncovered and fixed the same set of security testing must be performed, once again, to validate fixes -- also known as regression testing. Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes.

Open Source

Open Source Licensing Analysis Applications

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. The CyberWire Daily includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached.

Security

Security Applications Development Financial

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. The CyberWire Daily includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached.

Security

Security Applications Development Financial

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. The CyberWire Daily includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached.

Security

Security Applications Development Financial

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

Researchers claim they’ve found a flaw that allows hackers to access your device from hundreds of feet away, giving them the ability to unlock your front door, even start your car. He’s a researcher at the University of Michigan and has been pioneering a new category of acoustic interference attacks. So it depends.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

Researchers claim they’ve found a flaw that allows hackers to access your device from hundreds of feet away, giving them the ability to unlock your front door, even start your car. He’s a researcher at the University of Michigan and has been pioneering a new category of acoustic interference attacks. So it depends.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

Researchers claim they’ve found a flaw that allows hackers to access your device from hundreds of feet away, giving them the ability to unlock your front door, even start your car. He’s a researcher at the University of Michigan and has been pioneering a new category of acoustic interference attacks. So it depends.

Research

Research Engineering Examples System

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

Security and speed are often perceived to be mutually exclusive, repelling away from each other like identical poles of a magnet. This technique has been battle-tested in the 2016 DARPA CGC, where it took first place, and deployed in the real-world, solving some of the most critical software security challenges. Missed the webinar?

Development

Development Security Applications Devops

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

Security and speed are often perceived to be mutually exclusive, repelling away from each other like identical poles of a magnet. This technique has been battle-tested in the 2016 DARPA CGC, where it took first place, and deployed in the real-world, solving some of the most critical software security challenges. Missed the webinar?

Development

Development Security Applications Devops

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

ForAllSecure

AUGUST 21, 2019

Security and speed are often perceived to be mutually exclusive, repelling away from each other like identical poles of a magnet. This technique has been battle-tested in the 2016 DARPA CGC, where it took first place, and deployed in the real-world, solving some of the most critical software security challenges. Missed the webinar?

Development

Development Security Applications Devops

Information Technology Zone

Safeguarding Ethical Development in ChatGPT and Other LLMs

Why Fuzz Testing Is Indispensable: Billy Rios

Webinars

Trending Sources

Challenging ROI Myths Of Static Application Security Testing (SAST)

Webinars

The FuzzCon 2021 Real Talks Panel

Challenging ROI Myths Of Static Application Security Testing (SAST)

Challenging ROI Myths Of Static Application Security Testing (SAST)

FuzzCon 2021 Addresses Ease-of-Use in Fuzz Testing

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

How Fuzzing Redefines Application Security

When least privilege is the most important thing

Breaking Down the Product Benefits

Breaking Down the Product Benefits

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

Stay Connected