The Food and Drug Administration (FDA) recently issued new requirements mandating that medical devices be secured against cyberattacks. This move comes after a long-standing concern about the potential for these devices to be hacked and used to harm patients. This new requirement is a significant step towards securing medical devices, which have been increasingly […]
READ MOREThe source code of Twitter was recently (maybe?) leaked on GitHub, a popular code repository platform. The code repository was quickly taken down, but not before it had been downloaded by hundreds of users. The leak has drawn attention from security experts regarding the implications for the social media platform and raised concerns over the […]
In a recent thread on a discussion forum, a group of developers discussed time lost on bug chasing. One developer lamented that he lost 5 days; another 5 years between the time it was discovered and the time it was finally resolved. Still another developer estimated that in an organization of 400 engineers, […]
The Background Cybercriminals are currently exploiting a vulnerability in the popular server administration tool Control Web Panel (CWP). This vulnerability allows for a fairly trivial remote code execution (RCE), requiring no authentication. A recent Shodan search shows over 426,000 servers currently running CWP (down from around 435,000 servers a couple days ago) around the globe. […]
I have been fortunate enough to lead both engineering teams and security teams. I have felt the pain on both sides. On the engineering side, I felt the pressure of delivering for my product leaders and client services teams. On the Security side, I pressed hard to achieve acceptable risk levels and to remove vulnerabilities […]
CircleCI is currently investigating a security incident. We reached out to our customers using CircleCI as their development platform, but thought it important to share this information with the wider community. Their official announcement can be read here, but the key takeaways are: While CircleCI is sharing information on the key compromise, it’s important to […]
When I got the call to consider picking up the golden baton at the next-gen application security company (ShiftLeft) the thought hadn’t even crossed my mind. After all, I had committed to building another company (NumberOne AI), one that would build multiple companies and all of them on the foundations of predictive AI/ML to solve […]
This time of year offers everyone in Infosec the opportunity to set operational and strategic goals for the coming year. With the normal software cycle paused and developers on holiday, we can get the kind of serious work done that is only possible when everyone else isn’t around. Our team is no exception. Like anyone […]
SecOps and DevOps. They’re two sides of the same coin. But more often than not a divide exists between them that seems to always be growing . To an extent that makes sense in that SecOps is the gatekeeper, always thinking four steps ahead, the worrier, always considering what’s lurking in their environment that could […]
2023 Cybersecurity predictions covering shifts in hacker behavior, the role of AI in cybersecurity, and so much more from industry leading expert, Chetan Conikee, CTO and Co-founder of ShiftLeft.
Why does software security matter? From the rise of the internet to an entirely interconnected world The last 30 years have seen remarkable developments in computer technology and the emergence of the internet. It’s incredible to think about how much more connected and pervasive the internet has become since the turn of the century. Nowadays, […]
The Tech Trailblazer Awards has named ShiftLeft as one of the year’s best new companies. As the first independent global awards program dedicated to the enterprise technology startup ecosystem, the Tech Trailblazers Awards recognizes and rewards leading startups, innovations, and individuals from around the globe. Among the cohort of winners across 15 different categories and […]
© 2023 Qwiet. All rights reserved.