Tag: NIST

The US National Institutes of Standards and Technology recently asked for comments on a new framework for secure software development. Called Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) this framework seeks to aid developers by providing a somewhat universal framework for secure software development. What this framework doesn’t […]

Last week I wrote that compliance and complacency are major challenges in the cloud. Yes, defensive technology is the same. However, the cloud poses some specific threats. Multitenancy Multitenancy scares people the most. You share cloud infrastructure with other customers. Your cloud services are running on virtual machines. Those VMs run on shared hardware. You […]