NIST Wants Comments on Secure Software Development
Oct 15,
2019
The US National Institutes of Standards and Technology recently asked for comments on a new framework for secure software development. Called Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) this framework seeks to aid developers by providing a somewhat universal framework for secure software development. What this framework doesn’t […]
What Cybersecurity Threats Do We Face In The Cloud?
Oct 31,
2018
Last week I wrote that compliance and complacency are major challenges in the cloud. Yes, defensive technology is the same. However, the cloud poses some specific threats. Multitenancy Multitenancy scares people the most. You share cloud infrastructure with other customers. Your cloud services are running on virtual machines. Those VMs run on shared hardware. You […]
cloud governance,
cloud sprawl,
compliance,
FedRAMP,
FISMA,
GDPR,
GLBA,
HIPAA,
hypervisor,
multitenancy,
NIST,
PCI,
PCI DSS,
shadow IT,
SOX,
speculative execution,
virtualization