A Movember Update: Why We Mo

The Veracode Movember effort still needs your help! – Donate Here.

Movember has been an entertaining, interesting and at times embarrassing month. From the looks we garnered around the office, in public, or from family, friends and loved ones, it is at times hard to justify the Moustache. This is all easily rectified once you inform the onlookers about the underlying cause, raising awareness for Prostate Cancer.

The Merchant of Malta: Who’s To Blame When Vulns Fetch A Price?

The security firm ReVuln found itself on the receiving end of some harsh criticism this month after it demonstrated several previously unknown holes in common industrial control platforms, then said it would not share the details of those holes to vendors. As information about software vulnerabilities becomes more and more valuable, the question arises: who is to blame when software gets hacked: the researcher who exposes the weakness, or the developers who created it?

Power to the People and the Coming AppSec Revolution

When the revolution comes, the first up against the firewall will be your business partners – along with every other third-party that provides you with software.

It used to be that you could call for more secure software from individual vendors – and Microsoft heeded that call, for example with its push for trustworthy computing, starting in 2002 – but today we’re more dependent on software than ever, and more interconnected than ever; we rise and fall by the security of our associates.

In Case You Haven’t Heard, These Cloud and Big Data Things are REALLY Cool

Having spent the last 10 years or so working with technology on a day-to-day basis, I thought I’d seen a good deal of “Woah, that is cool” moments. These moments range from just discovering modern day technology (the fact that companies made billions on database software blew my much younger mind for about a week) to more niche discoveries (my first identified SQL Injection vulnerability was a doozie, and I didn’t even know it had a name until two years later!)

Security Debt and Vulnerability Supply Chains

I thought the vendor testing angle could be interesting. We had just launched our VAST program so the topic made our marketing folks happy, but also because I think the supply chain analogy can be an interesting lens to view the security industry. We can think about the software supply chain as the vulnerability supply chain.

Software Security Needs Its Nate Silver

Nate Silver, the rock star statistician behind the New York Times FiveThirtyEight blog, became an unwilling player in the heated political rhetoric ahead of the Nov 6. Presidential election. Silver covers politics and other news from the viewpoint of a statistician: putting the rhetoric and the political consultant’s alchemy aside to look at the numbers.

Help Veracoders Raise Money for Movember

What is Movember?

“Since its humble beginnings in Melbourne, Australia, Movember has grown to become a truly global movement inspiring more than 1.9 Million Mo Bros and Mo Sistas to participate with formal campaigns in Australia, New Zealand, the US, Canada, the UK, South Africa, Ireland, Finland, the Netherlands, Spain, Denmark, Norway, Belgium and the Czech Republic. In addition, Movember is aware of Mo Bros and Mo Sistas supporting the campaign and men’s health cause across the globe..

1 2