Veracode makes software that tests your software for vulnerabilities. Software developers use Veracode’s product to see if their software is vulnerable. Here is some information based on scanning over one million applications: Veracode says that AI-Generated code brings security bugs at scale and will likely add to security or technical debt. AI tools might also […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security or convenience, pick one. Background: there is a difference between IDENTIFICATION and AUTHENTICATION. Identification is the equivalent of a userid. Userids are not secret. Authentication is the equivalent of a password. Passwords are secret. Many systems use biometrics like a face scan to BOTH identify a user and authenticate that it is really that […]
Continue reading → [DISPLAY_ACURAX_ICONS]DEF CON is Canceled, No Really It is a meme. Every year there are announcements that DEF CON is canceled, but this year it is real. Sort of. DEF CON is the world’s largest hacking convention and has, for years, been held at Caesars in Las Vegas. You may remember that Caesars had an unfortunate […]
Continue reading → [DISPLAY_ACURAX_ICONS]As companies continue to expand their use of third party providers, the issue of security also expands. A cloud database belonging to CU Solutions Group, a service provider to credit unions, was left unsecured. More on that in a minute. That would make them a third party service provider to credit unions. Except …….. When […]
Continue reading → [DISPLAY_ACURAX_ICONS]As if yesterday’s deep fake post wasn’t enough to scare you, here is another one. Gartner says that attacks using AI-generated deepfakes to bypass facial biometrics will lead a third of organizations to doubt the adequacy of identity verification as standalone protections. Actually, this is good news because biometrics should ***ONLY*** be used to identify […]
Continue reading → [DISPLAY_ACURAX_ICONS]The feds are pushing pretty hard to get software makers to create and manage Software Bills of Materials or SBoMs. What the heck is an an SBoM anyway and why is it important. A very non-technical comparison would be the list of ingredients in packaged food. Let’s say you are allergic to some food, say […]
Continue reading → [DISPLAY_ACURAX_ICONS]