Taylor Armerding
@tarmerding2
Followers
1K
Following
328
Media
393
Statuses
4K
Security Advocate at Synopsys Software Integrity Group; musician, bike rider
Boston
Joined April 2011
I just published Get to know the BSIMM — a crowd-sourced guidebook for your journey to better software security
link.medium.com
If you want to build better, more secure software, and you should, BSIMM is the report you should read and the club you should join.
0
0
0
I just published #CybersecurityAwareness should be aimed at software creators as well as users
link.medium.com
The need for better cybersecurity is universal. So an awareness month should apply to those who make software, as well as use it.
0
0
0
I just published Report: Build trust (and speed) in your software with #DevSecOps
link.medium.com
A new report by Black Duck documents the need for improvement in DevSecOps, along with recommendations on how to improve.
0
0
0
I just published One of #software’s oldest vulnerabilities persists, even when fixes are available #XSS
link.medium.com
There are fixes available for cross-site scripting software vulnerabilities. Why aren’t they being used more often?
0
0
0
I just published Are you plagued by #softwaretestingtoolsprawl? Get to know #ASPM
link.medium.com
Software security testing tool sprawl remains a problem. But ASPM can help to mitigate it.
0
0
0
I just published SEC #cyberincident #disclosure rule is a ‘material’ thing
link.medium.com
The SEC’s new rule requiring public companies to disclose “material” cyber incidents is well-intended but still untested.
0
0
0
I just published As #agriculture gets more #connected, it gets more productive — and vulnerable
link.medium.com
Farming has always been close to the earth, but now it’s also close to cyber space. That’s both good and bad.
0
0
0
I just published The #CyberSafetyReviewBoard: Good intent, toothless reality
link.medium.com
The federal Cyber Safety Review Board, created more than two years ago, is failing at its mission, according to multiple experts.
0
0
0
I just published Predictable #ransomware tsunami hits #healthcare sector after $22m payout
link.medium.com
The $22 million payday for the attackers of Change Healthcare has, not surprisingly, spawned a host of imitators.
0
1
0
I just published Could the #CrowdStrike disaster have been avoided? Probably
link.medium.com
A bad CrowdStrike update is the latest reminder that software can hurt as much as it helps — especally if it’s not rigorously tested.
0
1
0
I just published Are #LLMs getting devious (and smart) enough to trick you on their own?
link.medium.com
Large Language Models keep getting more capable. But that doesn’t mean they have minds of their own.
0
0
0
I just published Going to the #Olympics? Don’t let #cybercriminals win the gold — from you
link.medium.com
The Olympics are supposed to be fun and exciting. But the danderous reality is that everyone there will be the targets of cybercriminals.
0
0
0
RT @Infosec_Tourist: @tarmerding2 This is what happens when you leave humans to do the work of #AI empowered self-defending data. #You….
0
2
0
I just published Your modern car is spying on you, and you’re the only one who can limit it
link.medium.com
The modern car is a rampant collector of data that is then shared or sold. And millions of owners don’t know it.
0
0
0
RT @SynopsysAppsec: “Ransomware groups only need one person to click the link that contains the malicious executable to be successful”— Tho….
0
1
0
I just published #Ransomware is on a roll — and that’s more than a financial problem
link.medium.com
After decades of ransomware attacks, attackers still have the upper hand. Experts say that’s because of the failure to do security basics.
1
1
0
