Recent Posts

laptop with mask

Sickened by Software? Changing The Way We Talk About 0Days

How do we improve software quality and end the epidemic of shoddy, exploitable software harming consumers, communities and businesses? To start, we need to change the way we think and talk about software-based risks.

Source Code Secret

GitGuardian’s HasMySecretLeaked Is HaveIBeenPwned for DevOps

Amid a spike in attacks on software supply chains, GitGuardian launched HasMySecretLeaked.com, a site that allows developers and appsec teams to search for exposed secrets.

fingerprint scanning

What does it cost small businesses to get advanced cybersecurity?

In this Expert Insight, Derek Kernus, the Director of Cybersecurity Operations at DTS talks about the challenges facing small businesses that are under pressure to adopt cybersecurity best practices without breaking their budget. Derek offers suggestions for prioritizing cybersecurity investments – and things to watch out for as you build out an advanced cybersecurity program.

Photo by RealToughCandy.com: https://www.pexels.com/photo/person-holding-a-sticker-11035393/

Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development’s “tragedy of the commons,” as more and more development teams lean on open source code.

Oven Check

Episode 252: Colin O’Flynn On Hacking An Oven To Make It Stop Lying

In this episode of the podcast, host Paul Roberts speaks with Colin O’Flynn, CTO and founder of the firm NewAE about his work to patch shoddy software on his home’s electric oven – and the bigger questions about owners rights to fix, tinker with or replace the software that powers their connected stuff.