How Secure Is Open-Source Software?

How Secure Is Open-Source Software?

Aug 27, 2024 | Articles, Podcast

Open-source software is the building block of modern applications. From web frameworks to encryption tools, these readily available components offer developers a wealth of functionality and accelerate development cycles. However, this convenience comes with a hidden...
Our Assumed Trust in Cyber Security Vendors

Our Assumed Trust in Cyber Security Vendors

Jul 24, 2024 | Articles, Podcast

Imagine you are a security manager being asked to do a security assessment on a new software for your organisation. It will be deployed across all Windows workstations and servers and will operate as a boot start driver in kernel mode, granting it extensive access to...
You’re Using More Open-Source Than You Realise

You’re Using More Open-Source Than You Realise

Jul 2, 2024 | Articles

My recent conference presentation on open-source security revealed a common theme. Audience members didn’t realise how pervasive open-source is. Everyone in the audience knew that their organisation uses a fair number of open-source components, but they thought that...

5 Steps for Securing Your Software Supply Chain

Apr 21, 2023 | Articles, Podcast, Posts

RSA Conference just published an article that I’ve written on the 5 steps for securing your software supply chain. Most modern applications are assembled from open source components with developers typically writing less than 15% of the code for their...
How Secure Is Your iPhone?

How Secure Is Your iPhone?

Feb 27, 2023 | Articles, Podcast, Posts

The Wall Street Journal has written an article that will challenge your belief on the security of your digital life. It reports on how a basic iPhone feature can allow criminals to steal your entire digital life. This basic feature is your pass code and the technique...