Author: Guy Gilam

Building A Successful PSIRT from the Ground Up – Part 2: Processes & Technology

This is Part 2 of our blog series about building a Product Security Incident Response Team from the ground up. Continuing from where we left off in Part 1, in this post we will cover the enabling processes and technologies of a PSIRT.

Building A Successful PSIRT from the Ground Up – Part 1: People

This is Part 1 of our blog series about building a Product Security Incident Response Team from the ground up. The Colonial Pipeline cyber security breach in 2021 marked a watershed moment in IT security. Though this attack shut down the largest oil pipeline in the U.S. and resulted in a $4.4 million ransom payment, […]

Platfrom vs. tools thumbnail

Why Security Pros Are Choosing a Unified Product Security Platform Over Generic Security Tools

As the connected devices and products we rely on have become increasingly software-reliant, securing them against cybersecurity and compliance risks has become a major concern for product security pros. Today’s evolving cybersecurity regulation for software-driven devices and products addresses the expanding threat landscape. As a result, companies are investing more and more in technologies that […]

Introducing Cybellum’s System of Systems: Cybersecurity Management at the Full Device Level

Product and device security teams often find themselves fighting an uphill battle in their attempts to step up their cybersecurity strategies. Ensuring security in the increasingly complex ecosystem of their connected devices has never been more challenging. Faced with a rapidly evolving threat landscape and increased regulation, teams are working hard to achieve cybersecurity maturity, […]

2022 Medical Device Cybersecurity Trends and Predictions

Is it Finally Prime Time for Medical Device Cybersecurity?

If you want to see where industry priorities lie — the general consensus is that you should follow the money. Well, between 2020 and 2025, the Healthcare industry is projected to spend $125B on cybersecurity. There are many reasons driving the attention that medical device security is receiving. New regulations such as the FDA premarket […]

Latest Mazda Infotainment Crash Shows How Fragile Car Security Really Is

Originally published on BleepingComputer, March 30th, 2022 Another day, another crash in automotive device software. This time, the bug was found in the infotainment system of older model Mazdas from 2014-2017. Drivers reported that their HD radio receivers crashed when connecting to a local radio station. The radio and its display, bluetooth capabilities, built-in maps, and […]

Licensing: The Double-Edged Sword of Open Source Software

Open-source software libraries are the backbone of modern software development and a critical piece of the software supply chain. Engineers don’t need to recreate existing functionality; instead, development efforts can be accelerated using open-source software (OSS) libraries. These days, almost 98% of applications use open-source libraries. Using open-source libraries does bring unique risks. Beyond security […]

Supply Chain Shortages Create a Cybersecurity Nightmare

Originally published on HelpNet Security, February 16th, 2022

The Definitive Guide to Software Bill-of-Materials (SBOM)

In 2020, the SolarWinds supply chain attack penetrated deep into the Federal government’s infrastructure and into some of the largest and most tech-savvy organizations. The compromise gave attackers unprecedented access to some of the best-protected data in the world. It highlighted that no matter how big or well funded an organization is, cyber-attacks can still […]

Subscribe to our blog to stay updated