From a nuclear meltdown to Y2K and 9/11, Joe Weiss paints a frightening picture of cyber vulnerabilities in things that can go BOOM in the night. Joe Weiss is what you would call a trailblazer in the realm of critical infrastructure cybersecurity. During his 40+ years in industrial instrumentation controls and cybersecurity, he has set […]
Cybellum Wins 3 Awards for Cybersecurity in 10th Annual Global InfoSec Awards at RSAC 2022
The National Institute of Standards and Technology (NIST) published an updated guidance on managing supply chain cybersecurity risks on May 5th 2022, titled “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” (C-SCRM), for organizations that are acquirers and end users of products, software and services. The update includes a detailed list of C-SCRM […]
How an eye-opening conversation with a medical device cybersecurity expert inspired us to start a podcast for product security teams Cybersecurity pros are in the midst of an ongoing struggle. You need to constantly be on the watch for new threats, every single day. You need to find and recruit some of the most […]
Open-source software libraries are the backbone of modern software development and a critical piece of the software supply chain. Engineers don’t need to recreate existing functionality; instead, development efforts can be accelerated using open-source software (OSS) libraries. These days, almost 98% of applications use open-source libraries. Using open-source libraries does bring unique risks. Beyond security […]
In 2020, the SolarWinds supply chain attack penetrated deep into the Federal government’s infrastructure and into some of the largest and most tech-savvy organizations. The compromise gave attackers unprecedented access to some of the best-protected data in the world. It highlighted that no matter how big or well funded an organization is, cyber-attacks can still […]
NUCLEUS:13 is the latest in a long line of TCP/IP stack vulnerabilities that includes NAME:WRECK, Ripple20 and many others. The vulnerabilities have been discovered in the Nucleus TCP/IP stack owned by Siemens, and used in billions of devices.
Cybellum’s product security platform enables users to quickly pinpoint vulnerabilities and remediate them across the product lifecycle.