Industrial Cybersecurity
The Cybellum Blog

Cybellum Wins Three Coveted Global InfoSec Awards during RSA Conference 2022

Cybellum Wins 3 Awards for Cybersecurity in 10th Annual Global InfoSec Awards at RSAC 2022

NIST Issues Updated Guidance for Supply Chain Cybersecurity Risk Management

NIST Issues Updated Guidance for Supply Chain Cybersecurity Risk Management

The National Institute of Standards and Technology (NIST) published an updated guidance on managing supply chain cybersecurity risks on May 5th 2022, titled “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” (C-SCRM), for organizations that are acquirers and end users of products, software and services. The update includes a detailed list of C-SCRM […]

Why We Decided to Launch a Podcast for Product Security Teams

How an eye-opening conversation with a medical device cybersecurity expert inspired us to start a podcast for product security teams   Cybersecurity pros are in the midst of an ongoing struggle. You need to constantly be on the watch for new threats, every single day. You need to find and recruit some of the most […]

Licensing: The Double-Edged Sword of Open Source Software

Open-source software libraries are the backbone of modern software development and a critical piece of the software supply chain. Engineers don’t need to recreate existing functionality; instead, development efforts can be accelerated using open-source software (OSS) libraries. These days, almost 98% of applications use open-source libraries. Using open-source libraries does bring unique risks. Beyond security […]

The Definitive Guide to Software Bill-of-Materials (SBOM)

In 2020, the SolarWinds supply chain attack penetrated deep into the Federal government’s infrastructure and into some of the largest and most tech-savvy organizations. The compromise gave attackers unprecedented access to some of the best-protected data in the world. It highlighted that no matter how big or well funded an organization is, cyber-attacks can still […]

NUCLEUS:13 Vulnerabilities Hit Siemens Nucleus TCP/IP Stack

NUCLEUS:13 is the latest in a long line of TCP/IP stack vulnerabilities that includes NAME:WRECK, Ripple20 and many others. The vulnerabilities have been discovered in the Nucleus TCP/IP stack owned by Siemens, and used in billions of devices.

The Future of Cyber Attacks

Originally posted on Panther’s website. 

Cybellum Joins Siemens Digital Industries Software Partner Ecosystem

Cybellum’s product security platform enables users to quickly pinpoint vulnerabilities and remediate them across the product lifecycle.

Peacetime PSIRT Activities – Getting the Most of Your PSIRT Investment

Originally published on Security Magazine, December 17th, 2021 The Product Security Incident Response Team (PSIRT) is not a firefighter team, but they should be your fire marshal. Your PSIRT is more than a first response team that only activates when an incident occurs. Businesses get the most out of their investment in this highly skilled […]

NTIA’s Minimum Elements of a Software Bill of Materials (SBOM): a Guide

After many years of hard work, the NTIA (National Telecommunications and Information Administration) published an important document in July 2021: The Minimum Elements for a Software Bill of Materials (SBOM). True to its name, the document details a list of the elements a minimal SBOM should include.

Subscribe to our blog to stay updated