Phil Englert was ahead of the curve in introducing cybersecurity into the medical device industry, building medical device cybersecurity programs from scratch several times during his career. Today he is the Director of Medical Device Security at the Health Information Sharing and Analysis Center H-ISAC, helping establish connections within the medical device community, and well-versed […]
VEX reports have finally hit the mainstream and the excitement surrounding them has as much to do with automation as it does with vulnerability management. To appreciate the full practicality of Vulnerability and Exploitability Exchange (VEX) reports, we need to go back to our old friend, the Software Bill of Material, endearingly known as ‘SBOM’. […]
Part 1: Using SBOMs for enhanced visibility and control The dynamic nature of software development exposes the software supply chain to countless sources of both known and unknown vulnerabilities. These can take multiple forms, from insecure open-source software to zero-day exploits. The connected product software revolution’s growing reliance on open-source software increases the risk and […]
Two years following one of the worst cyber-espionage attacks on the USA, we sat down with Thomas LaRock from SolarWinds to learn about how they managed the SUNBURST crisis and came away stronger Thomas LaRock is the Senior Technical Product Marketing Manager–or as they like to put it ‘Head Geek’–at SolarWinds. After many years as […]
Advanced workflow, approval process and management dashboard enhance control, distribution and supervision, while reducing errors and streamlining the entire SBOM management process Israel, Tel Aviv, January 26, 2023 – Cybellum, provider of the award-winning Product Security Platform for connected product and device manufacturers, announced today the release of version 2.22, providing enhanced SBOM management […]
Shlomi Ashkenazy and David Leichner recap the highlights of the past year and light the beacon for Product Security managers in 2023. 2022 has been an incredible year for the Product Security community. New regulations gained traction, software bills of materials (SBOMs) became ‘the bomb’, and the ramifications of Log4j and other vulnerabilities made […]
From a nuclear meltdown to Y2K and 9/11, Joe Weiss paints a frightening picture of cyber vulnerabilities in things that can go BOOM in the night. Joe Weiss is what you would call a trailblazer in the realm of critical infrastructure cybersecurity. During his 40+ years in industrial instrumentation controls and cybersecurity, he has set […]
Is open source software, one of the great wonders of our time, setting us up for one of the great cybersecurity blunders of our time? In an ongoing effort to develop more innovative technologies, companies are turning to open source libraries for inspiration to reliably bolstering capabilities using fewer resources. By taking only part of […]
Cybellum’s Left to Their Own Devices podcast spoke with Dale Peterson, founder of the S4 conference and creator of many of today’s standard ICS security tools and techniques Dale Peterson is one of the most experienced individuals on the planet when it comes to industrial cybersecurity. After a few years at the NSA as a […]
