I keep missing blogging days, but not because things aren’t busy. Here’s a roundup of places where I’ve been talking in the press and other stuff for the past few months:
On the Veracode blog: Regulations like FS-ISAC and PCI are now looking at the security of open source components, are you ready?. Plus a three part series on the ransomware attack against the San Francisco MUNI and software composition analysis (one, two, three).
In the press:
- ThreatPost, Code reuse a peril for secure software development.
- Internet Retail, Holiday hangover: Those temporary web pages pose a security risk.
- Wall Street Journal, Pressured App Developers More Likely to Forget Security.
- Tech Beacon, The state of software security: 5 things developers can do now.
- CyberParse, Heartbleed persists on 200,000 servers, devices.
- SD Times, Security in software needs to be Job One.
And it looks like this year’s RSA will be pretty busy in a few weeks. It’s unfortunate that I haven’t wanted to write much about other things recently, but work is definitely making up for it.