Solarwinds Hack Timeline

A Timeline of the Solarwinds Hack: What We’ve Learned

Thursday, January 28, 2021

The SolarWinds hack was a major security breach that affected over 3,000 SolarWinds customers, including major corporations like Cisco, Intel, Cox Communications, and Belkin. Also impacted were multiple US states and government agencies including the US Department of State and the US Department of Homeland Security. The attack, dubbed SUNBURST, involved inserting malicious code into SolarWinds’s Orion Platform software. This …

What is document review

What Is Document Review? How it Helps and What to Look For

Thursday, January 21, 2021

In the context of the software development lifecycle (SDLC), document review makes it easier for an organization to curate, govern, and manage the lifecycle of digital artifacts beyond source code. These include documentation, spreadsheets, presentations, image flies, system and architectural images, and other files related to software projects. It is a discipline often practiced in …

continuous verification

Continuous Verification, AKA Just Doing DevOps

Thursday, January 14, 2021

There are several ironies about DevOps that can sometimes cause confusion or perhaps take attention away from what really matters. Take “Shift Security Left” for instance.  Yes, it’s cheaper and safer to catch errors before they get into production and, yes, developers should take more responsibility for the quality and security of their code. No one …

Kiuwan web application security blueprint

Create a Web Application Security Blueprint

Monday, January 04, 2021

The best way to make web applications secure is to include security at every step along the development process, from requirements analysis, to design, to implementation and testing, and into maintenance and update phases. To that end, it’s wise to consider a kind of “security blueprint” as part and parcel of how you work through …