Quantum computing has the potential to one day break today’s encryption algorithms, requiring a proactive approach to finding new and innovative ways to protect data that can withstand those upcoming capabilities. Last week, NIST announced the approval of three post-quantum cryptographic algorithms that cannot be broken by a quantum computer. Here’s what leaders in the … continue reading
In April 2024, the National Institute of Standards and Technology released a draft publication aimed to provide guidance around secure software development practices for generative AI systems. In light of these requirements, software development teams should begin implementing a robust testing strategy to ensure they adhere to these new guidelines. Testing is a cornerstone of … continue reading
The National Institute of Standards and Technology (NIST) has announced its first three post-quantum cryptographic algorithms, which will be able to safeguard data even in the event that quantum computing advances to the point that today’s cryptography can be broken. “The official publication of these algorithms marks a crucial milestone to advancing the protection of … continue reading
The National Institute of Standards and Technology (NIST) has announced a new pilot evaluation program, NIST GenAI, to help assess whether content — text, image, video, or audio — was generated by a human or AI. One of the goals of the study is to use the results to assist people in making these determinations … continue reading
The National Institute of Standards and Technology (NIST) published a new draft document that outlines strategies for integrating software supply chain security measures into CI/CD pipelines. Cloud-native applications typically use a microservices architecture with a centralized infrastructure like a service mesh. These applications are often developed using DevSecOps, which uses CI/CD pipelines to guide software … continue reading
Puppet Enterprise 2023.0 is the latest release following 2021.7 that includes NIST compliance, the ability to authenticate users in multiple Lightweight Directory Access Protocol (LDAP) domains, adds a streamlined user interface, and more. With NIST compliance, Puppet Enterprise 2023.0 reduces compliance risk and the risk of sensitive information being accessed. Users can customize the timeout … continue reading
Pieter Danhieux has an impressive background in cybersecurity. And he acknowledges that when it comes to building software, problems in the code lead to security issues. Yet he blames this problem not on the developers themselves, but on what he has seen as “a lot of things we’ve done wrong with developers.” Organizations, he said, … continue reading
When the ransomware NotPetya hit in June 2017, the results were devastating. A variant of the widespread Petya ransomware, NotPetya affected several large companies from a variety of different countries, according to Kaspersky Labs, who initially named the variant. After this devastating global cyberattack, Microsoft began conducting research into why customers weren’t practicing proper cybersecurity … continue reading
Swift has made it into the TIOBE Index’s top 10 programming languages for the first time. Swift is a programming language Apple created about three years ago to replace its other application development language Objective-C. “The expectations were high right from the start, but adoption took off slowly. That is for good reasons by the … continue reading
The National Institute of Standards and Technology (NIST) wants to protect users from their mobile devices. The organization has released a new guide designed to improve the security of mobile devices. While mobile applications have helped businesses increase productivity through real-time communication and connectivity, the benefits don’t outweigh the risks that can come with it, … continue reading
Framework provides organizations, regulators and customers a structure to create, guide, assess and improve cybersecurity … continue reading