The Internet of Things (To Protect)
The Internet of Things is under attack already, say researchers. A smart refrigerator was hacked and used to disperse malicious code, for example. So why are we not properly teaching folks that...
View ArticleLee Kestler Joins SafeLogic Advisory Board
I’m very pleased to announce that Lee Kestler has joined the SafeLogic advisory board. If you’re looking for the official statement, you should check out the press release. These are my thoughts,...
View ArticleWhat a Week!
On Friday, I headed home. The lobby at the St. Regis was eerily quiet and the hotel staff looked rather relieved to see all the conventioneers gone. I learned a few key things at the RSA Conference...
View ArticleWhat a Week: Part Two
Last week, I had the honor of talking security at the first ever Wearables DevCon. After my successful presentation on security in constrained devices at the RSA Conference with Whit Diffie, I was...
View ArticleAre We Ready for IoT?
As an industry, we’re not over the hump for mobile security yet. We’ve gone from protecting the device to protecting the app to protecting the data. We’ve come a long way in terms of security for...
View ArticleSafeLogic Responds to Heartbleed
We just issued an advisory notice for customers regarding the recent Heartbleed vulnerability in OpenSSL. The issue doesn’t reside within our CryptoComply module; it’s in the higher level OpenSSL...
View ArticleTizen, Connected Cars and Buggy Whips
Two weeks ago, I had the privilege of giving a presentation at the 2014 Tizen Developer Conference. The first thing that you should know is that this was a fantastic event. Most of us will hear “user...
View ArticleHappy Independence Day!
Wow. It feels like just yesterday that I blogged about the importance of our freedom and opportunity, and how thankful I am to be thriving in the USA. That was a year ago. In ‘SafeLogic Time’, where...
View ArticleIt’s Q4 Already?
It’s hard to believe we are in Q4 already. If you’re in the Bay Area, it still feels like summer! But here we are, rapidly approaching Halloween and the holidays, watching football and playoff...
View ArticlePutting a Muzzle on POODLE
You may have seen the news about POODLE recently. The good news is that it’s not as severe as Heartbleed, which affected server-side SSL implementations and had repercussions across most web traffic....
View ArticleThe Sony Hack Just Does Not Matter
Several times this year we’ve heard about hacks and compromised systems (more so than I can remember in recent history), and I have to say I’m truly amazed at all the press on the Sony hack. But why is...
View ArticleMy Worry and Optimism for Cybersecurity in 2015
Let’s face it – 2014 was pretty bad from an information security perspective, and I believe we will see a rise in the frequency, severity, and publicity of malicious hacks and breaches in 2015. I’m...
View ArticleOn Encryption Keys – Part 1 – What Is a Key?
Last week I met with a customer to help solve, among other things, some challenges around key management and key lifecycles. I thought I’d kick off a blog series on keys: what they are, their...
View ArticleOn Encryption Keys (and Anthem) – Part 2 of 2
The Anthem breach encouraged me to wrap up this blog series and talk about key management in a genuine security context. When the Anthem breach first was public, it looked as if patient records were...
View ArticleBring on 2016!
Ahh, the year-end crunch time is here. Closing and reconciling the books. Working with our customers to get in (or delay, when strategic, of course) last minute invoices and accruals. Making sure...
View ArticleThe CMVP Legacy List Returns
Last week, our blog featured information about the RNG issue identified for removal by NIST. It was written by Mark Minnoch, our new Technical Account Manager, and I’m totally pumped he’s joined the...
View ArticleHow Unvalidated Encryption Threatens Patient Data Security
Originally posted in its entirety at HealthITSecurity.com. Proper healthcare encryption methods can be greatly beneficial to organizations as they work to improve patient data security. Technology...
View ArticleOpenSSL 1.1’s Big, Bright, FIPS Validated Future
The OpenSSL project posted to their official blog today with some major news – OpenSSL 1.1 will be getting a FIPS 140-2 validated module! It’s a huge deal and the SafeLogic team is proud to be leading...
View ArticleHow Unvalidated Encryption Threatens Patient Data Security
Originally posted in its entirety at HealthITSecurity.com. Proper healthcare encryption methods can be greatly beneficial to organizations as they work to improve patient data security. Technology...
View ArticleOpenSSL 1.1’s Big, Bright, FIPS Validated Future
The OpenSSL project posted to their official blog today with some major news – OpenSSL 1.1 will be getting a FIPS 140-2 validated module! It’s a huge deal and the SafeLogic team is proud to be leading...
View Article
More Pages to Explore .....