Back to the Future: What AppSec Can Learn From 30 Years of IT Security
History doesn’t repeat itself, but it often rhymes. As AppSec evolves towards a new playbook, here’s what we can learn from IT’s journey. Just over 20 years ago, Watts Humphrey declared that every business was a software business. Not everyone agreed. No one imagined sports shoe manufacturers, automakers and even barbecue brands building, developing and […]
A Playbook for Communicating the Nuances of XZ Utils (CVE-2024-3094)
Overview By now, you have heard that on March 29th, malicious code was embedded in XZ Utils versions 5.6.0 and 5.6.1, which was assigned CVE-2024-3094. Red Hat issued an urgent advisory for users to cease using systems operating on Fedora’s development and experimental versions. This precautionary measure was taken after a backdoor was identified within […]