Architecture, Risk and Whitepaper - Cyber Security Informer

Safety and Security in Automated Driving

Adam Shostack

JANUARY 2, 2025

Lets explore the risks associated with Automated Driving. Safety First For Automated Driving " is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. One of the "minimal risk" maneuvers listed (table 4) is an emergency stop. It's important to remember that driving is incredibly dangerous.

Risk

Risk Architecture Manufacturing Cybersecurity

WHITEPAPER: Authentication Does Not Equal Zero Trust

Security Boulevard

MARCH 30, 2022

Many vendor claims are unclear as to what they’re promising in this space, but they are quite insistent that without Zero Trust network architectures, organizations are at great risk for data breaches and other network sabotage. The post WHITEPAPER: Authentication Does Not Equal Zero Trust appeared first on Security Boulevard.

Authentication

Authentication Architecture Data breaches Risk

Safety and Security in Automated Driving

Adam Shostack

JULY 8, 2019

“ Safety First For Automated Driving ” is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. One of the “minimal risk” maneuvers listed (table 4) is an emergency stop. I also like Figure 27 & 28 (shown), showing risks associated with a generic architecture.

Risk

Risk Architecture Manufacturing Cybersecurity

MITRE ATT&CK: The Magic of Application Mitigations

Cisco Security

MARCH 17, 2021

Today’s application architectures support fast, continuous innovation. Back end architectures use small, independent code modules called microservices. Clearly today’s application architectures use a lot of components, making them more complex, but the benefits run deep. Complexity breeds security risk. Trustworthy.

Architecture

Architecture Software Digital transformation Risk

Securing Containers with NIST 800-190 and MVISION CNAPP

McAfee

DECEMBER 9, 2020

Companies have moved quickly to embrace cloud native applications and infrastructure to take advantage of cloud provider systems and to align their design decisions with cloud properties of scalability, resilience, and security first architectures.

Architecture

Architecture Risk Technology Penetration Testing

A Spectre proof-of-concept for a Spectre-proof web

Google Security

MARCH 12, 2021

We've confirmed that this proof-of-concept, or its variants, function across a variety of operating systems, processor architectures, and hardware generations. In 2019, the team responsible for V8, Chrome’s JavaScript engine, published a blog post and whitepaper concluding that such attacks can’t be reliably mitigated at the software level.

Engineering

Engineering Architecture Software Firmware

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

Security Boulevard

JULY 21, 2022

For businesses still using the broken SHA-1, they were facing serious risks , including: Increased possibility of a collision or man-in-the-middle attack. NIST has developed a whitepaper which outlines the steps for migration to post-quantum cryptography. Prepare a quantum-safe architecture now. Crypto-agility. Related Posts.

Encryption

Encryption Authentication Backups Architecture

Qualities of a Highly Available Cloud

McAfee

NOVEMBER 16, 2021

Instead, the best of breed functionality was purposefully reconstructed for SSE, using a microservices architecture that can scale elastically, and built on a platform-neutral stack that can run on bare metal and public cloud, equally effectively. From the start, the architecture was designed with zero trust in mind.

Architecture

Architecture Data privacy Software Engineering

10 Lessons Learned from the Top Cyber Threats of 2021

Security Boulevard

JANUARY 10, 2022

We published a whitepaper about Tactics, Techniques, and Procedures (TTPs) and also tools utilized by the DarkSide threat actors. . Practice risk management for the worst case event. Practicing risk management for assets is important to estimate and understand possible outcomes in the event of a cyber attack. . References. [1]

Cyber threats

Cyber threats Ransomware Risk Architecture

Establishing Security Maturity Through CIS Cyber Defense Framework

McAfee

APRIL 20, 2020

In this blog we set out to see how choosing the correct security controls framework can go a long way in establishing a secure foundation, which then allows Enterprise security designers/decision makers to make more informed solution choices while selecting the controls and vendor architectures.

Architecture

Architecture Risk Data breaches Cyber threats

To Achieve Zero Trust Security, Trust The Human Element

Thales Cloud Protection & Licensing

MAY 6, 2021

With more employees working remotely than ever before due to COVID-19, businesses are at greater risk from a cyber-attack with workers accessing systems outside of the usual company network. You can’t scrimp on discovery, but no standard risk assessment scales. Finally, embrace third party risk management.

Social Engineering

Social Engineering Authentication Passwords Technology

Securing tomorrow's software: the need for memory safety standards

Google Security

FEBRUARY 25, 2025

Technologies like ARM's Memory Tagging Extension (MTE) and the Capability Hardware Enhanced RISC Instructions (CHERI) architecture offer a complementary defense, particularly for existing code. Businesses can procure memory-safe products with assurance, reducing their risk and protecting their customers.

Software

Software Technology Government Architecture

Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation

Security Boulevard

APRIL 5, 2022

Their project README has some information on the background of the project in their own words, and the following resources give some more information on this awesome project: blog post , whitepaper , Black Hat USA slides , BlackHat USA presentation. Revoke-Obfuscation and this post stick purely to the obfuscation detection problem.

Architecture

Architecture InfoSec Risk Technology

If Infosec Was a Supermarket Business

Security Boulevard

FEBRUARY 27, 2023

Our imaginary supermarket architecture consists of: A main supermarket store. So, if we apply this to our analogy, we could class this data as low risk. However, would you react the same way if a single piece of low-risk data is affected (i.e. The core of our analogy will be comparing supermarket stock to a business’s data.

InfoSec

InfoSec Cybersecurity Risk Technology

Cyber Security Informer

Safety and Security in Automated Driving

WHITEPAPER: Authentication Does Not Equal Zero Trust

Trending Sources

Safety and Security in Automated Driving

MITRE ATT&CK: The Magic of Application Mitigations

Securing Containers with NIST 800-190 and MVISION CNAPP

A Spectre proof-of-concept for a Spectre-proof web

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

Qualities of a Highly Available Cloud

10 Lessons Learned from the Top Cyber Threats of 2021

Establishing Security Maturity Through CIS Cyber Defense Framework

To Achieve Zero Trust Security, Trust The Human Element

Securing tomorrow's software: the need for memory safety standards

Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation

If Infosec Was a Supermarket Business

Stay Connected