Clarity Is Key: How Code Quality Affects Security

Introduction Secure code reviews are an indispensable practice if you’re serious about building secure software. Software development processes that incorporate secure code reviews are much more effective at producing secure code than those that don’t. Code reviews are necessary because they can detect a wide range of issues that other security measures may not catch; … [Read more…]

Valuable or vain: assessing cybersecurity solutions

A while back, I had a nice chat with a venture capitalist about the cybersecurity industry. She was picking my brain about trends I had observed when she asked me a great question: “When you hear about a new cybersecurity solution, how do you predict whether or not a new solution will be truly successful?” … [Read more…]

Exploiting Race Conditions with strace

As a security professional and hobbyist, I often deal with security vulnerabilities that are caused by race conditions. By their very nature, race conditions are nondeterministic, which makes them hard to diagnose, difficult to reproduce, and tedious to debug. They can cause serious security vulnerabilities and go quietly undetected for years. Once a race condition … [Read more…]

Breaking Into Cybersecurity with Open Source

Are you interested in a career in cybersecurity? Are you wondering how to get your foot in the door? Well, don’t just get your foot in the door, kick down the door. Create your own cybersecurity internship by contributing to an open source project.