VDOO Takes Part in NTIA’s Initiative for Software Transparency

A software product’s code-base grows over time with added functionality resulting in the use of potentially numerous new 3rd party libraries. Some of these libraries are well-maintained by commercial organizations and some are maintained by communities of open source developers. Over time, it is easy for a development team to lose track of these software components, resulting in gaps in visibility into component vulnerabilities. This can have an impact on the security of the product and introduce un-needed risk into end-user customer organizations.

Continue reading “VDOO Takes Part in NTIA’s Initiative for Software Transparency”

5 Initial Steps to Mitigate Security Threats in Consumer IoT Products

The major botnet variants seen over the last few years have been enabled primarily by a lack of basic security engineering practices applied to consumer IoT devices. BASHLITE, Mirai, Remaiten and Linux.Darlloz all relied at least partially on dictionary attacks that took advantage of well-known default username/password combinations to compromise devices.

Continue reading “5 Initial Steps to Mitigate Security Threats in Consumer IoT Products”