SAFECode

February’s focus is #fuzzing! Follow the #SAFECode blog this month to learn more about why and how to add this often underutilized testing method to your #software #security program. Get started herehttps://bit.ly/395L5fH 

#DataPrivacyDay may have been yesterday, but it should be practiced year-round. Our team of experts explore the role software developers play in protecting privacy in our latest blog.https://bit.ly/2vmOF6q 

In our latest blog, @kayseesee shares #memorysafety extensions so you can contribute to your own adoption in #software. Read it here.https://bit.ly/35V6KFi 

What is the role of #software developers in protecting personal #data #privacy? #SAFECode members explore privacy-related software #security challenges.https://bit.ly/2vmOF6q 

Did you know? More than half of all critical #security vulnerabilities across all major ecosystems are #memory safety bugs. @kayseesee of #Google shares more.https://bit.ly/35V6KFi 

ICYMI: SAFECode contributor @kayseesee discusses improving C/C++ security with #hardware-assisted memory safety.https://bit.ly/35V6KFi 

Tomorrow, SAFECode Chairman @EricBaize, will deliver the keynote at Bangalore 2020 FIRST Technical Colloquium @FIRSTdotorg. See the full program here.https://www.first.org/events/colloquia/bangalore2020/program …

New this week on the Blog: Improving #Security with #Hardware-Assisted Memory Safety by @kayseesee.https://bit.ly/35V6KFi 

Worried about C/C++ memory safety? (Hint: You probably should be) SAFECode contributor @kayseesee takes to the SAFECode blog to provide an overview of #hardware extensions that can help.https://bit.ly/35V6KFi 

#Secure #software development can only be achieved with an organizational commitment and a holistic assurance process. But what does that mean in practice? We have the answer.https://bit.ly/2IcXW5G 

Looking back at 2019, our most viewed #training video was “Basic Practices for #Secure Development of #Cloud #Applications.” Watch it here.https://bit.ly/36XkGje 

To support a #security culture within #SDL, a strong #Security Champion is key. How do you build an effective SC program in your organization? Our top blog of 2019 has the answer.https://bit.ly/2stAWWY 

For each of the #secure development practices your organization requires or promotes, you’ll need to consider the expertise/skill level required for their proper execution and the coverage of that expertise in the organization. https://bit.ly/2W2OzcJ  #security #training

#Hashes are not enough to guarantee confidentiality – since the #hashing function is one-way only, you cannot recover the original input from a given hash. Learn more at https://bit.ly/2MndbHw  #cryptography

Like any other injection attack, #SQL injection occurs when malicious user-provided input is not properly coerced into the correct format. Learn how you can stay secure in this #training video.https://bit.ly/2nUX5Lq 

Employing a least privilege strategy ensures that if the attacker does gain access to your #SQL Server they will have as few privileges as possible. Learn more in our #training video herehttps://bit.ly/2D6vwt8 

Remember: a weak initialization vector or the wrong choice of mode of operation can weaken even the strongest #algorithms. Learn more here https://bit.ly/2MndbHw  #cryptography

Practice #threatmodeling at any time in the software development lifecycle and use the results for #security improvements. Learn howhttps://bit.ly/2sI8qB2