Categories
CyberSecurity

What is DevOps/DevSecOps (or more to the point, what it is not)

I recently had a conversation with a CISO at a major automobile manufacturing company who uses a DevSecOps strategy and so I started inquiring about it. What I discovered was a definition of DevOps which was terribly unsecure. I later asked around and I discovered this was not a single case, most companies who claim […]

Categories
CyberSecurity

Your Password Complexity rules don’t work.

This sounds very strange. Security professionals and users alike are told we need to set up very complex passwords to protect our systems. This has been engrained in us so deeply we rely on it to protect all our most precious information. Current password complexity, however, is completely broken and our reliance on it is […]