#securebydesign — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #securebydesign, aggregated by home.social.
-
AI-Powered Tools Elevate Vulnerability Detection, Pressing Secure-by-Design Mandate
With AI-powered tools, companies can now instantly detect and fix software vulnerabilities, making ignorance a thing of the past when it comes to cybersecurity. As Hans de Vries of ENISA notes, this shift makes a secure-by-design approach not just best practice, but a pressing mandate.
#AipoweredTools #VulnerabilityDetection #Securebydesign #CyberResilienceAct #Enisa
-
Unnecessary complexity makes products hard to maintain and hard to secure. Modern apps such as Cloudflare's EmDash and Tailscale show that designing for simplicity produces stronger security as a side effect.
-
Every component a product ships becomes something customers must configure, patch, and defend. WordPress illustrates this, with 90-96% of its security issues originating in plugins because its architecture gives every plugin unrestricted access to the entire system. Self-hosted databases need replication, backups, and version upgrades, while container platforms need network policies, image scanning, and cluster maintenance. Each added component expands both operational load and attack surface.
Modern architectures are changing what products require customers to run:
* Cloudflare's EmDash reimagines WordPress as a serverless CMS with no PHP runtime, no customer-managed database, and sandboxed extensions that must declare specific capabilities such as "read:content."
* WireGuard's implementation fits in roughly 4,000 lines of kernel code, small enough for one person to audit.
* Tailscale builds on WireGuard so devices connect without customers running servers, opening ports, or rotating certificates.The security improvements came from eliminating components rather than layering new controls on top.
For builders, that shifts the question from "what controls should we add?" to "what can we simplify?" A platform service can replace a customer-managed database, a capability declaration can replace unrestricted plugin access, and a safe default can replace an opt-in checkbox. Each removal shrinks both what customers must maintain and what attackers can target.
For my full article, see:
https://zeltser.com/modern-design-security -
"Shift left" becomes a theatre of speed if security is an afterthought bolted on at deploy time. True DevOps velocity demands security baked into every commit, not just a pre-prod gate. Stop treating compliance as a blocker and start embedding it as a feature of your pipeline. #devops #ShiftLeft #SecureByDesign
-
"Shift left" becomes a theatre of speed if security is an afterthought bolted on at deploy time. True DevOps velocity demands security baked into every commit, not just a pre-prod gate. Stop treating compliance as a blocker and start embedding it as a feature of your pipeline. #devops #ShiftLeft #SecureByDesign
-
AXIS firma l’impegno CISA per la cybersecurity: AXIS Communications annuncia l’adesione all’impegno Secure by Design promosso dalla Cybersecurity and Infrastructure Security Agency (CISA), confermando...
#AXISCommunications #SecurebyDesign #cybersecurity http://dlvr.it/TQpgxq -
AXIS firma l’impegno CISA per la cybersecurity: AXIS Communications annuncia l’adesione all’impegno Secure by Design promosso dalla Cybersecurity and Infrastructure Security Agency (CISA), confermando...
#AXISCommunications #SecurebyDesign #cybersecurity http://dlvr.it/TQpgxq -
AXIS firma l’impegno CISA per la cybersecurity: AXIS Communications annuncia l’adesione all’impegno Secure by Design promosso dalla Cybersecurity and Infrastructure Security Agency (CISA), confermando...
#AXISCommunications #SecurebyDesign #cybersecurity http://dlvr.it/TQpgxq -
An excellent follow-up article from Bob to the #hacklore interview. I particularly like the focus on #SecureByDesign and questioning the need for bolt-on, aftermarket solutions to product failures.
https://medium.com/@boblord/why-hacklore-persists-and-how-we-replace-it-985ac1065a98
-
🌍 💶 Back in December, we looked at the EU’s €1.3B investment in AI, cybersecurity, and digital skills.
The message still stands: security is no longer optional.
At RELIANOID, we help organizations embrace secure-by-design solutions, aligned with NIS2, CRA, and EU regulations.
🔐 Now is the time to invest in security.
#Cybersecurity #DigitalEurope #AI #NIS2 #CyberResilienceAct #RELIANOID #SecureByDesign
-
This is not a "remote code execution (RCE) flaw". Executing code remotely is what the Villains did right. That's attacker-centric language. We need to focus on what the Vendor did wrong.
The software had a "weak authentication" flaw. #SecureByDesign
-
🎯 Neues Jahr = Neue Jahresvorsätze
Viele technische Geräte sind von Beginn an nicht ausreichend gegen Cyberangriffe geschützt. Deshalb setzen wir uns für Secure by Design ein - IT-Sicherheit von Anfang an!
💪 Mehr als nur ein Vorsatz, sondern Pflichtprogramm.
Weitere Informationen und Tipps, wie ihr Cybersicherheit in 2026 von Beginn an mitdenken könnt, findet ihr auf unserer Webseite: bsi.bund.de
-
Built with hardened defaults for users who take privacy seriously.
Whonix delivers anonymity and security you can rely on.#Whonix #PrivacyFirst #Anonymity #SecureByDesign #CyberSecurity #DigitalPrivacy
-
🎉 Big news! Early Bird tickets for OWASP Global AppSec Vienna 2026 are here!
25 years of OWASP ✨ Stunning Vienna 🇦🇹 World-class training 🧠 & a conference like no other 🔥
Why wait? Register now for early bird pricing: https://owasp.glueup.com/event/162243/register/
#appsec #owasp #cybersecurity #securebydesign -
🔐 The UK’s PSTI Act is raising the bar for digital security.
Secure-by-design, no default passwords, clear vulnerability reporting — this isn’t just about IoT, it’s a signal of where global security standards are heading.
At RELIANOID, we fully align with these principles.
Security isn’t a checkbox. It’s a competitive advantage.#CyberSecurity #PSTI #SecureByDesign
https://www.relianoid.com/blog/understanding-the-uk-product-security-and-telecommunications-infrastructure-psti-act/ -
If containers are now the backbone of modern delivery, why are we still securing them as an afterthought? 🤔
This article walks through a bottom-up hardening process that removes unnecessary components, verifies everything from source, and gives teams a security posture that’s proactive.
#DevSecOps #ContainerSecurity #SoftwareSupplyChain #SecureByDesign #CloudNativeSecurity #CICD #PlatformEngineering #OpenSourceSecurity #ActiveState
-
If containers are now the backbone of modern delivery, why are we still securing them as an afterthought? 🤔
This article walks through a bottom-up hardening process that removes unnecessary components, verifies everything from source, and gives teams a security posture that’s proactive.
#DevSecOps #ContainerSecurity #SoftwareSupplyChain #SecureByDesign #CloudNativeSecurity #CICD #PlatformEngineering #OpenSourceSecurity #ActiveState
-
Great read for tech leaders exploring shift-left security and new IT operating models. Join the discussion and share your view on early security adoption. #DigitalTransformationLeadership #CIOpriorities #EmergingTechnologyStrategy #ITOperatingModelEvolution #DataDrivenDecisionMakingInIT #ShiftLeft #SecureByDesign #LeadershipInTech
https://www.linkedin.com/pulse/shifting-left-embedding-security-development-sanjay-k-mohindroo--penac -
Great read for tech leaders exploring shift-left security and new IT operating models. Join the discussion and share your view on early security adoption. #DigitalTransformationLeadership #CIOpriorities #EmergingTechnologyStrategy #ITOperatingModelEvolution #DataDrivenDecisionMakingInIT #ShiftLeft #SecureByDesign #LeadershipInTech
https://www.linkedin.com/pulse/shifting-left-embedding-security-development-sanjay-k-mohindroo--penac -
Great read for tech leaders exploring shift-left security and new IT operating models. Join the discussion and share your view on early security adoption. #DigitalTransformationLeadership #CIOpriorities #EmergingTechnologyStrategy #ITOperatingModelEvolution #DataDrivenDecisionMakingInIT #ShiftLeft #SecureByDesign #LeadershipInTech
https://www.linkedin.com/pulse/shifting-left-embedding-security-development-sanjay-k-mohindroo--penac -
From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.
#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection
-
From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.
#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection
-
From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.
#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection
-
From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.
#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection
-
From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.
#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection
-
With a dual-VM architecture and Tor routing, Whonix blocks even sophisticated spying and monitoring tactics.
#Whonix #SpyProtection #AnonymityOnline #SecureByDesign #NoIPLeaks #CyberDefense #PrivacyTools
-
With a dual-VM architecture and Tor routing, Whonix blocks even sophisticated spying and monitoring tactics.
#Whonix #SpyProtection #AnonymityOnline #SecureByDesign #NoIPLeaks #CyberDefense #PrivacyTools
-
With a dual-VM architecture and Tor routing, Whonix blocks even sophisticated spying and monitoring tactics.
#Whonix #SpyProtection #AnonymityOnline #SecureByDesign #NoIPLeaks #CyberDefense #PrivacyTools
-
Maximum Anonymity
With Whonix, your real IP never touches the internet, every connection is routed through a secure, leak-proof system.#Whonix #AnonymityOnline #NoIPLeaks #PrivacyByDefault #SecureByDesign #TorPowered #CyberDefense
-
Maximum Anonymity
With Whonix, your real IP never touches the internet, every connection is routed through a secure, leak-proof system.#Whonix #AnonymityOnline #NoIPLeaks #PrivacyByDefault #SecureByDesign #TorPowered #CyberDefense
-
Maximum Anonymity
With Whonix, your real IP never touches the internet, every connection is routed through a secure, leak-proof system.#Whonix #AnonymityOnline #NoIPLeaks #PrivacyByDefault #SecureByDesign #TorPowered #CyberDefense
-
Secure by Design. Privacy by Default.
Whonix is built on Kicksecure-hardened Debian and runs inside VMs — so your IP, identity & data stay protected.#Whonix #CyberSecurity #Kicksecure #PrivacyMatters #SecureByDesign #PrivacyByDefault #Anonymity #TorNetwork #VMsecurity #DataProtection #CyberDefense #SecurityHardened #OpenSourceSecurity #DigitalPrivacy
-
Secure by Design. Privacy by Default.
Whonix is built on Kicksecure-hardened Debian and runs inside VMs — so your IP, identity & data stay protected.#Whonix #CyberSecurity #Kicksecure #PrivacyMatters #SecureByDesign #PrivacyByDefault #Anonymity #TorNetwork #VMsecurity #DataProtection #CyberDefense #SecurityHardened #OpenSourceSecurity #DigitalPrivacy
-
"[SUNBURST] pushed us to think even more deeply about newer, emerging threats, resulting in Secure by Design, our pledge to set a new standard for trustworthy and secure software development across the industry."
#SudhakarRamakrishna, CEO, SolarWinds, 2025
This isn't an impressive or comforting as Ramakrishna seems to think. He's admitting their software wasn't secure by design from day 1. Nor in any of the years between 1999 and when they launched this #SecureByDesign reputation laundering.
-
🦃 Thanksgiving is coming up in the US. 🦃 What are you thankful for in software security? I wrote about the welcome progress on memory safety defects. What other areas are moving in the right direction? #SecureByDesign
-
💚 Happy 2nd Birthday, Cryptomator Hub!
Two years of protecting data, empowering teams, and redefining secure collaboration.
See what’s new and what’s ahead in our anniversary blog post: https://cryptomator.org/blog/2025/11/02/hub-anniversary/?utm_source=mastodon&utm_medium=email&utm_campaign=hub-anniversary-2025
#Cryptomator #CryptomatorHub #Anniversary #DataSecurity #PrivacyMatters #TeamWork #CloudEncryption #OpenSourceCommunity #SecureByDesign
-
🤣
What's your most funniest #CybersecurityAwareness story?!In honor of #CybersecurityAwarenessMonth we're offering 15% off your entire order with code NCSAM15 (min. $30).
Because your good security habits deserve it!!
Valid until Nov 1.
Shop here: https://buff.ly/L9VgUXq
#AppSecVillage #CyberSecurity #PhishingAwareness #SecureByDesign
-
During #CybersecurityAwarenessMonth, this one hits hard 👇
Flax Typhoon turned ArcGIS — a trusted geo-mapping app into a stealth backdoor that lived for a year.
No malware, no exploit. Just weak creds + blind trust.
#SecureByDesign isn’t a slogan. It’s survival!
Article via Dark Reading🔗 https://www.darkreading.com/application-security/chinas-flax-typhoon-geo-mapping-server-backdoor
-
I'm joining @cheri_alliance@[email protected] as an ambassador, working to transform cybersecurity at its foundation.
Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed and the 2024 CrowdStrike outage ($5.4 billion in losses). CHERI technology, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.
The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.
I'm particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.
Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe. As we deploy AI and connect critical infrastructure, we can't afford to keep patching symptoms. CHERI addresses the root cause.
Join us in building secure-by-design systems. The Alliance welcomes all who share this vision. Let's stop playing defense and fundamentally solve memory safety.
-
We’re honored to have Adam Shostack delivering a keynote at OWASP Global AppSec US 2025!
📅 November 3–7, 2025 in Washington, D.C.
💻 Training: Nov 3–5 | Conference: Nov 6–7
👉 Register to attend today: https://owasp.glueup.com/event/131624/register/Adam is one of the world’s leading experts on threat modeling and secure by design.
His keynote is a must-see for anyone serious about building more secure systems.
#OWASP #AppSec #Cybersecurity #Infosec #WashingtonDC #ThreatModeling #SecurebyDesign
-
🚨🚩 2025: When file transfer becomes a #circus act involving #procurement #wizards and 'Secure by Design' jesters. Meanwhile, #glFTPd developers laugh from the sidelines, free from the clutches of corporate jargon and finger-pointing PDFs. 🎪🤹♂️
https://labs.watchtowr.com/is-this-bad-this-feels-bad-goanywhere-cve-2025-10035/ #filetransfer #SecureByDesign #humor #HackerNews #ngated -
AI is an even playing field -- how secure by design can tip the scale [Q&A] #QandA #ArtificialIntelligence #SecureByDesign
-
🔐 This article changed the way I think about AI security. We always treated our models as ‘done’ once deployed—but now I see that's just the beginning. Thank you for this perspective! #GenAI #AIsecurity #PostDeployment #LLMSecurity #AIOwnership #ModelDrift #PromptInjection #RedTeamAI #SecureByDesign #ZeroTrustAI #AIGovernance #DevSecOps #SanjayKMohindroo #AIForGood
https://medium.com/@sanjay.mohindroo66/security-doesnt-end-at-deployment-d25902378e64 -
🚀 NEW on We ❤️ Open Source 🚀
SBOMs are the foundation of a more secure open source ecosystem. Alan Pope shows how Syft & Grype help you inventory & scan your software for vulnerabilities—fast, locally, and openly.
https://allthingsopen.org/articles/sbom-open-source-security-syft-grype
#WeLoveOpenSource #SBOM #OpenSourceSecurity #Syft #Grype #FOSS #DevSecOps #SecureByDesign
-
Case matters, folks. 🫠
#Linux #FOSS #Terminal #OpenSource #Bash #CommandLine #TechHumor #TechMeme #Humor #Meme #SysAdmin #System #Privacy #InfoSec #CyberSecurity #LinuxLife #LinuxGaming #Shell #DevLife #Dev #Development #CLI #LinuxCommunity #SecureByDesign #Ubuntu #TechNews #Wayland #DevOps #SelfHosting #ArchLinux #Debian #LinuxAdmin #LinuxTips #LinuxMint #Fedora #PopOS #GNULinux #CloudComputing #GNU #BSD #FreeBSD #OpenBSD
-
Sophos’ Secure by Design 2025 Progress – Source: news.sophos.com https://ciso2ciso.com/sophos-secure-by-design-2025-progress-source-news-sophos-com/ #rssfeedpostgeneratorecho #SecurityOperations #CyberSecurityNews #securebydesign #SecurebyDesign #nakedsecurity #nakedsecurity #SophosXOps #FEATURED #featured #CISA
-
I finally got around to writing a follow-up to my previous blog post that was triggered by Patrick Opet's open letter, regarding the tradeoff organizations make: sacrificing foundational security for business velocity.
In this post, fueled by conversations I had at Identiverse, I explore how we can change that, by trying to answer the real question: Why aren’t we building secure-by-design systems, even when we know how? Spoiler: It's about incentives.
Check it out and let me know your thoughts.
https://blog.talkingidentity.com/2025/06/secure-by-design-has-an-incentive-problem.html
#SecureByDesign #RSAC2025 #CyberSecurity #ZeroTrust #Identiverse2025 #IdentitySecurity #Incentives #SaaS #Compliance #RiskManagement
-
I finally got around to writing a follow-up to my previous blog post that was triggered by Patrick Opet's open letter, regarding the tradeoff organizations make: sacrificing foundational security for business velocity.
In this post, fueled by conversations I had at Identiverse, I explore how we can change that, by trying to answer the real question: Why aren’t we building secure-by-design systems, even when we know how? Spoiler: It's about incentives.
Check it out and let me know your thoughts.
https://blog.talkingidentity.com/2025/06/secure-by-design-has-an-incentive-problem.html
#SecureByDesign #RSAC2025 #CyberSecurity #ZeroTrust #Identiverse2025 #IdentitySecurity #Incentives #SaaS #Compliance #RiskManagement
-
I finally got around to writing a follow-up to my previous blog post that was triggered by Patrick Opet's open letter, regarding the tradeoff organizations make: sacrificing foundational security for business velocity.
In this post, fueled by conversations I had at Identiverse, I explore how we can change that, by trying to answer the real question: Why aren’t we building secure-by-design systems, even when we know how? Spoiler: It's about incentives.
Check it out and let me know your thoughts.
https://blog.talkingidentity.com/2025/06/secure-by-design-has-an-incentive-problem.html
#SecureByDesign #RSAC2025 #CyberSecurity #ZeroTrust #Identiverse2025 #IdentitySecurity #Incentives #SaaS #Compliance #RiskManagement
-
I finally got around to writing a follow-up to my previous blog post that was triggered by Patrick Opet's open letter, regarding the tradeoff organizations make: sacrificing foundational security for business velocity.
In this post, fueled by conversations I had at Identiverse, I explore how we can change that, by trying to answer the real question: Why aren’t we building secure-by-design systems, even when we know how? Spoiler: It's about incentives.
Check it out and let me know your thoughts.
https://blog.talkingidentity.com/2025/06/secure-by-design-has-an-incentive-problem.html
#SecureByDesign #RSAC2025 #CyberSecurity #ZeroTrust #Identiverse2025 #IdentitySecurity #Incentives #SaaS #Compliance #RiskManagement