Evolving Threats and Regulations in Software Supply Chain Security
13 min read
Evolving Threats and Regulations in Software Supply Chain Security
By Eric Byres on February 13, 2024

2023 is in the rearview mirror and 2024 is now well underway. I wanted to post my thoughts on some of the software supply chain trends we saw last year and how they will continue to shape...

Continue Reading
EU Cyber Resilience Act (CRA) Clears Penultimate Step
5 min read
EU Cyber Resilience Act (CRA) Clears Penultimate Step
By Eric Byres on December 8, 2023

On December 3rd, the EU's new Cyber Resilience Act (CRA) got a big step closer to being adopted when the European Parliament and the EU Council reached an agreement on the legislation. It...

Continue Reading
The Wretched State of OT Firmware Patching
4 min read
The Wretched State of OT Firmware Patching
By Eric Byres on October 11, 2023

This blog is a follow-up to our first post on the 2023 Microsoft Digital Defense Report where I described our collaboration with Microsoft on identified exploitable OT vulnerabilities.There...

Continue Reading
Microsoft Digital Defense Report: Behind the Scenes Creating OT Vulnerabilities
3 min read
Microsoft Digital Defense Report: Behind the Scenes Creating OT Vulnerabilities
By Eric Byres on October 5, 2023

Earlier this summer, aDolus collaborated with Microsoft on vulnerability analysis and contributed to their Microsoft Digital Defense Report 2023 (MDDR 2023). This report is a significant...

Continue Reading
An Analysis of Generative AI: How to Be Confidently Wrong
7 min read
An Analysis of Generative AI: How to Be Confidently Wrong
By Marcello Delcaro on April 11, 2023

The recent release of the National Cybersecurity Strategy document by the White House prompted me to test Microsoft's new Bing chat feature, which is powered by OpenAI's language model,...

Continue Reading
S4x23 SBOM Challenge — Part 3: VEX Document Ingestion
7 min read
S4x23 SBOM Challenge — Part 3: VEX Document Ingestion
By Derek Kruszewski on March 16, 2023

Three weeks ago I reported on the first part of the S4x23 SBOM Challenge run by Idaho National Laboratory (INL), which focused on SBOM Creation. Last week I reported on the second part:...

Continue Reading
S4x23 SBOM Challenge — Part 2: SBOM Ingestion
7 min read
S4x23 SBOM Challenge — Part 2: SBOM Ingestion
By Derek Kruszewski on March 8, 2023

Two weeks ago I reported on the first part of the SBOM Challenge at the S4x23 cybersecurity conference in Miami, Florida. The Day 1 goal was for each team to create an accurate SBOM for...

Continue Reading
Three Quick Takeaways from Biden’s National Cybersecurity Strategy
2 min read
Three Quick Takeaways from Biden’s National Cybersecurity Strategy
By Eric Byres on March 2, 2023

NOTE: We were going to publish our second blog of the S4x23 SBOM Challenge today. However, the new National Cybersecurity Strategy was released this morning, and we thought that...

Continue Reading
S4x23 SBOM Challenge — Part 1
10 min read
S4x23 SBOM Challenge — Part 1
By Derek Kruszewski on February 24, 2023

The aDolus Team has just returned from participating in the SBOM Challenge at the S4x23 cybersecurity conference in Miami, Florida. This blog is the first of a series reporting on what we...

Continue Reading
A Flurry of Regulatory Action and the Need for SBOMs
5 min read
A Flurry of Regulatory Action and the Need for SBOMs
By Eric Byres on October 12, 2022

Executive Order 14028 on Improving the Nation's Cybersecurity was issued in May of 2021 and provided a roadmap for a series of regulatory initiatives that government agencies (and anyone...

Continue Reading
Loading more posts
No more posts to load
1 2 3 4

Stay up to date