Blog

Why Improv Training at RunSafe Security

With the release of “Lessons from the School of Cyber Hard Knocks” podcast, I have been reminded of the importance of learning from our mistakes as a core pillar of our company culture at RunSafe Security. Through internal training sessions, every employee takes a two-hour course I offer called “Lessons from the School of Hard…

Read More

Systemic Software Risk in the Enterprise Supply Chain Part 3

In July 2020 the Atlantic Council, a highly-respected international affairs leadership institute based in Washington, DC, published a wide-ranging, evidence-based report titled “Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain” from its Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative. The report provides vital information on threats and priority focus areas…

Read More

Systemic Software Risk in the Enterprise Supply Chain Part 2

In July 2020 the Atlantic Council, a highly-respected international affairs leadership institute based in Washington, DC, published a wide-ranging, evidence-based report titled “Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain” from its Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative. The report provides vital information on threats and priority focus areas…

Read More

CyberWeek Trivia Tournament Hosted By RunSafe Security

RunSafe Security has decided to hold a trivia tournament during CyberWeek and the winner will receive the coveted RunSafe Trivia Cup and earning the moniker, “The Smartest Cybersecurity Company in the World.”     Every week, as part of our internal team social activities, our team competes in individual trivia competitions. The competition is fierce,…

Read More

Register Now for RunSafe’s CyberSecurity Bashes at Cyber Week October 19-23

RunSafe Security is excited to announce a full lineup of cybersecurity bashes for CyberWeek 2020, held virtually October 19-23, 2020. All of these events will feature cybersecurity heavy hitters and respected industry thought leaders. CyberWeek is a digital experience featuring hundreds of national community events to exchange information, share best practices, and discuss the many…

Read More

Combating the Rise in Open Source Vulnerabilities with RunSafe Security on Oracle Cloud Infrastructure

This post, by Nick Rea, RunSafe Security’s VP, Market Development, originally appeared on the Oracle Cloud Infrastructure Blog: Managing cybersecurity vulnerabilities for organizations of any size is no small task. For organizations that produce their own code, they’re a step ahead with access to the code itself. But what about organizations that use third-party code…

Read More

Systemic Software Risk in the Enterprise Supply Chain, Part 1

About this Series of Three Blog Posts In July 2020 the Atlantic Council, a highly-respected international affairs leadership institute based in Washington, DC, published a wide-ranging, evidence-based report titled “Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain” from its Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative. The report provides vital…

Read More

Announcing New Podcast Series: “Lessons from the School of Cyber Hard Knocks”

This blog post introduces a new podcast series hosted by CEO Joe Saunders. Here is a message from him with the backstory. Backstory: The School of Hard Knocks When I was a freshman in college, I was shocked when I received a low mark on my very first midterm exam. Ok, embarrassed. I had always…

Read More

Two RunSafe Advisors Testify Before Congress On Remote Voting

On Friday, July 17, 2020, experts offered testimony on “Exploring the Feasibility and Security of Technology to Conduct Remote Voting in the House.”  In addition to former Speaker Newt Gingrich, Jon Green, Honorable Cheryl L. Johnson, Dr. Ronald Rivest, and Dr. David Wagner, two RunSafe Security advisors, William Crowell and Dr. Avi Rubin, offered expert…

Read More

Insecure Open Source Code Means Software Stacks Are Vulnerable: Painlessly Fix the Problem with Alkemist:Repo

The debate surrounding the security of open source code is sure to continue for years to come, but given that 50% of vulnerabilities in open source code often go unmitigated (even after four years), organizations remain exposed.  The usage of open source is nearly unavoidable today and it’s becoming an integral part of any software…

Read More

With RunSafe and JFrog Together, Immunize Code Directly in the Pipeline without Developer Friction

RunSafe Alkemist is a cybersecurity solution built to defeat an entire class of cyber attacks. It seamlessly integrates into software build toolchains to eliminate the threat of memory-based vulnerabilities. Through RunSafe’s unique User Plugin, Jfrog users can now automatically apply Alkemist protections directly to artifacts flowing through Artifactory repositories. With JFrog being the Universal DevOps…

Read More

How to Produce Secure Embedded Linux Distributions and Reduce Attack Surfaces by 50-70% while Reducing Support and Patching Costs

You’re only a few steps away from deploying Alkemist:Source into your Yocto environment! RunSafe Security’s Alkemist:Source for Yocto reduces attack surfaces and costs associated with frequent security updates and releases of IOT and embedded systems.  Without changing a line of code – or slowing down product releases – you and your development teams can immunize…

Read More

RunSafe Security Alkemist:Repo Launches on Oracle Cloud Marketplace

RunSafe Security taps the Oracle Cloud Marketplace as a strategic distribution platform for its pre-hardened IT Infrastructure Program known as Alkemist:Repo. Alkemist:Repo. is an exciting new program that offers pre-hardened Open Source IT Infrastructure software components with RunSafe protections built in. Using RunSafe’s patented Alkemist transformation engine, the Open Source images available on the Marketplace include…

Read More

5-Minute Memory Threat Immunization for Yocto Build Environments

The yocto project is a game-changing developer environment that streamlines the creation of custom embedded linux distributions for any hardware architecture. yocto uses “layers” and “recipes” to provide easy configuration management and a reliable and reproducible build process. This toolchain has opened the door to inserting security easily into the build process, reducing operational burdens…

Read More

Lockheed Martin Ventures and NextGen Venture Partners Invest in RunSafe Security

Lockheed Martin Ventures and NextGen Venture Partners Invest in RunSafe Security RunSafe’s patented process immunizes software across build and deploy toolchains MCLEAN, VA. – March 5, 2020 – RunSafe Security, the pioneer of a patented process to immunize software from cyber attacks without developer friction, today announced a second close of $3.5M in Series A…

Read More

Supply Chain Economics and Security

Let’s face it, supply chains are complex and distributed. Operations matter, and for some it is truly a miracle how many coordinated parts come together into a seamless operation.  In fact, some manufacturers have tens of thousands of suppliers, from raw materials to hardware to firmware to software and everything in between.  As companies continually…

Read More
Cybersecurity Center

VxWorks, DOD Weapons Systems and RunSafe

RunSafe Security’s Alkemist addresses the need for increased resilience, offering a proven solution for protecting software in aviation, weapons and support systems against memory corruption errors and buffer overflow exploits – the techniques attackers typically use to gain control of military systems.

Read More

You Now Know that VxWorks is Vulnerable. Now What?

RunSafe Alkemist is an easy, proven method for cyberhardening legacy software and hardware by reducing the attack surface used to compromise firmware, operating systems, and applications within IT/OT environments. Alkemist protections are broadly applicable and suitable in power plants, utilities, data centers, communications networks, vehicles, medical devices, IoT and much more.

Read More
build-deploy

Putting Sec in DevSecOps

At RunSafe Security, we have been busy developing ways to accelerate integrating security into the software development process by aligning with the DevSecOps push – and we think that it is time for us to step up to the table and once and for all put the “Sec” into DevSecOps.

Read More

Why it’s time to fight back against cyber risk to cloud computing and virtual machines

At a time when cloud-based applications and virtual machines are critical to the operations of government institutions and private enterprises, we can no longer put all of our security in the perimeter security and detection tools basket.

Read More

Embracing DevSecOps with Automated Software Binary Security

The automation of software tools, services, and standards through DevSecOps is enabling organizations and government agencies to deliver applications more rapidly while also incorporating security into the process. In fact, many engineers and security professionals believe that combining automation with security is the best way to scale effectively and achieve cyber resilience.

Read More

Cyber security in the supply chain

Stop me if you have heard this before: as companies increasingly rely on third-party software applications, many are losing control over their software supply chain. As globalization continues to scale and geographic constraints loosen, a strong supply chain is necessary to compete in the worldwide marketplace.

Read More
Truck fleet

The Cyber Risk to a Critical Part of Our Economy and Supply Chain: Commercial Trucking

Fleets are often early adopters of ADAS (Advanced Driver Assistance Systems) features that promote safety. The unintended consequence of ADAS adoption, however, are that computers are at the controls. Learn how we make connected fleets more resilient to potential attacks.

Read More
Navy ships in the sea

3 Ways To Advance DoD Cyber Resilience

Learn how the DoD needs to take an incremental, measurable approach to increasing cyber resilience to cyberattack across weapons systems.

Read More

The Lottery You Don’t Want to Win: Introducing the RunSafe Pwn Index™

To help enterprise security teams reduce risk, the RunSafe Pwn Index™, a proprietary score and methodology, tracks the average price of cyber exploits targeting enterprise and government agency software assets.

Read More
Roads within the clouds

Beating Vendor Fatigue: Considerations for Choosing the Right Cybersecurity Provider

Organizations often perceive cybersecurity as a necessary evil. They know that it’s critical to protect business assets but it’s seldom seen as a driver that helps move the business forward. It’s a checkbox, a requirement that is begrudgingly addressed to reduce risk and remain in compliance.

Read More
Cybersecurity Center

Binary Randomized Security

RunSafe Security is a cybersecurity startup and Mach37 graduate focused on providing security solutions to firms and agencies in the domain areas of national security, critical infrastructure, data centers, Industrial Internet of Things (IIoT), and, in the future, healthcare device manufacturers.

Read More
Oil and gas refinery

How Runtime Application Self-Protection (RASP) Can Prevent Cyberattacks in Oil & Gas Environments

Like all sectors of critical infrastructure, the oil and gas (O&G) industry has emerged as a top target for cyberattack, yet most companies are not doing nearly enough to mitigate the risks.

Read More

The Common Vulnerability That Fintech and Bananas Share

Fintech is defined by technologies that span the cloud, mobile devices, blockchain, and AI for financial applications ranging from virtual currencies, to payment processing, money transfers, equity trading, and regulatory compliance, among others.

Read More

Looking into BugZ’s Crystal Ball: What the Industry’s First Coleopteran Chief Vulnerability Officer Predicts for 2019

Let’s not beat around the bug – 2018 was not a good year for my kind. As of now, nearly one in three computers was hit with a malware attack this year, and ransomware attacks were up 43% over 2017, with nothing to signal that these trends will decrease any time soon.

Read More