Blog

VxWorks, DOD Weapons Systems and RunSafe

RunSafe Security’s Alkemist addresses the need for increased resilience, offering a proven solution for protecting software in aviation, weapons and support systems against memory corruption errors and buffer overflow exploits – the techniques attackers typically use to gain control of military systems.

Read More

You Now Know that VxWorks is Vulnerable. Now What?

RunSafe Alkemist is an easy, proven method for cyberhardening legacy software and hardware by reducing the attack surface used to compromise firmware, operating systems, and applications within IT/OT environments. Alkemist protections are broadly applicable and suitable in power plants, utilities, data centers, communications networks, vehicles, medical devices, IoT and much more.

Read More
build-deploy

Putting Sec in DevSecOps

At RunSafe Security, we have been busy developing ways to accelerate integrating security into the software development process by aligning with the DevSecOps push – and we think that it is time for us to step up to the table and once and for all put the “Sec” into DevSecOps.

Read More

Why it’s time to fight back against cyber risk to cloud computing and virtual machines

At a time when cloud-based applications and virtual machines are critical to the operations of government institutions and private enterprises, we can no longer put all of our security in the perimeter security and detection tools basket.

Read More

Embracing DevSecOps with Automated Software Binary Security

The automation of software tools, services, and standards through DevSecOps is enabling organizations and government agencies to deliver applications more rapidly while also incorporating security into the process. In fact, many engineers and security professionals believe that combining automation with security is the best way to scale effectively and achieve cyber resilience.

Read More

Cyber security in the supply chain

Stop me if you have heard this before: as companies increasingly rely on third-party software applications, many are losing control over their software supply chain. As globalization continues to scale and geographic constraints loosen, a strong supply chain is necessary to compete in the worldwide marketplace.

Read More
Truck fleet

The Cyber Risk to a Critical Part of Our Economy and Supply Chain: Commercial Trucking

Fleets are often early adopters of ADAS (Advanced Driver Assistance Systems) features that promote safety. The unintended consequence of ADAS adoption, however, are that computers are at the controls. Learn how we make connected fleets more resilient to potential attacks.

Read More
Navy ships in the sea

3 Ways To Advance DoD Cyber Resilience

Learn how the DoD needs to take an incremental, measurable approach to increasing cyber resilience to cyberattack across weapons systems.

Read More

The Lottery You Don’t Want to Win: Introducing the RunSafe Pwn Index™

To help enterprise security teams reduce risk, the RunSafe Pwn Index™, a proprietary score and methodology, tracks the average price of cyber exploits targeting enterprise and government agency software assets.

Read More
Roads within the clouds

Beating Vendor Fatigue: Considerations for Choosing the Right Cybersecurity Provider

Organizations often perceive cybersecurity as a necessary evil. They know that it’s critical to protect business assets but it’s seldom seen as a driver that helps move the business forward. It’s a checkbox, a requirement that is begrudgingly addressed to reduce risk and remain in compliance.

Read More
Cybersecurity Center

Binary Randomized Security

RunSafe Security is a cybersecurity startup and Mach37 graduate focused on providing security solutions to firms and agencies in the domain areas of national security, critical infrastructure, data centers, Industrial Internet of Things (IIoT), and, in the future, healthcare device manufacturers.

Read More
Oil and gas refinery

How Runtime Application Self-Protection (RASP) Can Prevent Cyberattacks in Oil & Gas Environments

Like all sectors of critical infrastructure, the oil and gas (O&G) industry has emerged as a top target for cyberattack, yet most companies are not doing nearly enough to mitigate the risks.

Read More

The Common Vulnerability That Fintech and Bananas Share

Fintech is defined by technologies that span the cloud, mobile devices, blockchain, and AI for financial applications ranging from virtual currencies, to payment processing, money transfers, equity trading, and regulatory compliance, among others.

Read More

Looking into BugZ’s Crystal Ball: What the Industry’s First Coleopteran Chief Vulnerability Officer Predicts for 2019

Let’s not beat around the bug – 2018 was not a good year for my kind. As of now, nearly one in three computers was hit with a malware attack this year, and ransomware attacks were up 43% over 2017, with nothing to signal that these trends will decrease any time soon.

Read More

Connectivity & Complex Supply Chains: Vulnerabilities of U.S. Weapon Systems

Bucking the trend of a cybersecurity blog beginning with bad news, we’re beginning this post with some positive news: the hunt for solutions to weapon systems vulnerabilities is finally underway. This thanks to The MITRE report, the GAO report, and Secretary Mattis’ recent launch of the Protecting Critical Technology Task Force, which fully articulate the vulnerabilities in legacy DoD weapon systems.

Read More

Endpoints Don’t Have to be the Weak Cybersecurity Link!

What you are about to read could be straight out of a horror movie. You would hear the eerie voiceover intoning…”In a world where endpoints are under constant attack, how do you protect yourself? Your critical infrastructure? Your data? Your business?”

Read More

Data centers must look past perimeter security

While data centers have traditionally relied on detection and perimeter security solutions to reduce risk, the proliferation of new types of cyber threats has elevated the need for prevention.

Read More
cyber-newtonian wormhole

Chronicles of the Cyber-Newtonian Wormhole: A Cautionary Tale of an Exploited Vulnerability

Finding a vulnerability and then developing and launching an exploit is repeated many times every day. Companies must be aware of two perspectives: what a system is intended to do, and what a system can do.

Read More

Emboldened Hackers & Vicious Malware: The Result of Our Failure to Learn From the Past

On an almost weekly basis, another organization or government agency owns up to having been “hacked” – admitting that its systems have been breached. For every company that discloses an issue, there are likely 20 – 30 more that keep it under wraps.

Read More

The State of Auto Cybersecurity: Connected Vehicles Have Hackers Accelerating Attacks

As the automotive industry adds more software and connections into vehicles, it simultaneously increases the probability of cyberattacks due to vulnerabilities.

Read More

What Cyberhardening Technology & the Star War’s Galactic Empire Have in Common

One of the main reasons cyber risk continues to increase exponentially is due to the rapid expansion of attack surfaces – the places where software programs are vulnerable to attack or probe by an adversary.

Read More

Industrial IoT’s Kryptonite: Looming Threats Poised to Disrupt Critical Infrastructure

Today’s industrial infrastructure is stronger and smarter than ever before. As manufacturers seek greater scalability and efficiency, they’ve automated and digitized their machines to achieve unprecedented power.

Read More

Supply Chain Cyberattacks Surging – How Can We Prevent Them?

Symantec’s new “Internet Security Threat Report,” shows a 200% increase in reported supply chain cyberattacks year on year.

Read More