Tag Archives: Alkemist

Systemic Software Risk in the Enterprise Supply Chain

In July 2020 the Atlantic Council, a highly-respected international affairs leadership institute based in Washington, DC, published a wide-ranging, evidence-based report titled “Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain” from its Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative. The report provides vital information on threats and priority focus areas…

Read More

Systemic Software Risk in the Enterprise Supply Chain, Part 1

About this Series of Three Blog Posts In July 2020 the Atlantic Council, a highly-respected international affairs leadership institute based in Washington, DC, published a wide-ranging, evidence-based report titled “Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain” from its Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative. The report provides vital…

Read More

Announcing New Podcast Series: “Lessons from the School of Cyber Hard Knocks”

This blog post introduces a new podcast series hosted by CEO Joe Saunders. Here is a message from him with the backstory. Backstory: The School of Hard Knocks When I was a freshman in college, I was shocked when I received a low mark on my very first midterm exam. Ok, embarrassed. I had always…

Read More

Two RunSafe Advisors Testify Before Congress On Remote Voting

On Friday, July 17, 2020, experts offered testimony on “Exploring the Feasibility and Security of Technology to Conduct Remote Voting in the House.”  In addition to former Speaker Newt Gingrich, Jon Green, Honorable Cheryl L. Johnson, Dr. Ronald Rivest, and Dr. David Wagner, two RunSafe Security advisors, William Crowell and Dr. Avi Rubin, offered expert…

Read More

Insecure Open Source Code Means Software Stacks Are Vulnerable: Painlessly Fix the Problem with Alkemist:Repo

The debate surrounding the security of open source code is sure to continue for years to come, but given that 50% of vulnerabilities in open source code often go unmitigated (even after four years), organizations remain exposed.  The usage of open source is nearly unavoidable today and it’s becoming an integral part of any software…

Read More

With RunSafe and JFrog Together, Immunize Code Directly in the Pipeline without Developer Friction

RunSafe Alkemist is a cybersecurity solution built to defeat an entire class of cyber attacks. It seamlessly integrates into software build toolchains to eliminate the threat of memory-based vulnerabilities. Through RunSafe’s unique User Plugin, Jfrog users can now automatically apply Alkemist protections directly to artifacts flowing through Artifactory repositories. With JFrog being the Universal DevOps…

Read More

How to Produce Secure Embedded Linux Distributions and Reduce Attack Surfaces by 50-70% while Reducing Support and Patching Costs

You’re only a few steps away from deploying Alkemist:Source into your Yocto environment! RunSafe Security’s Alkemist:Source for Yocto reduces attack surfaces and costs associated with frequent security updates and releases of IOT and embedded systems.  Without changing a line of code – or slowing down product releases – you and your development teams can immunize…

Read More

RunSafe Security Alkemist:Repo Launches on Oracle Cloud Marketplace

RunSafe Security taps the Oracle Cloud Marketplace as a strategic distribution platform for its pre-hardened IT Infrastructure Program known as Alkemist:Repo. Alkemist:Repo. is an exciting new program that offers pre-hardened Open Source IT Infrastructure software components with RunSafe protections built in. Using RunSafe’s patented Alkemist transformation engine, the Open Source images available on the Marketplace include…

Read More

You Now Know that VxWorks is Vulnerable. Now What?

RunSafe Alkemist is an easy, proven method for cyberhardening legacy software and hardware by reducing the attack surface used to compromise firmware, operating systems, and applications within IT/OT environments. Alkemist protections are broadly applicable and suitable in power plants, utilities, data centers, communications networks, vehicles, medical devices, IoT and much more.

Read More

Looking into BugZ’s Crystal Ball: What the Industry’s First Coleopteran Chief Vulnerability Officer Predicts for 2019

Let’s not beat around the bug – 2018 was not a good year for my kind. As of now, nearly one in three computers was hit with a malware attack this year, and ransomware attacks were up 43% over 2017, with nothing to signal that these trends will decrease any time soon.

Read More

Connectivity & Complex Supply Chains: Vulnerabilities of U.S. Weapon Systems

Bucking the trend of a cybersecurity blog beginning with bad news, we’re beginning this post with some positive news: the hunt for solutions to weapon systems vulnerabilities is finally underway. This thanks to The MITRE report, the GAO report, and Secretary Mattis’ recent launch of the Protecting Critical Technology Task Force, which fully articulate the vulnerabilities in legacy DoD weapon systems.

Read More

Endpoints Don’t Have to be the Weak Cybersecurity Link!

What you are about to read could be straight out of a horror movie. You would hear the eerie voiceover intoning…”In a world where endpoints are under constant attack, how do you protect yourself? Your critical infrastructure? Your data? Your business?”

Read More