Blog
Product Security
U.S. Federal Information Processing Standard 140-3 Outlines Cryptographic Modules to Prevent Sensitive Data Leak
In the future, all the hardware or software cryptographic modules provided by regulated industries such as cryptographic module vendors and cryptographic accelerator vendors, shall support the algorithms in the FIPS 140-3 certification list, which must also comply with relevant algorithms and cryptographic module requirements.
2020.12.24
Product Security
How to balance the agility and security of product development? About the complementarity of DevSecOps and automation
The importance of DevSecOps can be learned from the past. In 2019, a tragic case was that Facebook once again faced the data leak. More than 267 million Facebook user profiles were exposed on the online database of the Dark Web, including names, IDs and phone numbers. These users may be subject to cyber attacks of spam or phishing emails, which caused Facebook to suffer a loss of credit and a stock price crash.
2020.05.20
Product Security
Onward Security promotes DevSecOps to address challenges in cybersecurity regulatory compliance
In the IoT era, device manufacturers or brands are strongly promoting network-enabled products while trying their best to shorten time-to-market. In their effort to speed up product development, they may overlook some blind spots in data protection and put devices with security vulnerabilities on the market. More often than not, such security vulnerabilities are discovered by foreign government agencies or hackers, which may not only cause harm to consumer privacy but also lead to litigations that damage to business reputation and brand image.
2020.03.16
