Strategies for Building Cyber Security into Software Development

Software Magazine

In this Software Magazine piece, Galois’ Isaac Potoczny-Jones writes about what vendors can do to build cyber security into their products from the start. “Cyber security should not be an afterthought in the software development process; it should be the first thought. As applications, systems and devices increasingly fall victim to hacks, vendors may be tempted to assume that business users and consumers have become desensitized to the problem. That adding two-factor authorization or offering three months of credit monitoring service will somehow wipe the slate clean with no damage done to brand perception, customer growth, and revenues. This is not the case. Building cyber security into the front end of the software development process is critical to ensuring software works only as intended.”

Permalink

Secure drone software evades hackers

GCN.COM

“For those who might recall an alarming story recently from “60 Minutes” regarding the potential for motor vehicles, smart homes and drones to be hacked, Galois’s new secure software might assuage such concerns. The tech company from Oregon recently announced it has developed “the world’s most secure [drone] software.””

Permalink

Pentagon wants unhackable drone helicopters by 2018

Engadget

“We’ve developed a new programming language that is provably free from those vulnerabilities,” Lee Pike, cyber-physical systems research lead for Galois, said in a statement. “The approach is to transition the programming language we’ve developed, called Ivory, to Boeing so that they can rewrite their systems.”

Permalink

Latest Internet voting reports show failures across the board

Al Jazeera

“All kinds of experimental systems have been designed in the last 15 years,” said Joseph Kiniry, the principal investigator at the technology firm Galois who is researching the possibility of end-to-end verifiable online voting with the Overseas Vote Foundation. “But in general researchers are quite conservative about proposing that their system is ready for primetime. […]

Permalink

After massive Heartbleed security breach, Portland cybersecurity firm offers a solution

Portland Business Journal

I caught up with security researchers at downtown-based Galois, a company dedicated to making computer systems worthy of the trust we put in them. This massive bug, called Heartbleed, has highlighted the need for companies, especially those with secure transactions, to have regular security audits and plans in place on how to deal with issues […]

Permalink