Endpoint Cybersecurity GmbH
- Guide for delivering frequently software features that matter (series) #2/2: Challenges and the path forward
- Guide for delivering frequently software features that matter (series) #1/2: the Pillars of successful frequent delivery
- Guide for delivering frequently software features that matter (series)
- Beyond “Move Fast and Fail Fast”: Balancing Speed, Security, and … Sanity in Software Development (with Podcast)
- Project management with Scrum (with Podcast)
- Comparing “Records of Processing Activities” (ROPA) and “Data Protection Impact Assessments” (DPIA) (with Podcast)
- AI vs. (secure) software developers
- Accelerating feature delivery in software development
- How-To create Security User Stories
- Delivering secure software in an agile way
The Automotive industry’s inadequate approach towards software (in the cars)
/in EducationalIntroduction The automotive industry has witnessed a paradigm shift with the increasing integration of software in vehicles. Modern cars are no longer just mechanical devices with a motor, wheels and steering; they are now sophisticated machines having dozens of CPUs (called ECU), entire computers, high speed network to connect them (called CAN-bus) and relying on […]
ChatGPT and automotive cybersecurity #2/2: TISAX certification
/in EducationalThis is the 2nd post about Automotive Cybersecurity. Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them. First post was about CSMS and ISO 21434 and this one is about […]
ChatGPT and automotive cybersecurity #1/2: About CSMS from ISO 21434
/in EducationalAs promised, I played more with ChatGPT and this time I started to dig a bit into cybersecurity for automotive. Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them. Unfortunately, nothing […]
A brief history of software vulnerabilities in vehicles (Update 2023)
/in EducationalUpdated in 2023: 2023: Sam Curry: Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Kia, Honda, Infiniti, Nissan, Acura Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number Fully remote account takeover and PII disclosure via VIN […]
Risk Assessment of AWS services used in building a resilient Web App on AWS
/in EducationalWe wrote here in the article “Building Resilient Web Applications on AWS: A Comprehensive Approach to Security” how to use certain AWS services to implement a resilient web based application. The services mentioned require also a brief analysis in respect to Security, Confidentiality, Integrity, Availability and Privacy. Contents Toggle CloudTrail Risk Assessment Mitigation Privacy CloudWatch Risk […]