Securing the Secure: The Importance of Secure Software Practices in Security Software Development

In an increasingly interconnected digital world, the importance of secure software cannot be overstated.

Many people think that by using security software all their digital assets become automatically secured.

However, it is crucial to recognize that security software itself is not inherently secure by default.

To ensure the highest level of protection, security software must be designed, developed, and maintained using secure software practices.

This blog post emphasizes how important it is to incorporate secure software development practices within the broader context of the secure software lifecycle for security software.


Understanding the Secure Software Lifecycle

The secure software lifecycle encompasses the entire journey of a security software product, from its inception to its retirement.

It consists of multiple stages, such as :

  • Requirements gathering/Analysis
  • Design,
  • Implementation
  • Testing,
  • Deployment
  • Maintenance
  • Retirement

Incorporating secure software practices at each step is essential to fortify the software’s defense against potential vulnerabilities and attacks.


Implement Secure Software Development Practices

Implementing secure software practices involves adopting a proactive approach to identify and address security concerns from the outset.

Some fundamental practices include:

a. Threat Modeling:

Conducting a comprehensive analysis of potential threats and vulnerabilities helps developers design robust security measures. By understanding potential risks, developers can prioritize security features and allocate resources accordingly.

b. Secure Coding:

Writing code with a security-first mindset minimizes the likelihood of exploitable vulnerabilities. Adhering to coding standards, utilizing secure coding libraries, and performing regular code reviews and audits contribute to building a solid foundation for secure software.

c. Secure Configuration Management

Properly configuring the security software environment, such as secure network settings, encryption protocols, and access controls, is vital for safeguarding against unauthorized access and data breaches.

d. Regular Security Testing

Rigorous testing, including vulnerability assessments, penetration testing, and code analysis, helps identify and rectify security flaws. It ensures that security software operates as intended and remains resilient against evolving threats.


The Bigger Picture: Security in a Connected World

Secure software development practices extend beyond the development of security software alone. They have a broader impact on the overall security ecosystem. The adoption of secure software practices sets a precedent for other software developers, promoting a culture of security awareness and accountability.

Moreover, incorporating secure practices in security software helps foster trust among users and organizations. It instills confidence that the software is diligently designed to protect sensitive information and critical systems. Secure software practices also contribute to regulatory compliance, enabling organizations to meet stringent security standards and safeguard user data.


The Vital Importance of Secure Software: Consequences of Security Vulnerabilities for Security Companies

The implications of security vulnerabilities go beyond the immediate risks they pose to users and organizations. For security companies, the consequences of having products with security vulnerabilities can be severe, impacting their reputation, customer trust, and overall business viability.

Here are just a few negative consequences that security companies may face if their products fall prey to security vulnerabilities:

  1. Reputation Damage: Security companies are built on trust and reliability. When a security product is discovered to have vulnerabilities, it erodes customer confidence and tarnishes the company’s reputation. The perception that a security company cannot protect its own software casts doubt on its ability to safeguard sensitive information and defend against external threats. This loss of trust can be challenging to regain, resulting in a significant blow to the company’s credibility and market standing.
  2. Customer Loss and Dissatisfaction: Security vulnerabilities in software can lead to compromised systems, data breaches, and financial losses for users. In such instances, customers are likely to seek alternative security solutions, abandoning the vulnerable product and the company behind it. This loss of customers not only affects the company’s revenue but also demonstrates a lack of customer satisfaction and loyalty. Negative word-of-mouth can spread rapidly, deterring potential customers from considering the security company’s offerings in the future.
  3. Legal and Regulatory Consequences: Security vulnerabilities can have legal and regulatory implications for security companies. Depending on the nature and severity of the vulnerabilities, companies may face legal action from affected parties, resulting in costly litigation and potential financial penalties. Furthermore, security companies operating in regulated industries, such as finance or healthcare, may face compliance violations, leading to fines and reputational damage. Compliance with security standards and industry regulations is critical for security companies to maintain credibility and avoid legal consequences.
  4. Increased Operational Costs: Addressing security vulnerabilities requires significant resources, both in terms of time and finances. Security companies must invest in dedicated teams to investigate, fix, and release patches or updates to address vulnerabilities promptly. Additionally, engaging in incident response, customer support, and post-incident communication efforts adds to the operational costs. Failure to address vulnerabilities in a timely and efficient manner can exacerbate the negative consequences, making the recovery process more challenging and expensive.


In an era where security breaches and cyber threats are prevalent, relying solely on the notion that security software is inherently secure is a grave misconception. Secure software practices are indispensable for developing robust and resilient security software. By implementing these practices throughout the software lifecycle, developers can significantly mitigate the risks associated with vulnerabilities and ensure the highest level of protection for users and organizations alike. Embracing secure software practices sets the stage for a safer digital landscape, bolstering trust, and reinforcing security across the entire software development ecosystem. By prioritizing security, security companies can protect their customers, preserve their reputation, and maintain a competitive edge in the ever-evolving landscape of cybersecurity.


If you want to know more about SSDLC, contact Endpoint Cybersecurity for a free consultation.

Secure Software Development Lifecycle (SSDLC)

The post Securing the Secure: The Importance of Secure Software Practices in Security Software Development first appeared on Sorin Mustaca on Cybersecurity.

The Automotive industry’s inadequate approach towards software (in the cars)


The automotive industry has witnessed a paradigm shift with the increasing integration of software in vehicles.

Modern cars are no longer just mechanical devices with a motor, wheels and steering; they are now sophisticated machines having dozens of CPUs (called ECU), entire computers, high speed network to connect them (called CAN-bus) and relying on complex highly distributed software systems.

In my opinion, the industry fails to adapt to this new reality and fully embrace the concept of cars as hardware running software has significant consequences.

This may sound contradictory at first, on one side they have these complex systems, on the other side they fail to adapt to this reality.

In this article, I will explore how the automotive industry is not dealing correctly with this transformation and its potential implications.


Limited Focus on Software Development and Updates

Traditionally, the automotive industry has primarily focused on hardware design and manufacturing, treating software as a necessary mean to make the hardware work.

This approach results in a lack of emphasis on software development practices and updates capabilities.

While cars are becoming more connected and dependent on software for various functionalities, manufacturers often overlook the importance of continuous software improvements and security updates.

How often do you update the software of your car? Maybe once a year in the best case, usually once every several years or not at all.

It’s not all bad, but think of how many times does Open SSL get updated in a year. Theoretically you should see an update every few months.


Insufficient Over-the-Air (OTA) Update Capabilities

Related to updates, Over-the-Air (OTA) updates have gained prominence in the software industry as an efficient means of delivering software fixes, updates, and new features directly to users.

However, the automotive industry has been slow to adopt OTA capabilities on a widespread scale out of their own will.

Limited OTA functionality not only hampers the ability to address software vulnerabilities promptly but also restricts the potential for delivering new features and enhancements to vehicles post-purchase.

Fortunately, there are many initiatives to solve this and even legislation (UNECE R 155 and R 156) that started to make software updates mandatory for releasing new car types.


Slow Adoption of Agile SW Development Processes

Agile software development methodologies have become the norm in the software industry due to their flexibility and iterative nature.

However, the automotive industry lags behind in adopting these practices. And this is politically correct formulated.

The OEMs are still working with the V-Model, despite the fact that you hear them talking about sprints, iterations, Scrum, XP programming. All these are actually implemented with small V runs and have little to nothing to do with agility.

The slow pace of development and release cycles in the automotive sector hinders the quick implementation of software fixes and feature enhancements.

This delay not only frustrates customers but also puts their safety at risk by keeping potentially critical issues unresolved for extended periods.

Lack of Consumer Education and Awareness

The general public’s understanding of cars as hardware running software is limited. First when TESLA became an important OEM, the entire world  started to understand how important software is in a car.

Immediately after has the automotive industry started to feel threatened by it and they started to invest more in software, more particularly, in improving the user experience of their cars.

If I make a comparison with the mobile phones in the early 2000, the TESLA is the iPhone while the other OEMs were Nokia and the others. We all know what happened to Nokia because they did not move faster.

Consumers must continue to push the OEMs to enhance the software of their cars, but this is a slow process, because the cars with good software are expensive, and people with money usually don’t look first at the software capabilities of their cars.


Inadequate Cybersecurity Measures

As cars become increasingly connected and autonomous, they become vulnerable to cyber threats.

Unfortunately, the automotive industry has been sluggish in implementing robust cybersecurity measures to protect vehicles from potential attacks.

Insufficient attention to software security leaves vehicles open to hacking, which can lead to unauthorized access, data breaches, or even physical harm.

The industry must prioritize cybersecurity and invest in proactive measures to safeguard vehicles and their occupants.

Because cybersecurity is hard to implement, very expensive and requires specialized personnel, no OEM was willing improving their cybersecurity.

This is the reason why the UNECE R155 requires now a Cybersecurity Management System (CSMS) audit in order to allow new vehicle types.


If you are an OEM or subcontractor (Tier 1-N) then you may want to know that Endpoint Cybersecurity is offering consulting on how to implement such a CSMS and make it auditable.

Lack of standards

Same as for computers, the IT industry started to exponentially increase only after there were good reasons to use computers. Only after the Internet became main stream have businesses, regular people and families started to buy computers.  So communication or inter-communication was and still is a main factor to buy hardware.

The same is happening with cars: people start to see the need for software in cars and now they start asking for better software. This can only happen if there is a market for software, but to create a market you need standards.

Android Auto and  Apple Car are standards that allow 3rd parties to create apps for the cars, but the offer is extremely small and not really relevant.

In my opinion, only when cars can exchange data either directly (Vehicle to Vehicle communication – V2V) or through some infrastructure (V2I) on a large scale will we see a significant increase in software demand.
Unfortunately, the lack of standards for communication between vehicles is making this process extremely slow.



The automotive industry’s failure to fully embrace the concept of cars as hardware running very complex software has far-reaching consequences on the long term.

By neglecting software development, cybersecurity, and collaboration with software experts, OEMs put customer safety and satisfaction at risk. Classical OEMs have started to see too late that better software means more sales and more satisfied customers and reacted too slow to find solutions.

The limited adoption of agile development processes and inadequate OTA update capabilities further hinder progress in this domain.

To address these challenges, the industry must prioritize software as an integral part of vehicle design and manufacturing, invest in cybersecurity measures, foster collaboration with software experts, and educate consumers about the software-driven nature of modern cars.

Only through a comprehensive and proactive approach can the automotive industry truly unlock the potential of cars as hardware running software.

The post The Automotive industry’s inadequate approach towards software (in the cars) first appeared on Sorin Mustaca on Cybersecurity.

ChatGPT and automotive cybersecurity #2/2: TISAX certification

This is the 2nd post about Automotive Cybersecurity.

Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them.


First post was about CSMS and ISO 21434 and this one is about TISAX.



Tell me about challenges in TISAX certification 



“TISAX (Trusted Information Security Assessment Exchange) is a security assessment and certification process for automotive suppliers. The certification is used to evaluate and ensure the information security capabilities of companies in the automotive sector.

There are several challenges associated with TISAX certification:

  • Complex requirements: TISAX has extensive and complex security requirements that can be difficult to understand and implement. Companies may struggle to meet these requirements and may need help from experts to achieve certification.
  • Resource constraints: Implementing the security measures required for TISAX certification can be resource-intensive and time-consuming. This can be especially challenging for small or medium-sized businesses.
  • Technical difficulties: Companies may face technical challenges in implementing the necessary security controls, particularly if their existing systems are not well-suited to the TISAX requirements.
  • Cost: The cost of TISAX certification can be significant, and this may be a challenge for companies with limited budgets.
  • Maintenance: TISAX certification must be maintained, and companies must continually evaluate and improve their security controls to stay certified. This can be a challenge, as the threat landscape is constantly evolving and new risks emerge.

Overall, TISAX certification requires a substantial investment of time, resources, and expertise, but it is considered an important aspect of information security for companies operating in the automotive sector.”


So, I have to say that this impressed me a bit …

I have always difficulties explaining to my customers why is it so hard to pass the TISAX audit.

It is all true, and actually it is quite a challenge to get companies to commit to a long term cooperation with a consulting company, which can help them understand the requirements and teach them how to apply them.



I will get back to ChatGPT from time to time and try to get such short descriptions for various things I need.

The post ChatGPT and automotive cybersecurity #2/2: TISAX certification first appeared on Sorin Mustaca on Cybersecurity.

Risk Assessment of AWS services used in building a resilient Web App on AWS

We wrote here in the article “Building Resilient Web Applications on AWS: A Comprehensive Approach to Security” how to use certain AWS services to implement a resilient web based application.

The services mentioned require also a brief analysis in respect to Security, Confidentiality, Integrity, Availability and Privacy.



AWS CloudTrail records API calls and creates log files, providing visibility into user activity, resource changes, and actions taken within your AWS account.

Risk Assessment

  • Security: Unauthorized modifications to CloudTrail settings or log tampering.
  • Confidentiality: Exposure of sensitive log data.
  • Integrity: Unauthorized access to CloudTrail logs.
  • Availability: Disruptions in CloudTrail could impact auditability.


Implement access controls, enable log file integrity validation, regularly review logs, and use redundant log storage.


  • Data Collection: CloudTrail logs AWS account activity, potentially containing sensitive information.
  • Data Storage: Logs include API calls and identity details, stored securely by AWS.
  • Data Retention: AWS retains logs for a limited time and may use aggregated data for service improvement.



CloudWatch is a monitoring service that provides real-time insights into AWS resources and applications, helping you respond quickly to events or changes in your environment.

Risk Assessment

  • Security: Unauthorized access to CloudWatch data.
  • Confidentiality: Exposure of sensitive monitoring data.
  • Integrity: Unauthorized modifications to monitoring configurations.
  • Availability: Relies on underlying infrastructure; disruptions may impact real-time monitoring.


Implement access controls, encrypt sensitive data, conduct regular audits, and employ redundancy for critical components.


  • Data Collection: CloudWatch collects and monitors performance and operational data.
  • Data Storage: Metric data and configurations are stored securely by AWS.
  • Data Retention: AWS retains metric data for a limited time and may use aggregated data for service improvement.



IAM is AWS’ cloud-based identity and access management service, providing authentication and authorization for users and devices.

Risk Assessment

  • Security: Unauthorized access to user accounts or directory configurations.
  • Confidentiality: Exposure of sensitive identity information.
  • Integrity: Unauthorized modifications to user attributes or directory settings.
  • Availability: Downtime impacting authentication and access control.


Implement multi-factor authentication, strong password policies, regular security audits.


  • Data Collection: AWS IAM collects and manages user authentication and authorization data.
  • Data Storage: User identities, permissions, and access policies are stored securely by AWS.
  • Data Retention: AWS retains user data for service functionality and may use aggregated data for service improvement, but individual user data is not disclosed externally.

AWS Fargate

AWS Fargate is a serverless compute engine for containers that lets you run containers without managing the underlying infrastructure.

Risk Assessment

  • Security: Unauthorized access to containerized applications.
  • Confidentiality: Exposure of sensitive container configurations.
  • Integrity: Unauthorized modifications to container environments.
  • Availability: Downtime impacting containerized application execution.


Implement access controls, encrypt container data, conduct regular security scans, and deploy in a redundant and scalable manner.


  • Data Collection: Fargate processes and manages containerized applications.
  • Data Storage: Task and container configurations are stored securely by AWS.
  • Data Retention: AWS retains task and container data for a limited time and may use aggregated data for service improvement.

AWS WAF (Web Application Firewall)

AWS WAF is a web application firewall that helps protect web applications from common web exploits, such as SQL injection, cross-site scripting (XSS), and other malicious attacks.

It allows users to create custom rules or use managed rule sets to filter and block malicious traffic before it reaches applications.

Risk Assessment

  • Security: Unauthorized access to WAF configurations, potential bypassing of WAF rules by sophisticated attackers.
  • Confidentiality: Exposure of sensitive application data due to successful attacks.
  • Integrity: Unauthorized modifications to WAF rules or configurations.
  • Availability: Downtime or service disruption due to misconfigurations or overwhelming attacks.


Implement strong access controls, regularly update and fine-tune WAF rules, use managed rule sets, enable logging for analysis, and deploy redundant WAF instances for increased availability and load distribution.


  • Data Collection: WAF collects logs containing information about incoming requests, potential threats, and blocked requests for security analysis.
  • Data Storage: Logs may include IP addresses and request details but are retained for a limited time, following AWS data retention policies.
  • Data Retention: AWS may use aggregated and anonymized data for improving the service but doesn’t share identifiable customer information.



AWS Lambda

A serverless stack based on AWS Lambda allows developers to build and deploy applications without managing servers, handling scalability automatically.

Risk Assessment

  • Security: Unauthorized access to serverless functions and configurations.
  • Confidentiality: Exposure of sensitive code and data processed by Lambdas.
  • Integrity: Unauthorized modifications to serverless function code.
  • Availability: Downtime impacting serverless function execution.


Implement access controls, encrypt sensitive data, conduct regular security scans, deploy in a redundant manner, and monitor for anomalies.


  • Data Collection: Lambda functions process and execute code, potentially handling sensitive data.
  • Data Storage: Function configurations and logs may include details about processed data.
  • Data Retention: AWS retains logs for a limited time and may use aggregated data for service improvement.

AWS Secrets Manager

AWS Secrets Manager helps you protect access to your applications, services, and IT resources without upfront investment and on-going maintenance costs.

Risk Assessment

  • Security: Unauthorized access to stored secrets.
  • Confidentiality: Exposure of sensitive credentials and configuration details.
  • Integrity: Unauthorized modifications to stored secrets.
  • Availability: Downtime impacting applications relying on stored secrets.


Implement access controls, regularly rotate secrets, encrypt stored secrets, conduct regular audits, and use redundant Secrets Manager configurations.


  • Data Collection: Secrets Manager stores sensitive configuration and credential data.
  • Data Storage: Secret configurations and access logs may include details about stored data.
  • Data Retention: AWS retains access logs for a limited time and may use aggregated data for service improvement.


Amazon CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds.

It integrates with other Amazon Web Services products to give developers and businesses an easy way to distribute content to end-users.


Risk Assessment

  • Security: Unauthorized access to cached content or configurations, potential for content tampering during distribution.
  • Confidentiality: Exposure of sensitive content during distribution.
  • Integrity: Unauthorized modifications to distribution settings or cached content.
  • Availability: Downtime impacting content delivery due to misconfigurations or attacks.


  • Data Collection: CloudFront collects logs that include IP addresses, user-agents, and request details for analytics and troubleshooting.
  • Data Storage: Logs may contain user-related information, but Amazon retains them for a limited period and follows privacy regulations.
  • Data Retention: Amazon may share aggregated and anonymized data for service improvement but doesn’t disclose individual customer data.


Amazon S3 is a scalable object storage service designed to store and retrieve any amount of data at any time.

Risk Assessment

  • Security: Unauthorized access to stored objects or bucket configurations.
  • Confidentiality: Exposure of sensitive data stored in S3.
  • Integrity: Unauthorized modifications to stored objects.
  • Availability: Downtime impacting data storage and retrieval.



Implement access controls, encrypt data at rest, conduct regular audits, use versioning, and deploy redundant S3 configurations.



  • Data Collection: S3 stores object data, potentially including sensitive information.
  • Data Storage: Bucket configurations and access logs may include details about stored data.
  • Data Retention: AWS retains access logs for a limited time and may use aggregated data for service improvement.

EC2 (Elastic Compute Cloud)

AWS EC2 provides resizable compute capacity in the cloud, allowing users to run virtual servers for various applications and workloads.

Risk Assessment

  • Security: Unauthorized access to EC2 instances.
  • Confidentiality: Exposure of sensitive data processed by EC2 instances.
  • Integrity: Unauthorized modifications to instance configurations.
  • Availability: Downtime impacting applications hosted on EC2.


Implement access controls, regularly patch and update instances, encrypt sensitive data, deploy in a redundant manner, and use Auto Scaling for increased availability.


  • Data Collection: EC2 instances may process and store data, potentially including sensitive information.
  • Data Storage: Instance configurations and logs may contain details about processed data.
  • Data Retention: AWS retains logs for a limited time and may use aggregated data for service improvement.

The post Risk Assessment of AWS services used in building a resilient Web App on AWS first appeared on Sorin Mustaca on Cybersecurity.

How to make sure your product’s reputation is good

If your product is already on the market, or if you just want to release it, you need to ensure that it has a good reputation.
Balancing features that improve monetization with criteria that lower the product’s reputation is not an easy task.
For this you need a partner with experience in Product and Project Management for security products.
We can help you find the right balance that will keep you out of the radar of big AV companies, Appesteem and others, without losing revenue and customers on the long term.

Contact us for a discussion.

#cybersecurity #productmanagement #security #appesteem #pua #reputation #antivirus

One year later: challenges for young anti-malware products today (presentation Virus Bulletin 2020)



A year ago, at VB2019 we presented for the first time an overview of how the anti-malware world looks from the perspective of a young company trying to enter the market: how they try to build products, how they try to enter the market, how they try to convert users, and what challenges they face in these activities.

In this new paper we will present an overview of the situation for such a company after one year of experience. We will look at the situation from several angles:

    • that of the consulting company helping them to build the product and enter the market


    • that of working with certification companies regularly, checking the products for detection and performance


  • that of working with Microsoft to make the company compliant and keep them compliant

One year later, many still have a hard time understanding that the security market is no longer the Wild Wild West, but we also see that a lot of visible efforts are being made to improve. This means that compliance with ‘clean software’ regulations is becoming an issue. We will present some interesting statistics and compare data from the past with current data. The young companies still have a lot of challenges in understanding that implementing AV software is not the same as implementing any other type of software. Despite the fact that they still get flagged by the established products for various reasons, there are still more and more companies trying to enter the market.

A lot of people in the audience will ask themselves ‘why would anyone want to enter the market, since the market is overcrowded, there are plenty of free products out there, and on Windows there is also Microsoft Defender?’. We will try to provide an answer to this question, but the answer is not what many think it is. Or, maybe it is …




Portfolio Items