Dr. Fred Cohen

Asking the right questions

I very often see false choices about paths forward. One of the most common ones is the question about the future of humanity regarding AI, robotics, computers, cloning, vaccines, genetic engineering, you name it. Any new area of technology with a tremendous potential is always a multi-edged sword, and someone will always ask the question …

Asking the right questions Read More »

The do nothing defense

Of course until you are successfully attacked, doing nothing about security is a great approach. It saves money and time and costs you nothing. So lots of folks do nothing, or almost nothing, and I include myself in this latter approach – almost nothing. As little as I can get away with I do as …

The do nothing defense Read More »

API Security vs AUI security

How is an application program interface different from an other application interface? At a basic level, they are the same – in the sense that anything that can be exploited from one can be exploited from another – or at least it should be that way from a security perspective. But unfo9rtunately, that’s not how …

API Security vs AUI security Read More »

Privilege Escalation and Trust

Privilege escalation has always been a problem in computers, and after all these years, we still don’t seem to have a handle on the issue. I think this is closely related to our lack of understanding and systematic deployment of trust models and the nature of trust. Non-zero trust One of the good things about …

Privilege Escalation and Trust Read More »

REQUEST DEMO