Comments by: Lotem Finkelstein, Head of Threat Intelligence at Check Point Software Technologies
This is the second time this month that the world is experiencing major internet outage, and yet again its a leading Content Delivery Network (CDN) provider behind it. Today an issue in Akamai’s Distributed Denial of Service (DDoS) mitigation platform, Prolexic caused many leading website to be unavailable to anyone who wishes to browse into them. While it looks like all this firms are experiencing a well synced outage, it is actually a single point of failure that causes the issue.
Comments by: Amit Sharma, Security Engineer, at Synopsys Software Integrity Group
The world of software implementation bugs still very much matches with the analogy of an iceberg. As in, we don’t yet know how many more software vulnerabilities/ bugs lurk beneath the surface until they’re identified in the wild.
In such a large and complex environment, adding new code or configurations may trigger a new bug which wasn’t present before. This means that each new piece of code logic or configuration should be tested before it moves into production. That way, you can see what kinds of behavioural changes it may cause when it’s added so that applicable teams are aware of the final outcome.
In addition to writing new code securely, it’s also crucial to understand how the complete code base behaves when a new piece of code is added. A small error may wreak havoc across the deployment landscape if it’s not discovered and resolved early.