Software Obsolescence

This podcast from the author of “Security Engineering” is a fantastic look at the dynamics of software decay, especially as it becomes more embedded in connected hardware. As Ross Anderson says, we know how to secure always online software services and devices (regular patching) and we know how to secure offline items that use software (test test test), but the union becomes difficult. He also talks about software bill of materials and other lifecycle security concerns.

CIAM isn’t all about security of your users’ identity, but you absolutely need to secure it. When evaluating CIAM build vs buy, make sure you’re thinking about obsolescence too.

Cheers,

Dan