Robert Grupe | Robert Grupe's AppSecNewsBits

Oliver Buchannon

Robert Grupe

Robert Grupe is a highly experience practitioner, manager, consultant, trainer, and mentor, who has defined, implement, and lead innovation and strategy for multiple international companies in Software Development Security, Agile Project Management, Product Management, Digital Marketing, and Sales. Has been interviewed and spoken at conferences and events (i.e., RSA, InfoSec, PMI, etc.) globally. Professional certifications include: CISSP, CSSLP, and PMP. Has been awarded five Cybersecurity patents, and is an acknowledged contributor to the NIST 800-812 Secure Software Development Framework (SSDF). Currently leads the Cigna Information Protection Global Application Security Engineering and Practices team which provides SSDLC security coding standards, role based security champions awareness and training, custom developer security tools, and custom automated enterprise compliance reporting.

Robert Grupe's AppSecNewsBits 2025-08-15

Aug 16, 2025

•

31 min read

Robert Grupe's AppSecNewsBits 2025-08-15

Epic Fails, Hacking, AppSec, Platforms/Vendors, and Legal: M&S, St Paul, FBE email addresses for $40, Meta kids creepy AICbot, TeleMessage, FIDO auth bypass in Microsoft Entra ID, 'MadeYouReset' HTTP/2 flaw, RealBlindingEDR, hackers attack brokerage accounts, dam and water plants, BlackSuit ransomware crew shut down and rebrands, NIST Finalizes ‘Lightweight Cryptography’ Standard, and more sloppy AI.

Robert Grupe's AppSecNewsBits 2025-01-18

Jan 18, 2025

•

39 min read

Robert Grupe's AppSecNewsBits 2025-01-18

New Year Starts with a Bang: Cyber Security Legal & Regulatory Guidance

Jan 11, 2025

•

20 min read

New Post

Lame List: Gravy Analytics, Marriott, Telfonica, Docker, Microsoft, traffic cams, DNA sequencers. And HIPAA update

Robert Grupe's AppSecNewsBits 2024-09-15

Sep 15, 2024

•

13 min read

Robert Grupe's AppSecNewsBits 2024-09-15

This Week: Lawsuits, Increased Power Needed for IT and AI, All Employees Password Rests After Breaches

Robert Grupe's AppSecNewsBits 2024-09-08

Sep 8, 2024

•

31 min read

Robert Grupe's AppSecNewsBits 2024-09-08

This week’s news roundup newsletter Epic Fails: Disney, US Navy, NH Elections Offshoring, biz Verkada CCTVs, MS Copilot, Own Goal Check Fraud

Robert Grupe's AppSecNewsBits 2024-08-31

Aug 31, 2024

•

20 min read

Robert Grupe's AppSecNewsBits 2024-08-31

What's Weak This Week: TSA bypass with Bobby Tables, City of Columbus sues the messenger, FBI sloppy evidence destruction

Robert Grupe's AppSecNewsBits 2024-08-25

Aug 25, 2024

•

30 min read

Robert Grupe's AppSecNewsBits 2024-08-25

This week’s news roundup newsletter ... SolarWinds Again, NationalPublicData.com, DNS Namespace Collisions, Georgia Tech Sued for NIST 800-171 Non-Compliance, Telegram Arrest for Unmoderated Content, New PCI Client-Side Security Requirements

Robert Grupe's AppSecNewsBits 2024-08-17

Aug 17, 2024

•

16 min read

Robert Grupe's AppSecNewsBits 2024-08-17

This Week: NationalPublicData.com SSN exposures, T-Mobile $60m fine, Enzo Biochem fined, Disney Ts&Cs, exposed credentials, NIST encryption update planning

Robert Grupe's AppSecNewsBits 2024-08-10

Aug 10, 2024

•

30 min read

Robert Grupe's AppSecNewsBits 2024-08-10

This Week: Black Hat, Microsoft, Cow Milking Robot Attack, Entrust, Outlook, CloudStrike, Cisco

Robert Grupe's AppSecNewsBits 2024-08-03

Aug 3, 2024

•

32 min read

Robert Grupe's AppSecNewsBits 2024-08-03

Software Development Security Epic Fails: Meta AI, Cloudflare, CrowdStrike, VMWare, Cencora, National Public Data, HealthEquity, DigiCert, UK Electoral Commission, Japan National IDs

Robert Grupe's AppSecNewsBits 2024-07-28

Jul 28, 2024

•

33 min read

Robert Grupe's AppSecNewsBits 2024-07-28

Software Development Security What’s Weak This Week: CloudStrike, Google, Secure Boot vulnerability exposing hundreds of devices, North Korea KnowBe4 attack

Robert Grupe's AppSecNewsBits 2024-07-20

Jul 20, 2024

•

22 min read

Robert Grupe's AppSecNewsBits 2024-07-20

Software Development Security Epic Fails: Largest IT Outage in History - Cloudstrike, Microsoft, MediSecure, Rite Aid, Squarespace, Cisco

Robert Grupe's AppSecNewsBits 2024-07-13

Jul 13, 2024

•

23 min read

Robert Grupe's AppSecNewsBits 2024-07-13

Software Development Security What's Week This Week: AT&T, Car Dealership Network, Signal, Python, undetected attacks, data breaches, secrets in code, expired certificates ...

Robert Grupe's AppSecNewsBits 2024-07-06

Jul 6, 2024

•

21 min read

Robert Grupe's AppSecNewsBits 2024-07-06

Software Development Security Epic Fails: Indonesia, Twilo Authy, CocoaPods, Ghostscript, OpenSSH, Etherium, Prudential, ...

Robert Grupe's AppSecNewsBits 2024-06-29

Jun 29, 2024

•

25 min read

Robert Grupe's AppSecNewsBits 2024-06-29

Software Development Security Epic Fails: Polyfill.io, Ticketmaster, GitLab, MOVEit, Wordpress Plug-ins, Entrust CA, TeamViewer, Indonesia, Rabbit R1 AI, Nuance Communications, Microsoft certificates

Robert Grupe's AppSecNewsBits 2024-06-22

Jun 22, 2024

•

24 min read

Robert Grupe's AppSecNewsBits 2024-06-22

Epic Fails: Unsecured APIs, Databases, Secrets in Jira

Robert Grupe's AppSecNewsBits 2024-06-15

Jun 15, 2024

•

29 min read

Robert Grupe's AppSecNewsBits 2024-06-15

Epic Fails: IDE plug-ins, insecure code repos, stolen credentials, ignored vulnerabilities, inadequate QA/security, ...

Robert Grupe's AppSecNewsBits 2024-06-01

Jun 1, 2024

•

21 min read

Robert Grupe's AppSecNewsBits 2024-06-01

Software Development What's Weak This Week: Ticket Masters, FBI, 600k SOHO routers, Google AI, OpenAI, UnitedHealth, Sav-Rx, Christie's, VBS, ...

Robert Grupe's AppSecNewsBits 2024-05-25

May 25, 2024

•

25 min read

Robert Grupe's AppSecNewsBits 2024-05-25

Epic Fails: Ascension Health, Cencora, MITRE, GitLab | Now-Next: MS Windows Recall, Global Intel of Wi-Fi Routers, John Deere IT & Dev

Robert Grupe's AppSecNewsBits 2024-05-18

May 18, 2024

•

24 min read

Robert Grupe's AppSecNewsBits 2024-05-18

What's Weak This Weak: Ascension Health, US Army, Google, Christie's, Linux SSH, Free Laundry

New PosRobert Grupe's AppSecNewsBits 2024-05-11

May 11, 2024

•

30 min read

New PosRobert Grupe's AppSecNewsBits 2024-05-11

Epic Fails: F5, VPNs, Europol, Dell, Microsoft, Ascension Health, US Patent Office, AT&T, ...

Robert Grupe's AppSecNewsBits 2024-05-04

May 4, 2024

•

24 min read

Robert Grupe's AppSecNewsBits 2024-05-04

What's Weak This Week: Change Healthcare intrusion missed MFA, Kaiser Marketing Leakage, GitLab account takeovers, Microsoft reemphasizing SSDLC Fundamentals

Robert Grupe's AppSecNewsBits 2024-04-20

Apr 20, 2024

•

29 min read

Robert Grupe's AppSecNewsBits 2024-04-20

Epic Fails: UnitedHealth ransomware cost raising to $1B, vulnerable smart locks - lack of sensitive data encryption protection. AI atttacks and security guidance.

Robert Grupe's AppSecNewsBits 2024-04-13

Apr 13, 2024

•

28 min read

Robert Grupe's AppSecNewsBits 2024-04-13

Epic Fails: Microsoft and Sisense Accounts Exposed, OSS Supply Chain Vulns ignored, TVs and Road Tolls

Robert Grupe's AppSecNewsBits 2024-04-06

Apr 6, 2024

•

21 min read

Robert Grupe's AppSecNewsBits 2024-04-06

Epic Fails: AI PrivEsc and Cross-Tenant Attacks, Ivanti commits to now starting security by design; Fed access tokens in code exploited. OWASP exposes resumes. Reduce Dev and Sec Costs: replace C++ with Rust, Java with Kotlan.