Insights

Field notes from the MedTech security trenches.

Deep dives on FDA expectations, threat modeling, penetration testing, SDLC, and the standards your team is being asked to meet.

All (360)Primer (127)Podcast (70)FDA (46)Risk (19)Testing (14)Networking (11)Standards (11)Pen Testing (10)Identity & Access (8)Best Practices (7)IoT (6)AI & ML (5)Cryptography (5)Lifecycle (5)Quality (3)SDLC (3)Strategy (3)Threat Modeling (3)Web Security (2)Audits (1)Threat Intel (1)

Showing 12 of 360 articles · Page 25 of 30

Primer· Feb 15, 2024

PowerShell in Medical Device Cybersecurity: Abuse & Defenses

Learn how attackers abuse PowerShell in MedTech environments - and how to harden endpoints, logging, and admin access to support FDA-ready cybersecurity evidence.

#Primer

Read article

Testing· Feb 15, 2024

Secure File Upload Validation for Web Apps in MedTech

Learn OWASP-aligned file upload validation techniques - type checks, storage isolation, malware scanning, and testing - tailored for regulated environments.

#Testing #Web Security

Read article

Identity & Access· Feb 15, 2024

Windows LAPS for Medical Devices: Manage Local Admin Passwords Safely (Not GPP)

Manage local admin passwords on Windows-based medical devices safely. Why GPP is risky, and how Windows LAPS supports rotation, control, and audits.

#Identity & Access

Read article

Primer· Feb 15, 2024

Return-to-libc Attacks in Medical Device Cybersecurity: Defense Guide

Learn what return-to-libc attacks mean for medical device cybersecurity - and how to reduce risk with memory protections, secure coding, and testing.

#Primer

Read article

Primer· Feb 14, 2024

Alternatives to Tor: Dark Web Monitoring for Medical Device Cybersecurity

Safer alternatives to Tor for MedTech teams: dark web monitoring, breach intel, and postmarket-ready workflows to reduce risk in IoMT ecosystems.

#Primer

Read article

Identity & Access· Feb 14, 2024

Biometric Security for Medical Devices: Lessons from “Gummy Fingers”

Biometrics improve usability - but can be spoofed. Learn “gummy finger” risks, liveness/PAD, and FDA-ready controls for medical device ecosystems.

#Identity & Access

Read article

Primer· Feb 14, 2024

Recalled Medical Devices: Cyber Failures

Discover how cybersecurity failures in medical devices have led to recalls and potential risks for patients.

#Primer

Read article

Primer· Feb 14, 2024

Debunking Device Cloning Myths: What Medical Device Manufacturers Need to Know

Learn how device cloning threatens medical device security and how manufacturers can defend against spoofing risks to meet FDA cybersecurity expectations.

#Primer

Read article

Primer· Feb 14, 2024

BLE Vulnerabilities in Medical Devices: A MedTech Threat Guide

Bluetooth Low Energy is core to CGMs, pacemakers, and wearables. Common BLE attack vectors and the controls FDA expects in premarket submissions.

#Primer

Read article

Primer· Feb 14, 2024

Attribution in Cyber Attacks: A MedTech Reality Check

Cyber attribution is uncertain by design. Learn why, what evidence holds up, and how MedTech teams should respond for FDA-aligned risk management.

#Primer

Read article

Risk· Feb 14, 2024

Preventing Hash Collision Risk in Medical Device Cybersecurity

Learn how birthday attacks exploit hash collision probability - and what MedTech teams should do (SHA-256+, signing, truncation rules, testing, evidence).

#Risk #Cryptography

Read article

Primer· Feb 14, 2024

Discovering the Google Hacking Database (GHDB): Defensive OSINT for Medical Device Cybersecurity

Use GHDB as a defensive OSINT check to find unintended public exposure in medical device ecosystems - cloud portals, docs, and support sites - and fix it fast.

#Primer

Read article

Ready when you are

Get FDA cleared without the cybersecurity headaches.

30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ submissions.

Book strategy session Explore services