Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Clothing retailer Forever 21 informed customers that malware collected data from its payment systems for a period of more than 7 months [Read More]
Nissan Canada is informing more than 1.1 million customers that their personal information may have been compromised as a result of a data breach [Read More]
Google warns DoubleClick customers that some of the files provided by third-party vendors through its advertising platform can introduce XSS vulnerabilities [Read More]
Keeper Security files lawsuit against Ars Technica and reporter Dan Goodin over article covering critical vulnerability found by Google researcher [Read More]
vBulletin patches recently disclosed remote code execution and file deletion vulnerabilities [Read More]
Canada, Japan, Australia and New Zealand also accuse North Korea of launching the WannaCry ransomware attack [Read More]
Kaspersky files lawsuit against the U.S. government over the DHS operational directive ordering federal agencies to stop using the company’s products [Read More]
An improperly secured MongoDB database has provided cybercriminals with the possibility to steal information on the entire voting population of California, Kromtech security researchers say. [Read More]
Synaptics to remove debug tool from its touchpad drivers after it was described by a security researcher as a keylogger [Read More]
Netherlands-based security firm Fox-IT revealed that it was the victim of an MitM attack after hackers changed DNS records at its domain registrar [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
Security professionals want insights into the adversaries themselves – the tools as well as the tactics, techniques and procedures (TTPs) they’re using – to strengthen defenses and make life much more difficult for the bad guys.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.
Marc Solomon's picture
Companies can make their entire security infrastructure more effective by using this threat intelligence as the glue to integrate layers of point products within a defense-in-depth strategy.
Avi Chesla's picture
Security analysts are collecting all events, but are struggling to filter out non-relevant signals in an attempt to isolate the important events from the rest of the noise.
Marc Solomon's picture
There are strategies you can use so that the risk score is more relevant and useful within your specific environment.
Steven Grossman's picture
While we all dream of solving the skills shortage by completely automating the entire detection and response process, it is simply unlikely to happen in the foreseeable future.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Lance Cottrell's picture
When properly integrated, detection, response, and prevention reinforce each other, each making the other more effective.
Joshua Goldfarb's picture
It’s time to bring the capability to achieve a mature security posture through a robust security operations function to the masses.