Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Version of the 5.1 of Microsoft's Enhanced Mitigation Experience Toolkit (EMET) brings improved protection and addresses several application compatibility issues.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before.
In a two-year study of information about critical control systems directly connected to the Internet, researchers found mining equipment, a surprising number of wind farms, a crematorium, water utilities, and several substations.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before.
NIST wants to build a reconfigurable cybersecurity testbed to provide guidance on the best practices for implementing security strategies within industrial control systems without negatively impacting process performance.
Hypervisors have become an important part of enterprise environments and while they should normally reduce the attack surface, experts warn that they can be plagued by security vulnerabilities that could be leveraged by malicious actors.
LogRhythm's Honeypot Security Analytics Suite helps customers deploy honeypots to attract opportunistic hackers and then capture network and log activity.
FishNet Security has opened a new technology testing lab that allows partners and customers to vet technologies in a virtual IT environment using simulated network conditions and attack scenarios.
CrowdStrike has launched a new threat intelligence exchange platform that facilitates the access and exchange of threat intelligence between vendor partners.
China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world.

FEATURES, INSIGHTS // Security Architecture

rss icon

Marcus Ranum's picture
There are many important and useful tools related to the metrics landscape; let's take a look at some of them and how they fit together.
Jon-Louis Heimerl's picture
The concepts of defense in depth have been with us for years -- hundreds of years, if not thousands. Maybe we can learn something from those architects of warfare from the Middle Ages?
Danelle Au's picture
Zero Trust advocates for a segmented network, and security built into the architecture rather than an afterthought. It also advocates for some key principles built around the concept of “never trust, always verify”.
Jeff Hudson's picture
Making decisions based on anomalies is predicated by one very important assumption—you must understand what “normal” looks like.
Mark Hatton's picture
Just like football, security is a tough game and not for the faint of heart. There are threats lurking around every corner and it’s when you think you are in the clear that a blindside hit is most likely to happen.
Chris Coleman's picture
The threat intelligence space is early and still evolving and enterprise customers are still learning how best to use and action this intelligence.
Nimmy Reichenberg's picture
A sound network security perimeter architecture requires multiple layers of defense, up-to-date and hardened policies and controls and segmentation.
Mark Hatton's picture
The following is a list of questions that I recommend everyone ask security vendors as an initial filter.
Dr. Mike Lloyd's picture
Risk Management isn’t Just an obligation or something other executives want to see. When done right, it really works.
Michael Callahan's picture
While obscuring website code, server architecture, and security mechanisms doesn’t provide bullet-proof security on its own, it is actually pretty effective.