Security Experts:

long dotted


The Tor Project will launch an invite-only bug bounty program via the HackerOne platform in 2016 [Read More]
A blockchain is essentially a shared, encrypted "ledger" that cannot be manipulated, offering promise for secure transactions that allow anyone to get an accurate accounting of money, property or other assets. [Read More]
Microsoft announced that it plans on removing trust on root certificates issued by 11 Certificate Authorities (CAs) in January 2016. [Read More]
Symantec will invest $50 million to boost its cyber security services business globally, with a specific focus on the Asia-Pacific region. [Read More]
ThreatConnect, an Arlington, VA.-based threat intelligence platform platform provider, has closed a Series B Funding round in excess of $16 Million. [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
Researchers have found a way to bypass Microsoft EMET mitigations with one shot via the WoW64 Windows subsystem. [Read More]
ThreatQuotient launched ThreatQ, a threat intelligence platform designed to manage and correlate threat data from external sources with internal security and analytics solutions. [Read More]
The stable series of Grsecurity’s Linux kernel patches will no longer be publicly available. Decision comes in response to GPL violations by the embedded Linux industry. [Read More]
DigiCert has acquired the CyberTrust Enterprise SSL business from Verizon Enterprise Solutions. [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
Johnnie Konstantas's picture
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.
Joshua Goldfarb's picture
In security, we have grown accustomed to treating the symptoms of our problems, rather than treating the problems themselves.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
Tim Layton's picture
While we must continue to use defensive technologies because they help address the level of white noise that has become part of the cost to operate in our hyper-connected, digitized world, we can’t stop there.
Joshua Goldfarb's picture
There are many contextual details that differentiate cyber threat information from threat intelligence. Only with the proper context can data be considered intelligence, rather than simply information.
Joshua Goldfarb's picture
Taking a look at security from a different vantage point that allows us to correlate activity by user, rather than by system alone gives us a very different perspective.
Scott Simkin's picture
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.
Joshua Goldfarb's picture
Rather than proceed step by step through the process of building and maturing a security operations function, security teams often want to move immediately into very advanced topics.