Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Cloud security firm CipherCloud announced that it has closed a massive $50 million round of funding led by Transamerica Ventures.
Two independent research groups have already managed to bypass the protection mechanisms provided by the latest version of Microsoft's Enhanced Mitigation Experience Toolkit (EMET).
The head of the Internet Corporation for Assigned Names and Numbers (ICANN) called for international discussions to ensure control of the web remains decentralized.
Microsoft reported that some users who have applied patch (MS14-066) to address the Schannel Remote Code Execution Vulnerability (CVE-2014-632) 1are having issues, including a fatal alert related to the TLS protocol.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.
Researchers claim that a new attack method can be leveraged to silently modify the digital ballots used in the Internet voting process.
The annual Independent Oracle Users Group database security survey continues to paint a mixed bag of good and bad.
Amazon Web Services announced three new services designed to provide enterprise customers with additional security, governance, and compliance solutions for their resources deployed in the AWS Cloud.
Microsoft has acquired Israeli cyber security startup Aorato, a company focused on protecting Active Directory deployments.
Hackers believed to have been working from China broke through defenses of the US weather service recently, according to a report.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Eddie Garcia's picture
By default, Hadoop is not secure and simply trusts that users are who they say they are. Within real business use cases, especially when confidential and sensitive data sets are involved, restricting access to only authorized users is critical.
Nate Kube's picture
I would like the OT security community to move away from asking what can we do to gain greater adoption of a greenfield IT security model and instead ask how we can gain demonstrable gains in OT security posture more efficiently.
Scott Simkin's picture
As more organizations build applications other than Web and corporate email into the course of their business, adversaries are taking note and adjusting their tactics.
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Jason Polancich's picture
Sharing threat information, analysis and expertise within your “extended family” can be very valuable to establishing the kind of early warning system that is the promise of cyber information sharing to begin with - and without most of the risks.
Jon-Louis Heimerl's picture
We all know passwords are not a great solution for securing our accounts and information. But, it is what we have right now, so we might as well make the best of them, eh? Take this quick quiz to see how secure your password is.
Avi Chesla's picture
In order to reap the greatest benefit from virtualization, SDN and NFV concepts, the control and data-plane functions of network security devices should be decoupled.
Travis Greene's picture
Done correctly, process automation can be used for triggering and diagnosing, with corrective actions presented as a menu of options for overworked security teams.
Pat Calhoun's picture
Adapted firewall VPN technology ensures network efficiency at a fraction of the cost of MPLS acquisition, with failover support to eliminate the pains of packet loss and minimize the impact on the user.
Adam Ely's picture
When determining how risky an app is, we must consider intentional features within these permissions to determine whether or not they’re a risk to the enterprise.
view counter