Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

According to a DDoS attack trend report report released Sept. 23, a majority of attacks analyzed (more than 90%) lasted less than 30 minutes, but were repeated frequently.
CloudFlare's Keyless SSL innovation allows customers to take advantage of the company's solutions without ever having to hand over their private SSL keys.
FireEye has announced new offerings designed to provide customers with on-demand access to its cyber defense technology, intelligence, and analysts expertise on a subscription basis.
JPMorgan Chase, one of the largest banks in the United States, has confirmed that its systems were breached this summer.
The NSA and British intelligence services are able to secretly access data from telecoms giant Deutsche Telekom and several other German operators, according to Der Spiegel weekly.
LightCyber, a provider of security breach detection and response solutions, has raised $10 million in a new funding round led by Battery Ventures.
Following the discovery of Heartbleed, the OpenSSL Project has created a new security policy and patched a total of 16 vulnerabilities in the open source library.
The RSA Advanced Security Operations Center (SOC) Solution offers an integrated set of technologies and services that can provide SIEM, Network Forensics, and Endpoint threat protection.
Chinese authorities have started intercepting encrypted traffic to and from Google's servers, in an apparent man-in-the-middle (MitM) attack against the encrypted traffic between CERNET and Google.
The CERT Coordination Center at Carnegie Mellon University (CERT/CC) has published a list of popular Android applications that fail to properly validate SSL certificates, exposing users to man-in-the-middle (MitM) attacks.

FEATURES, INSIGHTS // Network Security

rss icon

Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
Pat Calhoun's picture
Being connected is critical and all the elements of an organization’s security platform should work in concert together to provide adaptive security for the entire environment.
Scott Simkin's picture
Enterprises must tailor their security policy and protections to the actual threats they experience and to the threat landscape at large.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Joshua Goldfarb's picture
I am often asked the question: “Is security an unsolvable problem?” In order for me to answer that question, I would have to understand it, and I don’t.
Pat Calhoun's picture
The need for extreme network protection may be the driving force behind your decision to invest in a next-generation firewall (NGFW), but your enterprise also has other factors to consider.
Mark Hatton's picture
You need to identify your security shortcomings before someone else does. Simulate attacks and tests to associate known vulnerabilities, previous attack patterns, and security/network data to identify potential attack paths to your company’s most important data.