Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Firefox 44, the latest version of Mozilla’s web browser, is now available for download and comes with a series of security patches, and has fully removed support for the RC4 cipher. [Read More]
Multi-vector denial of service (DDoS) attacks are increasing in frequency, complexity and size, Arbor Networks’ 11th Annual Worldwide Infrastructure Security Report (WISR) reveals. [Read More]
Amazon is now offering free security certificates, but some experts say the use of free certificates poses risks that enterprises should be fully aware of. [Read More]
The U.S. House Oversight and Government Reform Committee has asked federal agencies about the use and patching of vulnerable Juniper Networks products [Read More]
The backdoor plaguing older versions of Fortinet’s FortiOS operating system has been found to affect other products as well [Read More]
Cisco has released software updates to address critical and high severity vulnerabilities affecting some of the company’s networking and security products [Read More]
Nissan shut down its global websites after a DDoS attack that may have been motivated by anger over Japan's controversial whale and dolphin hunts. [Read More]
The Department of Homeland Security (DHS) awarded a $1.7 million contract to Galois for beefing up Distributed Denial of Service (DDoS) attack defenses. [Read More]
Unauthorized code triggers Juniper Networks to replace Dual EC and ANSI X9.31 in ScreenOS with the random number generation technology used in Junos OS [Read More]
Many financial organizations in the UK are failing to properly configure SSL certificate security of their websites, putting user’s information at risk, researchers have discovered. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.
Alan Cohen's picture
Traditional incident management approaches that rely on network monitoring and detection of attacks are also falling short in today’s agile and distributed computing world.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
Johnnie Konstantas's picture
Visibility into all inter-SDN traffic gives security and performance management technologies the best statistical chance of surfacing embedded malware and anomalous patterns.
Marc Solomon's picture
As security vendors, it is incumbent upon us to reduce complexity. By resolving to make advances in these three areas, we can reduce security complexity while helping more organizations thwart more attacks.
Alan Cohen's picture
It is both naïve and wrong to ignore the role infrastructure plays in protecting data. Trusted networks trump untrusted networks. However, should security be a reason to upgrade networks or stay with proprietary compute architectures?
Marc Solomon's picture
With increased awareness and a deeper understanding of how attackers go about their ‘shopping’ we can take some relatively simple baseline measures that can go a long way toward protecting against cybercrime this time of year.
Johnnie Konstantas's picture
While complex threats are an easy place to lay blame, lack of visibility is the real culprit. Turning your eyes inward to detect where compromises occurred sooner rather than later has the potential to limit your risks substantially.
Marc Solomon's picture
The Internet of Everything is transforming our world and creating more opportunities for attackers as modern networks and their components constantly evolve and spawn new attack vectors.