Security Experts:

long dotted


Several DoS vulnerabilities, including one rated high severity, have been patched in the Network Time Protocol (NTP) [Read More]
Starting on Jan 1, 2017, most CAs will migrate to SHA-2 certificates, but 35% of websites still use such certificates today, according to a new report. [Read More]
The Mirai IoT botnet has been using STOMP (Simple Text Oriented Messaging Protocol) floods to attack targets, a protocol that isn’t normally associated with distributed denial of service (DDoS) attacks. [Read More]
The hacker who launched a massive DDoS attack against Dyn, which operates a key hub in the internet, was probably a disgruntled gamer, said Dale Drew, chief security officer for Level 3 Communications. [Read More]
RiskIQ, which helps detect digital threats stemming from areas such as the Web, malvertising and social media, has closed $30.5 in a Series C funding round led by Georgian Partners. [Read More]
Cyber threat protection and intelligence firm FireEye this week launched new cloud-based network security and threat intelligence offerings amid improving finances with its earnings report for the third quarter of 2016. [Read More]
Security analytics and testing firm Rapid7 this week unveiled Project Heisenberg Cloud, a research project designed to use the cloud to get a closer look at what attackers are doing, both in the cloud and across the Internet. [Read More]
Starting in October 2017, publicly trusted website certificates will have to comply with Chrome’s Certificate Transparency (CT) policy to be trusted by the browser. [Read More]
A new zero-day distributed denial of service (DDoS) attack vector could open the flood gates for terabit-scale DDoS events, researchers at Corero Network Security warn. [Read More]
Starting in Firefox 51, Mozilla’s web browser will display an error when a SHA-1 certificate is encountered that chains up to a root certificate included in Mozilla’s CA Certificate Program. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Jennifer Blatnik's picture
Listen to your coach. Similar to the Olympics, a CSO or CISO needs to be able to lead their team and consider the impact they will have on the broader organization.
Nathaniel Gleicher's picture
Cybersecurity defenders face a similar problem to the Secret Service: they are defending high-value assets that must be protected, but also have to speak to hundreds or thousands of other servers.
Jennifer Blatnik's picture
While using containers to secure your organization is a relatively novel approach, it can lead to cost savings and massive scalability.
Ken McAlpine's picture
Once you have an understanding of where your security risks are, you can make better choices about what types and what sources of threat intelligence are most applicable.
Joshua Goldfarb's picture
Analytics is becoming ever more important, and in my opinion, it is an important part of the future of information security.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Wade Williamson's picture
Collecting security data is relatively easy – the value of security analytics solutions will rest in how well they reduce that data into answers.
Ashley Arbuckle's picture
Regardless of what industry you’re in, your ability to successfully compete in the digital economy requires the ability to securely innovate.
Emily Ratliff's picture
The Assimilation Project performs service discovery and inventory of your systems in great detail and stores the resulting data so that it can be queried.
Joshua Goldfarb's picture
The trust between those who run the security organization, and the analysts, incident responders, engineers, and others who do the work on a daily basis is extremely important.