Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Palo Alto Networks has released the latest version of its Application Usage and Threat Report, which sheds light on how attackers are exploiting commonly-used business applications to bypass security controls.
Microsoft has released a new report that aims to show the technology industry and policymakers how technology, economic, and social policy decisions could influence cyberspace in the next 10 years.
While most organizations have patched the Heartbleed bug in their OpenSSL installations, a security expert has uncovered new vectors for exploiting the vulnerability, which can impact enterprise wireless networks, Android devices, and other connected devices.
Distil Networks, an Arlington, Virginia-based provider of bot detection and mitigation solutions, announced that it has raised $10 million in Series A funding.
With cybersecurity's most glaring failures in the limelight, many experts say it's time for a new approach.
Check Point has launched a new intelligence marketplace that enables organizations to purchase intelligence feeds to help them defend against cyberattacks.
Cloud-based security solutions provider Proofpoint has acquired NetCitadel, a maker of security incident response solutions, for roughly $24.0 million in cash, the company announced Tuesday.
Cisco chief executive John Chambers has complained to President Obama about the NSA's spying practices, saying they were harming overseas business for US tech firms.
Some of the Nation’s largest retailers are now sharing cyber threat information among each thanks to the new Retail Information Sharing and Analysis Center (Retail-ISAC).
The devices in an average company’s network are generating an average of 10,000 security events per day, with the most active generating roughly 150,000 events per day.

FEATURES, INSIGHTS // Network Security

rss icon

Joshua Goldfarb's picture
When performing incident response, an organization should proceed through various stages by following its incident response process. While all stages are important, when an enterprise is attacked, the highest priority quickly becomes moving rapidly from detection to containment.
Wade Williamson's picture
While free tools aren’t the answer for every problem, they probably should be a part of your security toolkit. Even better, they can provide an easy way to learn about new security technologies and provide your team with hands-on experience.
Chris Coleman's picture
The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat intelligence.” I am a firm believer that intelligence is a process, not an individual thing, and that Intelligence is not “done.” It is “created.”
Nimmy Reichenberg's picture
Security practitioners have long had a love-hate relationship with automation, and for good reason.
Torsten George's picture
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Wade Williamson's picture
As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.
Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Nimmy Reichenberg's picture
By properly segregating the network, you are essentially minimizing the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do.