Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

For all of last week and continuing into this week, major DNS and traffic management provider NS1 suffered a continuing and complex DDoS attack from unknown attackers with unknown motivation. [Read More]
Cisco has updated AsyncOS for Web Security Appliance to patch several high severity DoS vulnerabilities [Read More]
Starting on June 16, 2016, the old SSLv3 and RC4 security protocols will no longer be supported on Google’s SMTP servers and on Gmail’s web servers. [Read More]
Google security engineer reports finding 26 vulnerabilities in Aruba products. Patches available for most flaws [Read More]
FireEye Security Orchestrator automates interaction between FireEye's product suite and provides an open platform for automation and integration with third party products. [Read More]
Cisco patches critical and high severity vulnerabilities in FirePOWER and TelePresence products [Read More]
By February 2017, Microsoft warned that both Microsoft Edge and Internet Explorer will block SHA-1 signed TLS certificates. [Read More]
Fortinet has unveiled its new Fortinet Security Fabric architecture and a powerful new FortiGate 6000 series firewall designed to tackle the increasing demands from encrypted network traffic. [Read More]
Despite it's privacy and end user security benefits, SSL and TLS traffic encryption brings its own problems for businesses. Encryption is already used by criminals to hide malicious traffic on the basis that defenders cannot find what they cannot see. [Read More]
A new version of the NTP daemon patches several low and medium severity vulnerabilities [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Avi Chesla's picture
Advanced attack campaigns are typically multi-vector, prolonged and adaptive to the defenses they encounter - unlike the defending side, which is inherently more rigid and structured around products and security solution silos.
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Johnnie Konstantas's picture
For the NSA, one of the hardest things to hack against is a network with out-of-band TAPs—which enable the continuous monitoring of network activity by sending copies of packets to security inspection and analytics devices.
Marc Solomon's picture
Enforcing security at the DNS layer is essential for identifying and containing malware infections that use DNS to execute their mission.
David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.
Alan Cohen's picture
Traditional incident management approaches that rely on network monitoring and detection of attacks are also falling short in today’s agile and distributed computing world.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
Johnnie Konstantas's picture
Visibility into all inter-SDN traffic gives security and performance management technologies the best statistical chance of surfacing embedded malware and anomalous patterns.
Marc Solomon's picture
As security vendors, it is incumbent upon us to reduce complexity. By resolving to make advances in these three areas, we can reduce security complexity while helping more organizations thwart more attacks.