Security Experts:

long dotted


D-Link has patched a critical remote code execution vulnerability affecting several DIR model routers [Read More]
The RC4 cipher has been disabled in Edge (Windows 10) and Internet Explorer 11 (Windows 7 and newer), bringing Microsoft’s browsers in line with Chrome and Firefox. [Read More]
Juniper Networks has started patching a DoS vulnerability related to the processing of IPV6 ND packets. The flaw affects several vendors [Read More]
Australia was forced to reassure its citizens that their personal data was secure, after malicious attacks by overseas hackers prompted an embarrassing shutdown of the online census. [Read More]
Researchers disclose XSS vulnerabilities found in Fortinet FortiManager, FortiAnalyzer, FortiVoice and FortiCloud products [Read More]
Accenture has announced a new partnership with Palo Alto Networks (PAN), Splunk and Tanium, with the goal of providing an integrated security solution that covers the primary bases swiftly and efficiently. [Read More]
Several critical and high severity vulnerabilities have been found in Cisco’s Small Business RV series routers [Read More]
IBM this week unveiled a new penetration testing group that will operate under its security services division to help customers uncover security gaps in their networks. [Read More]
Ruckus is working to patch several vulnerabilities found by a researcher in the company’s wireless access points [Read More]
Imperva revealed details on four high-profile attack vectors affecting HTTP/2, the new version of the HTTP protocol. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Scott Harrell's picture
Granular network segmentation is a security best practice that dramatically curtails the ability of attackers to move about the network, limiting the spread of destructive malware and ransomware and helping to keep critical assets safe.
David Holmes's picture
How do you secure application components when they’re shifting from cloud to cloud? Any traffic traversing from one public cloud to another is by definition crossing the Internet and should therefore not be trusted.
Wade Williamson's picture
The ability to quickly and reliably detect lateral movement in the network is one of the most important emerging skills in information security today.
Jennifer Blatnik's picture
While it’s important to have multiple layers of defense, more emphasis needs to be placed on how companies integrate, update and manage their security.
Danelle Au's picture
If security teams can automate how they validate security risks, we they shift focus from the easy challenges and onto the important things.
David Holmes's picture
A determined attacker could almost certainly find another, easier (non-SSL) vulnerability much faster and cheaper than by using DROWN.
Alan Cohen's picture
A steady plan that both builds on the best practices of today and anticipates and takes action for the world we are moving into presents the last best hope for creating trust again in IT.
Johnnie Konstantas's picture
Enterprises should establish security policies with regard to traffic inspection, and implement the right mix of SSL decryption and traffic inspection systems that don’t introduce latency or business disruption.
Avi Chesla's picture
Advanced attack campaigns are typically multi-vector, prolonged and adaptive to the defenses they encounter - unlike the defending side, which is inherently more rigid and structured around products and security solution silos.
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.