Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

FireMon has acquired Immediate Insight to improve real-time security event analysis.
Let's Encrypt takes the world a step closer to a time when more websites would use a certificate and TLS would be the default across the Web, rather than the present where most sites do not even have a valid certificate
As we mark the one-year anniversary of disclosure of the now famous OpenSSL vulnerability known as Heartbleed, security firm Venafi has released new research that shows how vulnerable Global 2000 organizations still are as a result of the flaw.
Endgame, Inc. announced the launch of its enterprise endpoint detection and response platform, Endgame Enterprise.
Norse Corp. has launched a new version of its threat intelligence appliance which can actively monitor inbound and outbound network traffic at up to 10 gigabits-per-second.
Google let a digital certificate expire that was sed to secure its smtp.google.com domain, the domain used by Gmail and Google Apps users to send outgoing email.
ID announced that Emerging Threats will make some of its data available via IID's threat intelligence management system, ActiveTrust.
iSIGHT Partners has released a new Software Development Kit (SDK) and Browser Plugin in an effort to expand its threat intelligence integration capabilities.
An Egypt-based company misused an intermediate certificate from a Chinese CA to issue unauthorized certificates for several Google domains.
Data alone presents a few problems, but many of them emerge from a single misguided view – 
that big data is the answer, not part of the answer.

FEATURES, INSIGHTS // Network Security

rss icon

Pat Calhoun's picture
While individual products and technologies are important weapons, they operate in a silo and lose sight of the bigger picture. The reality is that you can’t just rely on a single defense or a silver bullet.
Rafal Los's picture
Enterprises that don’t operationalize configuration and asset management are doomed to repeat the cycle of lost productivity, frustration and panic.
Marc Solomon's picture
Just as they’ve embraced other technology innovations to advance their businesses, midsized organizations need a new approach to cybersecurity that mitigates risk to valuable digital assets.
Avi Chesla's picture
Now more than ever, context-based decisions have become a necessity. This is because the identification process of an advanced persistent attack campaign is all about putting events in the right context.
Wade Williamson's picture
By establishing an enterprise-wide context focused on key assets and user behaviors, organizations can build a unified security framework that encompasses all locations and all of their assets.
Rafal Los's picture
As long as the “hikers and bear” analogy is told in boardrooms we will have difficulty communicating the value of a proportionate security model where we design security measures for different types of adversaries with different types of objectives.
David Holmes's picture
Normally you wouldn’t think something as mundane as farming equipment could incite a lot of cyber malice, right? But that’s exactly what happened.
Joshua Goldfarb's picture
Although home is where the heart is, it’s important to remember not to devote the overwhelming percentage of security resources to your home geographic area if that’s not where the overwhelming amount of your business and its assets are located.
Avi Chesla's picture
When security technologies are bypassed, they cannot be “programmed” to detect and prevent the new attack behavior, the same attack that has breached their protection-space borders.  
David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.