Security Experts:

Security Infrastructure
long dotted


Netflix this week released an in-house developed tool for discovering cross-site scripting (XSS) vulnerabilities in applications and for scanning secondary software programs for potential XSS flaws.
Microsoft, Google and Mozilla will completely disable support for the RC4 cipher in their web browsers in early 2016.
This webcast will show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
The new Webroot IoT Security Toolkit offers integrated protection against threats such as malware and zero-day exploits, as well as internal vulnerabilities.
FireHost, the Dallas-based cloud-hosting provider that has made security the focus of its business, announced on Monday that is has as Armor.
Charlie Miller and Chris Valasek, the researchers who recently demonstrated that Fiat Chrysler cars can be hacked remotely, hired by Uber.
1% of employees are responsible for 75% of cloud security risk in an organization, according to CloudLock
Court rules that the FTC can sue companies that fail to protect their customers’ data. Wyndham is disappointed by the verdict.
Web browser vendors are limiting Flash content so Amazon has decided not to accept Flash ads for starting with September 1.
WordPress 4.3 Billie has been released. The latest version introduces new features and enhanced password security.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Marc Solomon's picture
How do we handle the responsibility that cloud computing brings? It’s a responsibility that must be shared among vendors, users, business leaders, and IT security professionals and involves three key aspects.
Alan Cohen's picture
If vaults deep within the building protect banks from bank robbers, why do so many security professionals focus so much attention on their data center’s front door?
Jason Polancich's picture
While most businesses feel they should be pursuing more robust cyber intelligence functions, most aren’t actually doing anything about it at all.
Travis Greene's picture
As much fun as it is to wake up to patches waiting to be unwrapped, we don’t want the regret of “exploit Wednesday”, which is far more embarrassing than becoming a victim of a zero-day exploit.
Marc Solomon's picture
Accepting the reality that some attacks will get through, security effectiveness must be measured by how quickly we detect a compromise and stop the exploitation of that attack.
Alan Cohen's picture
Many CISOs say that action they undertake in their first six months on the job is to determine the most valuable and most at-risk actions and take steps to mitigate the risk. How can they take those steps while also addressing the catch-22?
Wade Williamson's picture
Personally Identifiable Information (PII) can provide invaluable human intelligence to nation-state attackers who are often behind the most sophisticated attacks.
David Holmes's picture
As new SSL vulnerabilities surface, we can use our enterprise-specific categorization to decide if it’s going to be a Godzilla day or a Hello Kitty day.
Jason Polancich's picture
In today’s cyber defense world as in other business domains, actions should speak louder than words. Yet, too often, being “actionable” is just that - a word with no meaning.
Travis Greene's picture
Does it really matter if someone steals your healthcare records? What would a hacker do with that information? Sell it? To whom and for what purpose?