Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

As we mark the one-year anniversary of disclosure of the now famous OpenSSL vulnerability known as Heartbleed, security firm Venafi has released new research that shows how vulnerable Global 2000 organizations still are as a result of the flaw.
Early Warning said on Tuesday that it has signed a definitive agreement to acquire Authentify Inc., a provider of phone-based, multi-factor authentication solutions.
Endgame, Inc. announced the launch of its enterprise endpoint detection and response platform, Endgame Enterprise.
A recent report from CompTIA discusses the importance of security reviews when migrating to the cloud.
Norse Corp. has launched a new version of its threat intelligence appliance which can actively monitor inbound and outbound network traffic at up to 10 gigabits-per-second.
Google let a digital certificate expire that was sed to secure its smtp.google.com domain, the domain used by Gmail and Google Apps users to send outgoing email.
ID announced that Emerging Threats will make some of its data available via IID's threat intelligence management system, ActiveTrust.
A massive power cut caused chaos and shut down public transport across Turkey on Tuesday, with the government refusing to rule out that the electricity system had been the victim of an attack.
Please join us on Tuesday, March 31 at 1PM ET for a special webcast: How to Manage Mac and mobile devices leveraging your existing infrastructure, presented by Centrify.
iSIGHT Partners has released a new Software Development Kit (SDK) and Browser Plugin in an effort to expand its threat intelligence integration capabilities.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Eddie Garcia's picture
Eddie Garcia explains how to grant user permissions to a subset of data in Hadoop and limit the type of operations the user is allowed to perform.
Joshua Goldfarb's picture
Although home is where the heart is, it’s important to remember not to devote the overwhelming percentage of security resources to your home geographic area if that’s not where the overwhelming amount of your business and its assets are located.
Travis Greene's picture
Like those college recruiting compliance departments that are constantly training, monitoring, and enforcing policies, the IT compliance activity of access certifications needs to become more intelligent and real-time.
Avi Chesla's picture
When security technologies are bypassed, they cannot be “programmed” to detect and prevent the new attack behavior, the same attack that has breached their protection-space borders.  
David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.
Pat Calhoun's picture
To evade network security defenses, Advanced evasion techniques (AETs) disguise malicious payloads by splitting them into smaller pieces and then delivering the pieces simultaneously, or at varying times, across multiple or rarely used network protocols.
Marcus Ranum's picture
With security data, you will almost never benefit from using a pie chart instead of a time/value chart, unless you only have a single instance of data.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.
Jason Polancich's picture
Most businesses today are not as secure as they could be due to an inaccurate view of their own cyberdefenses.
Jon-Louis Heimerl's picture
While you may have the greatest advantage if you know your enemy well, you are in the greatest peril if you do not know yourself well.