Security Experts:

Security Infrastructure
long dotted


Microsoft believes in a fundamental split in security responsibility. The cloud provider is responsible for the physical aspects of the cloud IT infrastructure and the software that it provides. The customer is responsible for its own data. [Read More]
Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group. [Read More]
One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta. [Read More]
Mobile phone-based two-factor authentication (2FA) mechanisms are plagued by synchronization vulnerabilities that allow attackers intercept One-Time Passwords and bypass the security of many financial services. [Read More]
Several ARRIS SURFboard broadband cable modem models suffer from cross-site request forgery (CSRF) vulnerability that allows an attacker to reboot them without authentication. [Read More]
JavaScript malware infects mobile devices and uses them to change the DNS settings of home routers [Read More]
A draft of an encryption bill proposed by U.S. senators has been heavily criticized by experts who say it’s flawed and dangerous [Read More]
Swedish military computers were hacked and used in an attack targeting major US banks in 2013, the Swedish armed forces said. [Read More] has announced free HTTPS for all custom domains that it hosts, including blogs and websites. [Read More]
Experts comment on implications of Panama Papers incident and how such breaches can be avoided [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Shlomo Kramer's picture
By realigning the network perimeter to accommodate the new realities of the Cloud and mobility, businesses can rationalize the way they enforce security.
Travis Greene's picture
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
Danelle Au's picture
If security teams can automate how they validate security risks, we they shift focus from the easy challenges and onto the important things.
Avi Chesla's picture
A virtual security box transforms all security products and services into virtual security resources, decoupled from the underline security physical infrastructure.
David Holmes's picture
A determined attacker could almost certainly find another, easier (non-SSL) vulnerability much faster and cheaper than by using DROWN.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
Jim Ivers's picture
Aside from tools, there are many types of application security testing that can be used to find vulnerabilities in software. An organization must consider multiple software security testing methods to really manage its risk.
Alan Cohen's picture
A steady plan that both builds on the best practices of today and anticipates and takes action for the world we are moving into presents the last best hope for creating trust again in IT.
Johnnie Konstantas's picture
Enterprises should establish security policies with regard to traffic inspection, and implement the right mix of SSL decryption and traffic inspection systems that don’t introduce latency or business disruption.
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?