Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

GoDaddy has revoked nearly 9,000 certificates after discovering a bug that caused the domain validation process to fail [Read More]
Trend Micro's Zero Day Initiative (ZDI) paid out nearly $2 million in 2016 for vulnerabilities [Read More]
Nearly 33,000 MongoDB databases have been hijacked as of today, the latest numbers associated with a series of attack campaigns that have been picking up pace over the past couple of weeks show. [Read More]
Developers of the Ansible automation platform release updates to patch a vulnerability that allows arbitrary command execution on the controller [Read More]
The California Department of Insurance said that an investigation into the data breach of health insurance giant Anthem has concluded that a foreign country was behind the attack. [Read More]
St. Jude Medical has patched some of the vulnerabilities found by MedSec, but the vendor insists the risk of cyberattacks is extremely low [Read More]
A second variant of the Shamoon 2 malware targets virtualization products, likely in an effort to make recovery more difficult and increase the impact of the attack [Read More]
An open source tool called “Truffle Hog” helps developers check if they’ve accidentally leaked any secret keys on GitHub [Read More]
According to a new survey, 95% of organizations have faced issues in implementing their chosen cybersecurity framework. [Read More]
Bitglass, a Silicon Valley-based provider of mobile and cloud data protection solutions, today announced that it has secured $45 million in a Series C funding round. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

David Holmes's picture
You’ll see a lot of security predictions coming around this time of year, and you can make your resolutions based on those. Or you can look back at your own year and customize your own security resolutions.
Marc Solomon's picture
For cybersecurity professionals who know that the industry has no shortage of threat data, context is the lever that turns threat data into threat intelligence.
Torsten George's picture
Since most IoT devices and microservices lack adequate security frameworks or tools to monitor and detect security gaps, traditional methods such as penetration testing should be reconsidered despite their hefty price tag.
Dan Cornell's picture
When security teams can assess brand, financial, strategic risks – they are best able to act as a trusted advisor to DevOps teams as they build and maintain secure systems.
Marie Hattar's picture
Given the security events over the past year, ,2017 will be the year in which many finally accept that network infrastructure and security will have to be rethought from the ground up.
Travis Greene's picture
2017 is the year for information security teams to align to the work being done in DevOps – whether you call it DevSecOps or not.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Marie Hattar's picture
Monitoring and securing modern network flows requires granular insight, only possible through sophisticated and automated analytics and security tools.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Marc Solomon's picture
Intelligence-driven security starts with changing how we collect and manage the millions of points of threat data that analysts are bombarded with every day.