Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Unpatched vulnerabilities in Java and Python allow attackers to use FTP injections to bypass firewalls, including from Cisco and Palo Alto Networks [Read More]
A remote command execution (RCE) vulnerability has been found by a researcher in Siklu EtherHaul radios [Read More]
High severity denial-of-service (DoS) vulnerability patched in OpenSSL 1.1.0 with the release of version 1.1.0e [Read More]
Study conducted by Trend Micro shows the exposure of critical sectors and industrial systems in the United States [Read More]
IT analytics firm ExtraHop Networks today announced ExtraHop Addy, a cloud-based machine-learning wire data analytical tool that is being trained to automatically detect anomalies on the fly as they are happening. [Read More]
Microsoft delays February 2017 security updates due to a last minute issue that could not be resolved in time [Read More]
HPE launches threat investigation solution and data security product for IoT, big data and Hadoop [Read More]
ThreatConnect launches new suite of threat intelligence products that help companies understand adversaries and automate security operations [Read More]
An increasing number of custom apps are being moved into cloud infrastructures (primarily AWS, Azure and Google Cloud Platform) without the security team necessarily being aware that they exist. [Read More]
RSA improves several products and launches new services as it unveils its Business-Driven Security offering [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Travis Greene's picture
Shadow IT 2.0 is a symptom of a bigger problem – the inability to maintain digital competitive advantage due to the insufficient pace of code deployment.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Adam Meyer's picture
Cyber threat intelligence needs to be tailored to its audience as it means different things to different people, whether it’s on-the-network defenders, Red Teams, threat analysts, risk officers, business executives and Board of Directors, legal, application owners, and so on.
Jennifer Blatnik's picture
Focusing on securing an endless amount of endpoints is almost impossible to do effectively. You can’t rely on the devices to be secure and you can’t rely on the consumers to secure their devices themselves.
Marc Solomon's picture
Threat intelligence has a shelf life, but there’s not a well-defined, industry standard on how to expire threat intelligence.
Marie Hattar's picture
To fully realize the benefit of the Public Cloud, it is vital that the same due diligence applied to a physical network is applied to a cloud-based infrastructure.
Alan Cohen's picture
While there are clear security benefits gained through network segmentation, the principal goal of creating subnets is to improve performance, avoiding broadcast storms and latency stimulated by our insatiable requirement for bandwidth.
Jim Ivers's picture
Savvy organizations have learned how to use a mix of static and dynamic application security testing types to increase their coverage and lower their risk.
Rafal Los's picture
Do you ever find yourself trying to protect your organization from exotic attack scenarios that are highly unlikely or that would have a minimal impact on you?
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.