Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

British bank HSBC has managed to gets its Internet and mobile banking systems back online after crippling distributed denial of service (DDOS) attack knocked systems offline on Friday. [Read More]
Starting with Firefox DevEdition 46, developers will be informed about this privacy and security risk by displaying a lock with a red strikethrough when passwords are requested on non-secure pages. [Read More]
Intel Authenticate is a hardware-enhanced, multifactor authentication solution that strengthens identity protection on the PC, making it less vulnerable to identity and security credential attacks, the company said. [Read More]
A critical vulnerability in Cisco’s RV220W Wireless Network Security Firewall allows remote attackers to hijack devices [Read More]
Oracle abandons Java browser plugin as Web browser vendors end support for NPAPI plugins [Read More]
Firefox 44, the latest version of Mozilla’s web browser, is now available for download and comes with a series of security patches, and has fully removed support for the RC4 cipher. [Read More]
Software that allows iOS app developers to quickly push patches and updates to their customers has a lot of benefits, but it also makes Apple’s app ecosystem less secure [Read More]
PayPal has patched a serious RCE vulnerability in one of its applications. The security hole was caused by a Java deserialization bug disclosed last year [Read More]
New Check Point 15000 and 23000 Series appliances are designed for large enterprise and data center networks, and include integrated firewall, IPS, Application Control, AV, AnitBot, URL Filtering, sandboxing. [Read More]
Multi-vector denial of service (DDoS) attacks are increasing in frequency, complexity and size, Arbor Networks’ 11th Annual Worldwide Infrastructure Security Report (WISR) reveals. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.
Alan Cohen's picture
Traditional incident management approaches that rely on network monitoring and detection of attacks are also falling short in today’s agile and distributed computing world.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Johnnie Konstantas's picture
DLP provides a range of business benefits, including compliance support and intellectual property protection. The concept isn’t a new one, but the ability to put it to use in an easier, more viable manner is.
Jim Ivers's picture
Built in or bolted on? When have you ever seen “bolted on” as the first choice of anyone in just about any imaginable scenario? Yet for software security, “bolted on” is certainly the norm.
David Holmes's picture
After designating 2014 as “The Year of the Mega-Breach,” the security community hoped to bring awareness to the challenge of protecting customer data. As it turns out, the breaches of 2015 make the previous year’s ones pale in comparison.
Wade Williamson's picture
Specific malicious payloads, URLs and IP addresses are so ephemeral that they may only be used once in the case of a true targeted attack. Intelligence should make you better prepared to evaluate and solve new problems that you haven’t encountered before.