Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

New Microsoft technology ensures that sensitive data stored in the cloud is protected against both external threats and malicious insiders.
Google has decided to allow the installation of Chrome extensions only from the Chrome Web Store. The policy will soon be enforced on all channels of the web browser.
Bitdefender has unveiled a new technology designed to secure virtualized environments through hypervisor-level inspection.
Two memory corruption vulnerabilities (CVE-2015-2282, CVE-2015-2278) were found in the compression libraries used by almost all SAP Netweaver products
Cybereason, a Cambridge, Mass.-based provider of threat detection solutions, has closed a $25 million Series B funding round, with defense contractor Lockheed Martin participating as a strategic investor.
Attackers typically use one of three common techniques to compromise SAP systems at the application layer: pivoting, portal attacks, and database warehousing, according to researchers from application security firm Onapsis.
Microsoft announced the preview version of Advanced Threat Analytics (ATA), an on-premises solution designed for detecting sophisticated attacks.
A new report lays bare some security considerations for enterprises pursuing adoption of infrastructure-as-a-service.
New Chrome extension from Google allows users and organizations to protect themselves against phishing.
Calculating a return on investment (ROI) for security can be tough, but consultancy Booz Allen Hamilton may have a solution that can help businesses quantify the financial benefits of cybersecurity.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Joshua Goldfarb's picture
Life is full of distractions, and the information security profession is not immune to them. Security professionals have an obligation to remain focused on building, maturing, and improving our security programs and security postures.
Jason Polancich's picture
Cyber defense must develop from a solid foundation in verifiable data into repeatable, measurable processes that mitigate or eliminate risk. With simple risk intelligence, any business can go from nothing to something much faster.
Marc Solomon's picture
By embedding security everywhere across the extended network, not only does security become more effective against advanced attacks, it also becomes a business enabler.
Travis Greene's picture
Security teams must bear equal, if not more responsibility, for reducing the risk of credential fatigue leading to inadvertent exposure.
Mark Hatton's picture
In the world of security, there is often a significant difference between perceived reality and what is actually happening, and the public’s perception of security within your organization can be just as important as reality.
David Holmes's picture
After the rounds of predictions for 2014, I had bet my colleague that if no mobile DDoS appeared this year, we’d stop talking about it. And it looks like we can.
Rafal Los's picture
Prioritizing is an unenviable job many security professionals must do every day – do you go live with a product on time, or do you hold it to fix that security bug which could cause a catastrophic failure?
Joshua Goldfarb's picture
The question of build or buy is not a new one, but it is one that does not adequately suit the implementation of a security solution.
Wade Williamson's picture
Network administrators have to remember that they are not just the protectors of the organization – they are also the most valuable targets.
Scott Gainey's picture
As security professionals, we need to approach shadow IT with a pragmatic view – how can we better support the business’ needs while keeping risk in check.