Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

LogRhythm has raised a $40 million round of new equity financing, the company announced.
The Splunk App for Enterprise Security 3.1 has introduced a new risk scoring framework to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data.
Four recently-patched OpenSSL vulnerabilities have been found to affect several industrial products from Siemens.
Nearly half of the IT professionals surveyed at the Gartner Security & Risk Management Summit believe that the Java applications used by their organizations are vulnerable.
A buffer overflow flaw affecting the Web server embedded into Cisco devices can be leveraged by a remote, unauthenticated attacker to inject arbitrary commands and execute arbitrary code with elevated privileges.
According to Arbor Networks, the first six months of 2014 saw the most volumetric DDoS attacks ever, with more than 100 events of more than 100 GB/sec reported.
Security website Abuse.ch announced the creation of a blacklist containing SSL certificates that are known to be associated with malware and botnet activities such as command and control (C&C) traffic.
A vulnerability in Microsoft's Active Directory service can be exploited by an attacker to change a targeted user's password.
Application networking solutions provider A10 Networks has added distributed denial-of-service (DDoS) protection to its Thunder CGN (Carrier Grade Networking) products, and has introduced a new product family that leverages the company's Security and Policy Engine (SPE).
To protect sensitive data from prying eyes, some organizations are turning to Bring-Your-Own-Encryption (BYOE), but experts warn that there are some aspects that need to be take into consideration before making the move.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Mark Hatton's picture
You need to identify your security shortcomings before someone else does. Simulate attacks and tests to associate known vulnerabilities, previous attack patterns, and security/network data to identify potential attack paths to your company’s most important data.
Marc Solomon's picture
To help cybersecurity professionals cut through the hype and gain a better understanding of what to expect as the Internet of Everything continues to evolve, these top 10 observations might help.
Joshua Goldfarb's picture
An organization that keeps records of its security incidents should be able to study that data to understand the top ways in which it is generally becoming compromised.
Jason Polancich's picture
In order to make our ecosystem a safer place for all of us, small and large, the big guys out there are going to have to start - at least in part - handling the security of their small business partners, suppliers and customers.
Rebecca Lawson's picture
As enterprises made trade-offs in security; either sacrifice performance in order to add more layers of security beyond the traditional stateful firewall or don’t implement the new protections necessary to protect against many of the latest threats.
Danelle Au's picture
As the era of Internet of Things dawns, the amount of data and other cloud applications developed for unique industries will increase and bring a new era of privacy and security concerns.
Adam Ely's picture
Security teams and lines of business have reached a turning point on BYOD. It’s now become more important than ever for the CISO to figure out how to manage risk without inhibiting users.
Torsten George's picture
While the initial investment in a proof of concept can be costly, the end results might not only justify the additional expenses, but in the long-term save you money (and your job).
Joshua Goldfarb's picture
Not all security technologies are alert driven, but for those that are, there is huge potential value in turning off the default rule set
Marc Solomon's picture
With the right approach to security you can protect your organization’s sensitive information from both insiders and outsiders.