Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Uber said Thursday, Sept. 15, that it reached out to law enforcement after a hacker apparently breached its network. A security engineer said the intruder provided evidence of obtaining access to crucial systems at the ride-hailing service. [Read More]
The non-profit foundation is building a team to proactively identify and address security defects in the popular Rust programming language. [Read More]
Dig Security’s latest financing comes as venture capital investors rush to place bets on startups jostling for space in the cloud data security space. [Read More]
Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]
The new sanctions designate Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for engaging in cyber-enabled activities against the United States and its allies. [Read More]
Microsoft security teams share details on ransomware attacks linked to DEV-0270, a subgroup of Iran-linked Phosphorus. [Read More]
Microsoft has identified four Iranian hacking groups that participated in a July 2022 cyberattack targeting the Albanian government. [Read More]
The U.S. government's CISA, NSA, and ODNI have released the first part of a three-part joint guidance series on securing the software supply chain. [Read More]
The latest funding was led by CIBC Innovation Banking and brings the total raised by the Maryland start-up to $100 million. [Read More]
Zyxel has released patches for a format string vulnerability impacting the firmware of multiple NAS device models. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Laurence Pitt's picture
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
William Lin's picture
I foresee a convergence of the tooling for telemetry aggregation, threat detection, managed services and remediation as a key milestone in the evolution of the modern SOC.
Marc Solomon's picture
When automation is consciously balanced between humans and machines, we can ensure security teams always have the best tool for the job.
Marc Solomon's picture
An open integration architecture provides the greatest access to data from technologies, threat feeds and other third-party sources, and the ability to drive action back to those technologies once a decision is made.
Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Landon Winkelvoss's picture
Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
Marc Solomon's picture
Security is a big data problem. Solving it is all about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure.