Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Tripwire launches Penetration Testing Assessment and Industrial Cybersecurity Assessment services to help organizations find vulnerabilities in their systems. [Read More]
Wireshark 3.0.0 has been released and one of the most important changes is that WinPcap has been replaced with the Npcap packet sniffing library. [Read More]
Malicious actors could plant backdoors on bare metal cloud servers and use them to disrupt applications, steal data, and launch ransomware attacks, researchers warn. [Read More]
Mozilla and 10 other organizations are asking major US retailers such as Target, Walmart, Best Buy and Amazon to require minimum security and privacy for the IoT devices they sell. [Read More]
Beijing calls the latest US warning against using Huawei equipment "groundless", as the Chinese telecom giant faces espionage fears in a growing number of countries. [Read More]
Researchers demonstrate that Intel’s SGX technology can be abused to hide an advanced piece of malware that can allow attackers to steal data and conduct activities on the victim’s behalf. [Read More]
Bot protection firm PerimeterX raises $43 million in a Series C funding round, which brings the total raised by the company to over $77 million. [Read More]
The latest version of Chrome OS puts the Shill network manager in a sandbox and removes its root privileges. [Read More]
Tenable’s new Predictive Prioritization service is designed to help customers of its vulnerability management offering prioritize flaws that have the greatest likelihood of being exploited. [Read More]
The Swiss government has launched a public bug bounty program with rewards of up to $50,000 for its e-voting systems. Researchers from all around the world invited to participate. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Josh Lefkowitz's picture
The best way for intelligence practitioners to identify what types of context their intelligence consumers truly need is simply to ask them.
Alastair Paterson's picture
By understanding where assets are exposed, their value to attackers, and how attackers target this data, organizations can make better decisions about their defenses and improve them over time.
Josh Lefkowitz's picture
Josh Lefkowitz shares—and debunks—some of the most persistent and misleading BRI fallacies he has heard over the years.
Alastair Paterson's picture
Organizations’ perimeters will continue to erode as their digital footprints expand, but with the right risk protection strategy any organization can succeed in the age of digital transformation.
Grady Summers's picture
Companies in China are facing many of the same threats that your organization faces today, but they are addressing these threats at a massive scale, on emerging platforms, and with innovative approaches that we can learn from.
Marc Solomon's picture
The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.
Joshua Goldfarb's picture
In some instances, it is precisely because we are so familiar and comfortable with something that makes us incapable of seeing that there is a better way.
Josh Lefkowitz's picture
A business risk intelligence (BRI) program needs to understand and account for the different categories of risk faced by all business functions across an enterprise.
Alastair Paterson's picture
Organizations that continuously monitor their digital footprint and understand their online exposure will be the most effective at mitigating digital risk in the new year.
Lance Cottrell's picture
We spend a lot of time thinking about and trying to mitigate threats that are so extreme you are basically already doomed if they are ever used against you.