Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

GitHub adds support for Python to its security alerts feature, which notifies developers if their packages contain vulnerabilities [Read More]
A cyber-espionage group is abusing code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor, ESET reports. [Read More]
The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional Standard for Security. [Read More]
The State Department, the Department of Homeland Security, the Department of Commerce, and the Office of Management and Budget issue reports in response to the 2017 cybersecurity executive order [Read More]
Senator Ron Wyden instructs the U.S. Department of Defense (DoD) to implement HTTPS and other cybersecurity best practices on all its websites and web services [Read More]
U.S. Department of Energy lays out its multiyear cybersecurity plan, which includes strengthening preparedness, coordinating incident response and recovery, and accelerating RD&D [Read More]
Kaspersky researchers find a significant number of vulnerabilities in OPC UA, a widely used industrial communications protocol [Read More]
SafeBreach raises $15 million in Series B funding round, bringing the total raised by the company so far to $34 million [Read More]
Regulus Cyber raises $6.3 million in seed and Series A funding, and unveils a solution designed to protect sensors, communications and data in cars, robots and drones [Read More]
Slack releases goSDL, an open source secure development lifecycle (SDL) tool designed to provide developers a tailored security checklist for their projects [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Josh Lefkowitz's picture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Ashley Arbuckle's picture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Avi Chesla's picture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Lance Cottrell's picture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Rafal Los's picture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.