Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Cryptojacking Applications Land in Microsoft Store
US Says Ex-intel Official Defected to Iran, Revealed Secrets
DHS Cyber Leader Says 2020 Security Preparations Underway
CSRF Vulnerability in Facebook Earns Researcher $25,000
Mozilla, Others Want Big Retailers to Pledge Minimum IoT Security
long dotted

NEWS & INDUSTRY UPDATES

Impact of U.S. Government Shutdown on Cybersecurity: Feedback Friday
Cybersecurity professionals comment on the impact of the U.S. government shutdown, which is the longest in U.S. history, nearing one month. [Read More]
Defense Department Continuously Challenged on Cybersecurity
A recently published report from the United States Department of Defense (DoD) shows that. while it has improved its stance, it still faces challenges in managing cybersecurity. [Read More]
New Side-Channel Attack Targets OS Page Cache
Researchers who disclosed Meltdown, Spectre and other similar attacks are now back with a new type of side-channel attack, one that is hardware agnostic and targets the operating system page cache. [Read More]
Artificial Intelligence in Cybersecurity is Not Delivering on its Promise
Despite the current use and continuing interest in artificial intelligence (AI) and machine learning (ML) in cybersecurity, actual experience post-deployment is not so positive. [Read More]
Technical Data on U.S. Missile Defense System Lacks Adequate Protections, DoD Says
Security controls and processes necessary to protect ballistic missile defense system (BMDS) technical information and the United States Department of Defense (DoD) facilities haven’t been properly implemented, a newly published audit report reveals. [Read More]
AWS Security Hub Aggregates Alerts From Third-Party Tools
AWS launches Security Hub, a service that aggregates and prioritizes security alerts from both AWS and third-party security tools [Read More]
CVSS Scores Often Misleading for ICS Vulnerabilities: Experts
While CVSS can be useful for rating vulnerabilities, the use of the standard for flaws affecting ICS can have negative consequences, particularly if an organization relies solely on it for prioritizing patches [Read More]
OPM Security Improves, But Many Issues Still Unresolved: GAO
U.S. Office of Personnel Management (OPM) has improved its security posture since the data breaches disclosed in 2015, but many issues are still unresolved, GAO says in a report [Read More]
Google Launches reCAPTCHA v3
Google announces reCAPTCHA v3, which aims to improve user experience by eliminating challenges [Read More]
New IBM Security Platform Connects Data, Tools From Several Vendors
IBM Security Connect is a new cloud platform that brings together data, applications and tools from over a dozen vendors [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Josh Lefkowitz's picture
Collection Strategies: The Key Differentiator Among Threat Intelligence Vendors
Josh Lefkowitz - Incident Response
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Read full story
Ashley Arbuckle's picture
How to Mitigate the Threat Within
Ashley Arbuckle - Security Architecture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Read full story
Jack Danahy's picture
Demystifying Machine Learning: Turning the Buzzword Into Benefits for Endpoint Security
Jack Danahy - Endpoint Security
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Read full story
Adam Meyer's picture
Distinctions: Threat Information vs.Threat Intelligence
Adam Meyer - Security Architecture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Read full story
Scott Simkin's picture
Finding the ROI in Threat Intelligence
Scott Simkin - Incident Response
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Read full story
Avi Chesla's picture
Zero to One Security Innovation
Avi Chesla - Security Architecture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Read full story
Lance Cottrell's picture
Don't Get Caught in the Noise, Focus Your Security on What You can Control
Lance Cottrell - Security Architecture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Read full story
Rafal Los's picture
The Importance of Security Frameworks
Rafal Los - Security Architecture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Read full story
Joshua Goldfarb's picture
Collection, Sensing, and Alerting: Yesterday's News
Joshua Goldfarb - Incident Response
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Read full story
Scott Simkin's picture
Are You Getting the Most from Your Threat Intelligence Subscription?
Scott Simkin - Security Architecture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
Read full story