Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Security experts warn that the 'Sabbath' ransomware group is targeting organizations in education, health and natural resources in both the United States and Canada. [Read More]
Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]
Cloudflare said the multi-vector distributed denial of service attack combined DNS amplification attacks and UDP floods and lasted just one minute. [Read More]
AT&T Alien Labs researchers flag new Golang-based malware threat that could potentially infect millions of routers and Internet of Things (IoT) devices. [Read More]
Security researchers spot signs that the Babuk ransomware gang is targeting ProxyShell vulnerabilities in Microsoft Exchange Server. [Read More]
Software supply chain security jitters escalated again Friday with new “critical severity” warnings about malware embedded in two npm package managers with millions of weekly downloads. [Read More]
The NSA and CISA have released cybersecurity guidance to help cloud providers and mobile network operators secure 5G cloud infrastructure. [Read More]
Ranzy Locker ransomware has been targeting businesses in the United States since late 2020, with more than 30 victims identified by July 2021. [Read More]
Illumio's newest product seeks to solve the two primary security issues that come with moving to the cloud: the danger of accidental misconfigurations and the loss of visibility. [Read More]
In the event of a nation-state attack, Microsoft's new security offering will provide proactive monitoring and notification to non-profit organizations. [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
Grady Summers's picture
There are many pitfalls, and some simple rules that can help you make smarter decisions if you are in looking to purchase security products seen at RSA Conference.
Josh Lefkowitz's picture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Ashley Arbuckle's picture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Avi Chesla's picture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Lance Cottrell's picture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Rafal Los's picture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.