Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The NSA has released guidance for securing Unified Communications (UC) and Voice and Video over IP (VVoIP) enterprise communication systems. [Read More]
Google unveils a new end-to-end framework to help drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. [Read More]
General Manager of the Microsoft Threat Intelligence Center (MSTIC) John Lambert recently keynoted the SecurityWeek threat-intelligence summit where he called for a more collaborative approach to information sharing in cybersecurity. [Read More]
Identity management provider Elisity closes Series A funding to help scale and meet demand for its cloud-delivered cybersecurity platform. [Read More]
Patch Tuesday takes on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild. [Read More]
The Microsoft initiative builds on the need for APAC governments to build cyber-defense strategies and keep the region protected from attacks through strong collaboration with tech companies. [Read More]
Over a dozen U.S. lawmakers have reintroduced the Pipeline Security Act following the recent ransomware attack on Colonial Pipeline. [Read More]
A new update for the Apple Platform Security Guide provides more details on recently announced authentication features. [Read More]
Panaseer banks $26.5 million in Series B funding to build out a Continuous Controls Monitoring (CCM) platform to help organizations identify assets and manage security controls. [Read More]
The U.S. Department of Defense has put all public-facing websites and applications in scope for an expanded vulnerability disclosure program. [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Ashley Arbuckle's picture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Avi Chesla's picture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Lance Cottrell's picture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Rafal Los's picture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
Johnnie Konstantas's picture
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.