Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Chinese telecoms giant Huawei is facing obstructions around the world over alleged cyber-security risks. [Read More]
Salt Security emerges from stealth mode with a solution designed to identify and prevent API attacks and $10 million in funding. [Read More]
AWS launches Amazon WorkLink, a service that enables organizations to provide employees easy and secure access to internal assets from their mobile devices. [Read More]
PCI Security Standards Council (PCI SSC) publishes new security standards for the design and development of payment software. [Read More]
Cybersecurity professionals comment on the impact of the U.S. government shutdown, which is the longest in U.S. history, nearing one month. [Read More]
A recently published report from the United States Department of Defense (DoD) shows that. while it has improved its stance, it still faces challenges in managing cybersecurity. [Read More]
Researchers who disclosed Meltdown, Spectre and other similar attacks are now back with a new type of side-channel attack, one that is hardware agnostic and targets the operating system page cache. [Read More]
Despite the current use and continuing interest in artificial intelligence (AI) and machine learning (ML) in cybersecurity, actual experience post-deployment is not so positive. [Read More]
Security controls and processes necessary to protect ballistic missile defense system (BMDS) technical information and the United States Department of Defense (DoD) facilities haven’t been properly implemented, a newly published audit report reveals. [Read More]
AWS launches Security Hub, a service that aggregates and prioritizes security alerts from both AWS and third-party security tools [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
Johnnie Konstantas's picture
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.
Joshua Goldfarb's picture
In security, we have grown accustomed to treating the symptoms of our problems, rather than treating the problems themselves.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
Tim Layton's picture
While we must continue to use defensive technologies because they help address the level of white noise that has become part of the cost to operate in our hyper-connected, digitized world, we can’t stop there.
Joshua Goldfarb's picture
There are many contextual details that differentiate cyber threat information from threat intelligence. Only with the proper context can data be considered intelligence, rather than simply information.
Joshua Goldfarb's picture
Taking a look at security from a different vantage point that allows us to correlate activity by user, rather than by system alone gives us a very different perspective.
Scott Simkin's picture
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.
Joshua Goldfarb's picture
Rather than proceed step by step through the process of building and maturing a security operations function, security teams often want to move immediately into very advanced topics.