An alert sent out this week by CISA reiterates previously issued recommendations on how organizations should properly secure Microsoft Office 365 deployments. [Read More]
Microsoft has launched a free zero trust assessment tool that helps organizations see where they are and provides recommendations for moving forward. [Read More]
Beginning March, when Firefox 74 is set to arrive in the release channel, Mozilla will disable older Transport Layer Security (TLS) protocol versions as default options for secure connections. [Read More]
Many devices are likely still vulnerable to DMA attacks, despite the fact that hardware and software vendors have taken steps to prevent such attacks. [Read More]
Google unveils OpenTitan, an open source silicon root of trust (RoT) project that can help ensure both hardware infrastructure and the software running on it remain in a trustworthy state. [Read More]
VMware unveils new security features and enhancements for its NSX, SD-WAN and Secure State products, along with a new zero trust architecture for digital workspaces. [Read More]
A group of security researchers from German universities has devised a new class of web cache poisoning attacks that could render victim services unreachable. [Read More]
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.