Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
While CVSS can be useful for rating vulnerabilities, the use of the standard for flaws affecting ICS can have negative consequences, particularly if an organization relies solely on it for prioritizing patches [Read More]
U.S. Office of Personnel Management (OPM) has improved its security posture since the data breaches disclosed in 2015, but many issues are still unresolved, GAO says in a report [Read More]
Google announces reCAPTCHA v3, which aims to improve user experience by eliminating challenges [Read More]
IBM Security Connect is a new cloud platform that brings together data, applications and tools from over a dozen vendors [Read More]
Mozilla this week announced that the distrust of older Symantec certificates, initially planned for Firefox 63, will be delayed. [Read More]
Senate Homeland Security and Governmental Affairs Committee votes to approve several cybersecurity bills, including for incident response, a diagnostics and mitigation program, cyber workforce rotation, supply chain security, and safeguarding federal information systems [Read More]
Rapid7 adds automation and orchestration capabilities to its Insight Platform, and new automation functionality to vulnerability management and incident response tools [Read More]
Verodin, a company that provides a platform for assessing the effectiveness of security products, raises $21 million in Series B funding round [Read More]
GitHub adds support for Python to its security alerts feature, which notifies developers if their packages contain vulnerabilities [Read More]
A cyber-espionage group is abusing code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor, ESET reports. [Read More]
FEATURES, INSIGHTS // Security Architecture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.
In security, we have grown accustomed to treating the symptoms of our problems, rather than treating the problems themselves.
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
While we must continue to use defensive technologies because they help address the level of white noise that has become part of the cost to operate in our hyper-connected, digitized world, we can’t stop there.
There are many contextual details that differentiate cyber threat information from threat intelligence. Only with the proper context can data be considered intelligence, rather than simply information.
Taking a look at security from a different vantage point that allows us to correlate activity by user, rather than by system alone gives us a very different perspective.
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.
Rather than proceed step by step through the process of building and maturing a security operations function, security teams often want to move immediately into very advanced topics.
Today’s network perimeter is increasingly not a single physical or virtual place, yet much of the industry debate is still focused on the perimeter.
SecurityWeek Daily Briefing
- Industrial Cybersecurity Firm Nozomi Launches Research Department
- Cloudflare Launches New HTTPS Interception Detection Tools
- Mobile App Security Firm Blue Cedar Raises $17 Million
- Microsoft Dominates 2018's Most Exploited Vulnerabilities
- Researcher Finds Novel Bug Class in Windows Kernel
- Aluminum Giant Norsk Hydro Hit by Ransomware
- Norway's Norsk Hydro Hit by 'Extensive' Cyberattack
- From Traffic Cop to Fleet Manager, DLP Evolves Beyond the Perimeter
- Google Open Sources Sandboxed API
- New Mirai Variant Targets Enterprise IoT Devices
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy