Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

ISC patches vulnerabilities in BIND that could be exploited remotely to cause a denial-of-service (DOS) problems. [Read More]
Software supply chain security fears escalated with the discovery of "deliberate sabotage" of code in the open-source npm package manager ecosystem. [Read More]
NIST has released the final version of a special publication focusing on offering information and guidance to manufacturers for protecting ICS environments. [Read More]
The guidance is generic, meant to be applied to a broad range of network devices. [Read More]
Threat hunters at Symantec share notes on Daxin, “the most advanced piece of malware Symantec researchers have seen used by a China-linked actor.” [Read More]
Israeli startup Astrix Security has banked $15 million to build technology to help organizations secure third-party app integrations. [Read More]
SecurityWeek will host its 2022 Attack Surface Management Summit, Presented by Randori, as a fully immersive virtual event today. [Read More]
ENISA and CERT-EU have released guidance to help CISOs and other decision makers in public and private organizations increase their cyber resilience. [Read More]
CISA has compiled a list of free cybersecurity services and tools that can help organizations reduce risk and improve resilience. [Read More]
The tech giant is offering big cash rewards for hackers reporting critical vulnerabilities in Linux Kernel, Kubernetes, GKE and kCTF. [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Preston Hogue's picture
The healthcare industry will need advanced security measures to identify and mitigate flaws in new apps carrying the world’s most sensitive, regulated information.
Marie Hattar's picture
Organizations should regularly put security products, processes and people to the test, and the reward is better, more efficient protection against attacks.
Josh Lefkowitz's picture
Choosing which vendor to partner with can be exceptionally difficult for MSSPs due to the oversaturation and complexity of the threat intelligence market.
Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
Grady Summers's picture
There are many pitfalls, and some simple rules that can help you make smarter decisions if you are in looking to purchase security products seen at RSA Conference.
Josh Lefkowitz's picture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Ashley Arbuckle's picture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.