Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cybersecurity professionals comment on the impact of the U.S. government shutdown, which is the longest in U.S. history, nearing one month. [Read More]
A recently published report from the United States Department of Defense (DoD) shows that. while it has improved its stance, it still faces challenges in managing cybersecurity. [Read More]
Researchers who disclosed Meltdown, Spectre and other similar attacks are now back with a new type of side-channel attack, one that is hardware agnostic and targets the operating system page cache. [Read More]
Despite the current use and continuing interest in artificial intelligence (AI) and machine learning (ML) in cybersecurity, actual experience post-deployment is not so positive. [Read More]
Security controls and processes necessary to protect ballistic missile defense system (BMDS) technical information and the United States Department of Defense (DoD) facilities haven’t been properly implemented, a newly published audit report reveals. [Read More]
AWS launches Security Hub, a service that aggregates and prioritizes security alerts from both AWS and third-party security tools [Read More]
While CVSS can be useful for rating vulnerabilities, the use of the standard for flaws affecting ICS can have negative consequences, particularly if an organization relies solely on it for prioritizing patches [Read More]
U.S. Office of Personnel Management (OPM) has improved its security posture since the data breaches disclosed in 2015, but many issues are still unresolved, GAO says in a report [Read More]
Google announces reCAPTCHA v3, which aims to improve user experience by eliminating challenges [Read More]
IBM Security Connect is a new cloud platform that brings together data, applications and tools from over a dozen vendors [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Josh Lefkowitz's picture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Ashley Arbuckle's picture
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Avi Chesla's picture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Lance Cottrell's picture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Rafal Los's picture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.