Security Experts:

long dotted


Security experts earned more than $100,000 for over 100 vulnerabilities reported as part of the Hack the Air Force 2.0 bug bounty challenge [Read More]
Mozilla announces intention to restrict the AppCache mechanism to secure connections in Firefox and other major web browser vendors plan on doing the same [Read More]
Google Cloud Identity & Access Management (IAM) users can now assign custom roles for fine-grained security [Read More]
Israel-based railway cybersecurity startup Cylus emerges from stealth mode with $4.7 million in seed funding [Read More]
Facebook announces “Secure the Internet Grants” - researchers offered $100,000 for proposals on improving the security, safety and privacy of users [Read More]
PureSec emerges from stealth with security product for serverless architectures and a guide describing the top 10 risks for serverless applications [Read More]
ICS-CERT conducted over 170 assessments in critical infrastructure organizations in 2017 – main weakness remains improper boundary protection, but shared user accounts are increasingly problematic [Read More]
ICS vendors are assessing the impact of the Meltdown and Spectre vulnerabilities, but extensive testing is needed before any patches can be applied [Read More]
AMD will soon provide optional processor microcode updates designed to mitigate Spectre attacks. Meltdown does not impact the company's CPUs [Read More]
Microsoft, Amazon, ARM, Google, Apple and others have addressed the Meltdown and Spectre vulnerabilities affecting CPUs [Read More]

FEATURES, INSIGHTS // Security Architecture

rss icon

Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
Avi Chesla's picture
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
Lance Cottrell's picture
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Rafal Los's picture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Joshua Goldfarb's picture
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Scott Simkin's picture
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
Johnnie Konstantas's picture
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.
Joshua Goldfarb's picture
In security, we have grown accustomed to treating the symptoms of our problems, rather than treating the problems themselves.