Security Experts:

Security Infrastructure
long dotted


Enso Security, a company that claims to have built the first Application Security Posture Management platform, has emerged from stealth with $6 million in seed funding. [Read More]
SecurityWeek Exclusive: The results of 13 million medical examinations relating to around 3.5 million U.S. patients are unprotected and available to anyone on the internet. [Read More]
Microsoft this week announced the availability of a new password spray detection for Azure AD Identity Protection customers. [Read More]
A series of vulnerabilities discovered by researchers in devices made by online privacy firm Winston Privacy can expose users’ networks to remote attacks. [Read More]
Analysis of the manner in which popular chat applications handle link previews has revealed several privacy and security issues, including some that still need addressing, security researchers warn. [Read More]
Palo Alto Networks has threatened legal action against Orca Security after the latter made a comparison between products from the two companies. [Read More]
The German government Wednesday agreed to allow secret services to listen in on conversations via encrypted messaging services such as Messenger or Whatsapp as a means of tackling terrorism. [Read More]
Identity intelligence company 4iQ raises $30 million in a Series C funding round, which brings the total raised to date to $63 million. [Read More]
Irish privacy regulators have opened two investigations into Instagram over the social media site’s handling of young people’s personal data. [Read More]
Google has revealed that its infrastructure was targeted in a record-breaking 2.5 Tbps DDoS attack in 2017. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Galina Antova's picture
The COVID-19 crisis and its associated constraints has shown us that many of the activities we considered “priorities” before March are not really priorities.
Gunter Ollmann's picture
The phrase “assume breach” has been transformational to enterprise security investment and defensive strategy for a few years but may now be close to retirement.
Justin Fier's picture
Businesses should be emphasizing visibility, early threat detection, and focusing on understanding ‘normal’ activity rather than ‘bad.’
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
Laurence Pitt's picture
To minimize the effect of an attack, an automated response is vital, which can reduce the amount of time between infection and resolution.
John Maddison's picture
By combining verifiable trust, intent-based segmentation, and integrated security, organizations can establish a trustworthy, security-driven networking strategy.
Jim Ducharme's picture
Let’s look at some real-world examples of the identity management challenges remote work is creating, and at what it means to rethink identity governance and lifecycle to meet those challenges.
Laurence Pitt's picture
Developing an ROI model takes time – my recommendation would be to focus on a simple security project that will return high value to the business when proven successful.
Torsten George's picture
The integration of identity with security is still work in progress, with less than half of businesses having fully implemented key identity-related access controls according to a research study.