Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Zettaset introduced software-defined encryption for Kubernetes-managed containers, improving DevSecOps, enhancing data protection, and enabling compliance. [Read More]
U.S. Sen. Mark Warner has sent letters to six Internet networking device vendors urging them to ensure that their products remain secure during the COVID-19 social distancing efforts. [Read More]
Proton Technologies, the developer of ProtonMail and ProtonVPN, this week disclosed the existence of an unpatched iOS flaw that causes some VPN traffic to remain unencrypted. [Read More]
Four major wireless U.S. carriers are developing a new single sign-on variant they believe will finally do away with passwords. [Read More]
Mozilla is getting ready to remove support for FTP in the Firefox browser due to security concerns. [Read More]
A database containing over 5 billion records of data leaked in previous data breaches was exposed by a UK-based cybersecurity company. [Read More]
Researchers say a UK-based document printing and binding company leaked hundreds of gigabytes of information, including sensitive military documents, via an unprotected AWS server. [Read More]
SecurityWeek analyzes the first major updates to NIST SP 800-53 in seven years, with expanded safeguards for protecting system security and privacy. [Read More]
NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. [Read More]
Researchers say two connected financial services companies have exposed over 500,000 sensitive legal and financial documents. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Torsten George's picture
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
Marc Solomon's picture
It’s up to humans, guided by instinct, intelligence and experience, to determine the right data, so they can focus on what matters to the organization, make better decisions and take the right actions.
Craig Harber's picture
Many organizations are not aware that their network sensors are improperly or inefficiently deployed because they do not have a full understanding of how to act on the network traffic being collected.
Gunter Ollmann's picture
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
John Maddison's picture
A security platform is much more than just wrapping a collection of security tools together into a single bundle and then adding some sort of a shell script so independent management tools appear to be part of a congruent solution.
Jim Ducharme's picture
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
Preston Hogue's picture
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
John Maddison's picture
Physical and virtual security appliances traditionally suffer from performance challenges, especially when it comes to critical functions such as inspecting encrypted traffic.
Josh Lefkowitz's picture
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
Jim Ducharme's picture
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.