Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Cisco Systems has announced a new managed security solution that applies real-time, predictive analytics to detect attacks and protect customers from advanced malware across their extended networks.
Healthcare organizations are still struggling with information sharing both internally and externally, participants in an industry-wide cyber-security exercise said.
CrowdStrike has released a free tool to help organizations detect the presence of systems on their networks that are vulnerable to the OpenSSL Heartbleed vulnerability.
Verizon expanded its 2014 Data Breach Investigations Report to include security incidents that didn't result in breaches and provided industry-by-industry analysis of various threat types.
Damballa has raised $13 million from existing investors to capitalize on growing demand for its automated breach defense platform.
Ben-Gurion University of the Negev has signed a $8.5 million agreement with the Israel National Cyber Bureau to develop CyberSpark, which includes a National Cyber Research Center adjacent to BGU’s campus.
FireHost has $25 million in a Series E funding round led by its longtime investor, The Stephens Group.
According to researchers at Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against a customers’ VPN appliance and hijacked multiple active user sessions.
Attackers are shifting away from traditional botnet-based distributed denial of service attacks in favor of other techniques to launch larger attacks, Akamai Technologies said in its latest report.
Microsoft has updated its threat modeling tool with a number of new features.
- 1 of 153
- ››
FEATURES, INSIGHTS // Security Infrastructure
When evaluating managed security services the following five questions can help ensure you get the support you need to stay focused on the threat.
When the development cycle moves quickly, it will often bypass security. When rapid development equates to shoehorning security controls in after the fact, we’re left with an approach that has potentially disastrous consequences.
The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat intelligence.” I am a firm believer that intelligence is a process, not an individual thing, and that Intelligence is not “done.” It is “created.”
Security practitioners have long had a love-hate relationship with automation, and for good reason.
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
- 1 of 50
- ››
Subscribe to SecurityWeek
- SecurityWeek Acquires Industrial Control System (ICS) Cybersecurity Conference Series
- Mozilla Creates $10K Bug Bounty Program for New Certificate Verification Library
- FBI Informant Linked to Hacking of Foreign Websites: Report
- Bitcoin Exchange MtGox to Start Liquidation Process
- Tech Titans Launch 'Core Infrastructure Initiative' to Secure Key Open Source Components
- Five Questions to Ask When Evaluating Managed Security Services
- Rapid7 Launches Certification Programs for Metasploit, Nexpose Products
- Bad Bot Percentage of Web Traffic Nearly Doubled in 2013: Report
- AIG Expands Coverage to Include Physical Damage Caused By Cyber Attacks
- Brazil Hosts Meeting to Craft Internet Governance Rules
Copyright © 2014 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use