Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A recently patched security vulnerability in the Kaspersky VPN application for Android resulted in DNS addresses being exposed. [Read More]
High volume of malicious internal reconnaissance and lateral movement observed in the manufacturing industry, reports threat detection firm Vectra [Read More]
There were seven times more distributed denial (DDoS) attacks larger than 300 Gbps (gigabit per second) observed during the first six months of 2018 compared to the first half of 2017, NETSCOUT Arbor reveals. [Read More]
Facebook announced the open source availability of Fizz, a TLS library written in C++ 14 that includes the new generation of Transport Layer Security (TLS 1.3). [Read More]
Mozilla has reaffirmed its commitment to distrust all Symantec certificates starting in late October 2018, when Firefox 63 is set to be released to the stable channel. [Read More]
NetSpectre shows that Spectre Variant 1 attacks can be used to read arbitrary memory data remotely in a LAN or the cloud, but exfiltration is limited to 60 bits per hour [Read More]
Network traffic analysis firm Gigamon announced plans to acquire network security startup ICEBRG. [Read More]
Researcher earns $13,337 from Google after finding a serious SSRF vulnerability on its internal network that may have exposed sensitive information [Read More]
Research conducted by IoT security firm Armis shows that DNS rebinding exposes nearly half a billion devices in the enterprise to attacks [Read More]
Cisco finds and patches critical flaws in Policy Suite, and high severity flaws in SD-WAN, WebEx Network Recording Player, and Nexus 9000 switches [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

John Maddison's picture
Since access control technologies are usually the first network element that a new device touches, they need to be able to automatically recognize IoT devices.
Joshua Goldfarb's picture
In security, one of our goals should always be to broaden our perspective, field of view, and horizons to minimize the risk that we will be blindsided by something we didn’t see coming.
Joshua Goldfarb's picture
When an organization controls its security technology portion size, it enables the organization to better address strategic requirements and to work far more efficiently.
Stan Engelbrecht's picture
The principles of automation and orchestration are necessary to counter the skills and resource gap, and their impact is amplified when applied across the broader picture of cybersecurity, compliance, risk and case management.
Marie Hattar's picture
Stopping DDoS attacks is not a matter of improving security of IoT devices. Enterprises need to take responsibility and be better at identifying and preventing DDoS attacks as they happen in real time.
David Holmes's picture
Forward Secrecy (sometimes called Perfect Forward Secrecy or PFS), is a cryptographic technique that adds an additional layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic.
Laurence Pitt's picture
The rapid proliferation of connected things is leaving networks exposed with more potential entry points that are vulnerable to attack.
Erin O’Malley's picture
SecOps and NetOps are starting to put aside their differences and find ways to work better together. As Gartner reports, these once distinct groups have begun to realize and accept that alignment is not a nice to have, but a business imperative.
John Maddison's picture
Even though a NOC or a SOC consolidates a variety of tools and measurements into a single management system, they are still too isolated.
Joshua Goldfarb's picture
The security operations workflow has grown more sophisticated and complex, and the value that most organizations get out of their SIEM deployment is far lower than it used to be.