Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

According to data from Tenable, more than 70 percent of global organizations remain vulnerable to the Log4Shell flaw as of October this year. [Read More]
Sphere Technology Solutions, a New Jersey startup building technology to help defenders clean up excessive and unnecessary access, raises a $31 million Series B round. [Read More]
Google researchers call attention to the ongoing “patch-gap” problem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. [Read More]
US authorities announced a ban on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear from Chinese giants Huawei Technologies and ZTE. [Read More]
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
Google has announced the release of YARA rules and a VirusTotal Collection to help detect Cobalt Strike and disrupt its malicious use. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
A team of researchers has shown how a networking technology vulnerability could be exploited to hack spacecraft and other critical systems. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Jeff Orloff's picture
The MITRE D3FEND framework is only as effective as the planning that goes into making sure it is properly aligned with the top threats facing the organization.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Torsten George's picture
Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.
Marc Solomon's picture
Within the context of security operations, anticipation teams use internal and external threat and event data across their security infrastructure for context and analytics and to become more proactive.
John Maddison's picture
Universal ZTNA is the easiest and most effective way to ensure that every user and device has secure access to the applications they need to do their jobs.
Gordon Lawson's picture
Zero trust is a great way to approach security, but we need to change the paradigm to prevent threats, instead of just detecting them.
Laurence Pitt's picture
A well-implemented ZTNA with the ‘trust-no-one, assume nothing’ mantra is also a great tool to mitigate potential attacks.
Derek Manky's picture
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
Marc Solomon's picture
Security orchestration is about getting multiple systems in the Security Operations Center (SOC) to work together so you can detect, remediate and respond across the infrastructure.
John Maddison's picture
Digital acceleration, user demand, and shifting business strategies add new edges to the network, making it increasingly difficult to manage and even harder to secure.