Security Experts:

WRITE FOR US
Security Infrastructure

LATEST SECURITY NEWS HEADLINES

rss icon

GAO Report Knocks SEC for Cybersecurity Failings
Attackers Less Reliant on Botnets to Launch Powerful DDoS Attacks: Akamai
Satellite Telecom Vulnerable to Hackers: Researchers
Snowden Questions Putin on Surveillance in Phone-in
Microsoft Updates Threat Modeling Tool
long dotted

NEWS & INDUSTRY UPDATES

Why The Heartbleed Vulnerability Matters and What To Do About It
The Heartbleed vulnerability is "catastrophic” for SSL and Internet security, Bruce Schneier, told SecurityWeek. “On the scale of 1 to 10, this is an 11,” he said. Here is what organizations need to know and what actions they should take.
Read More..
Security Startups: Interview With Defense.Net Founder and CTO Barrett Lyon
Defense.Net is a startup providing DDoS mitigation as a service. SecurityWeek sat down with CTO and Founder Barrett Lyon to discuss the security startup.
Read More..
AT&T Offers Cloud Security Solution Powered by Blue Coat
AT&T is offering a new cloud-based security solution designed to protect customers against malware and malicious websites while offering security policy control across enterprise, web, social and mobile networks.
Read More..
Entrust Combines Certificate Management, Credentialing Solution in Cloud-based Platform
Entrust launched a new cloud-based service that consolidates the management of digital identities, SSL certificates and credentials via a single solution platform.
Read More..
Siemens, McAfee to Extend Partnership on Industrial Security
McAfee and Siemens said that the two companies would extend an existing partnership designed to help industrial customers protect against cyber threats.
Read More..
Bradford Networks Automates Threat Containment Process With New Offering
Bradford Networks, a provider of threat response solutions, unveiled a new offering designed to help organizations rapidly contain advanced cyber threats.
Read More..
Sparks Fly Over US Plan to Shift Internet Role
A plan unveiled last month would see the US relinquish its key oversight role for the Internet, handing that over to "the global multi-stakeholder community."
Read More..
WatchGuard Adds Sandbox-based APT Protection to UTMs, Firewalls
Seattle, Washington-based network security firm WatchGuard Technologies has added a new level of defense to its Unified Threat Management (UTM) and Next-Gen Firewall (NGFW) appliances to help block Advance Persistent Threats.
Read More..
McAfee Says CIOs in The Dark on Advanced Evasion Techniques
McAfee’s report explains how Advanced Evasion Techniques (AETs), are used to evade detection for long periods of time.
Read More..
Yahoo Says Now Encrypting Traffic Between Datacenters, More Encryption Coming
Yahoo’s recently-appointed VP of Information Security and CISO said on Wednesday that as of this week, Internet traffic moving between Yahoo’s data centers is now fully encrypted.
Read More..

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Chris Coleman's picture
Shaping the Threat Intelligence Management Market
Chris Coleman - Network Security
The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat intelligence.” I am a firm believer that intelligence is a process, not an individual thing, and that Intelligence is not “done.” It is “created.”
Read full story
Nimmy Reichenberg's picture
In Automation We Trust! (Or Do We?)
Nimmy Reichenberg - Network Security
Security practitioners have long had a love-hate relationship with automation, and for good reason.
Read full story
Torsten George's picture
Security Threats: Risk's Often Neglected Step Child
Torsten George - Network Security
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Read full story
Wade Williamson's picture
Security is Not a Commodity - Breaking Out of Security Paralysis
Wade Williamson - Network Security
As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.
Read full story
Marcus Ranum's picture
True White-Knuckled Stories of Metrics in Action: Sylvan
Marcus Ranum - Disaster Recovery
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Read full story
Chris Hinkley's picture
When Technology Isn't Enough: Elevating the Human Element in Preventing Data Breaches
Chris Hinkley - Network Security
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.
Read full story
Danelle Au's picture
Addressing Cyberattacks via Positive Enforcement Model
Danelle Au - Network Security
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Read full story
Mark Hatton's picture
Healthcare Security: Where's the Hype for HIPAA?
Mark Hatton - Compliance
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Read full story
Nimmy Reichenberg's picture
Improving Security via Proper Network Segmentation
Nimmy Reichenberg - Network Security
By properly segregating the network, you are essentially minimizing the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do.
Read full story
Torsten George's picture
The NIST Cybersecurity Framework - Improving Cyber Resilience?
Torsten George - Network Security
The NIST Cybersecurity Framework is a good first step towards creating a standardized approach to cyber security, but requires many substantial updates before really improving our nation’s cyber resilience.
Read full story