Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
GitHub adds support for Python to its security alerts feature, which notifies developers if their packages contain vulnerabilities [Read More]
A cyber-espionage group is abusing code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor, ESET reports. [Read More]
The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional Standard for Security. [Read More]
The State Department, the Department of Homeland Security, the Department of Commerce, and the Office of Management and Budget issue reports in response to the 2017 cybersecurity executive order [Read More]
Senator Ron Wyden instructs the U.S. Department of Defense (DoD) to implement HTTPS and other cybersecurity best practices on all its websites and web services [Read More]
U.S. Department of Energy lays out its multiyear cybersecurity plan, which includes strengthening preparedness, coordinating incident response and recovery, and accelerating RD&D [Read More]
Kaspersky researchers find a significant number of vulnerabilities in OPC UA, a widely used industrial communications protocol [Read More]
SafeBreach raises $15 million in Series B funding round, bringing the total raised by the company so far to $34 million [Read More]
Regulus Cyber raises $6.3 million in seed and Series A funding, and unveils a solution designed to protect sensors, communications and data in cars, robots and drones [Read More]
Slack releases goSDL, an open source secure development lifecycle (SDL) tool designed to provide developers a tailored security checklist for their projects [Read More]
- 1 of 29
- ››
FEATURES, INSIGHTS // Security Architecture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
As a security professional, it’s time to take a fresh look at what your organization can do to compensate for insider negligence.
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.
In today’s market, more does not mean better. We need security innovation that makes more of what the industry already has by turning what we have into what we need.
By focusing on key attack surfaces and architecting systems to maximize the effectiveness of our monitoring efforts we can detect and stop intrusions much more quickly.
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- Flaws Open Telepresence Robots to Prying Eyes
- NFCdrip Attack Proves Long-Range Data Exfiltration via NFC
- Apple's Revamped Privacy Website Offers Users Access to Their Data
- Google Pixel 3 Improves Data Protection with Security Chip
- 'Operation Oceansalt' Reuses Code from Chinese Group APT1
- 3 Public Cloud Security Myths Debunked
- Facebook Launches 'War Room' to Combat Manipulation
- Ex-Virginia Teacher Charged in 2014 'Celebgate' Hacking
- Tumblr Vulnerability Exposed User Account Information
- Ex-Equifax Manager Gets Home Confinement for Insider Trading
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy