Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Researchers flag a total of eight vulnerabilities in the operating system, all exploitable from within Bluetooth LE range. [Read More]
Veracode reveals that some developers take more than 7 months to address vulnerable libraries in their applications. [Read More]
Identity solutions provider Transmit Security has raised $543 million in a Series A funding round, at a pre-money valuation of $2.2 billion. [Read More]
Attacks against container infrastructures continue to increase in both frequency and sophistication. The attacks are becoming more evasive, while the supply chain is now targeted, a new report shows. [Read More]
The NSA has released guidance for securing Unified Communications (UC) and Voice and Video over IP (VVoIP) enterprise communication systems. [Read More]
Akamai has blamed Thursday’s outage on an issue with its Prolexic DDoS attack protection service. [Read More]
Google unveils a new end-to-end framework to help drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. [Read More]
The Russian cybersecurity firm has issued a report on ‘Ferocious Kitten’, an advanced threat actor in Iran that’s been conducting domestic cyber-surveillance for the last six years. [Read More]
Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited. [Read More]
Google has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Marie Hattar's picture
Security is never static, and networks will always be evolving, so make sure you’re continuously validating your security posture and ready for whatever comes next.
John Maddison's picture
As enterprises adopt 5G networks and services to enable digital innovation across new network edges, they are also introducing new risks.
Marc Solomon's picture
As you determine what security technologies to invest in, develop not only a technology roadmap, but also include and align an operational roadmap.
William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Derek Manky's picture
Although every network environment is unique, there are steps any organization can begin to implement now to reduce their risk from ransomware and other advanced threats.
Tim Bandos's picture
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
Gordon Lawson's picture
While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.
William Lin's picture
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”
John Maddison's picture
The best defense in depth strategy is one that enables multiple tools, deployed across the distributed network—including endpoints, clouds, and applications—to work as a unified solution to detect and respond to threats.