Security and Vulnerability Management

Security and vulnerability management

cutcaster 901483111 anti terror police force small
estonia lead image

RSA Conference Should Push For Technology Integration

Since cybersecurity software architecture has become an enterprise requirement, the RSA Conference should take a more proactive role in promoting technology integration

Threat Intelligence Sharing Momentum and Needs

Government and infosec industry should build upon threat intelligence energy by focusing on education, standards use-cases, and best practices

wordpress 265132 1280

How to avoid getting hacked due to vulnerable WordPress plugins

If you’re running a WordPress site and given the number of potentially show-stopping problems that exist, get fixed, and are replaced with new problems that are just as bad then you need to be on top of what plugins you’re using and...

Anticipating RSA 2015

Focus on threat detection/response, endpoints, threat intelligence, IAM, cloud, and SDN

A Security Intelligence reference model to assess your security posture

While Business Intelligence helps you identify business opportunities, SI helps you do much the same thing with threat information

Massive Enterprise Endpoint Security Opportunity

Next-generation endpoint security suite could be a billion dollar play

The Increasing Cybersecurity Attack Surface

New technology deployment opens cyber-threat vectors and makes security operations more complex

privacy policy 510733 1920

Qwerty Card: A lo-tech solution to managing hi-tech passwords

For a few years I’ve used a password system that’s been really successful and it's based on a simple formula ... but if that's too much for you check out Qwerty Card ...

password 397655 1280

Users plus passwords equals disaster

Lost productivity, lousy security, and serious financial risk are the results of poor password management. Do you really need any more reasons to do something about your users and their passwords?

Will Public/Private Threat Intelligence Sharing Work?

Past examples point to a mixed record of success and failure.

pci security compliance

Verizon report: Security testing compliance down from last year

Compliance rates between audits increased substantially across all PCI DSS requirements except for security testing, according to a report released Wednesday by Verizon. In particular, the ratio of companies compliant on Requirement...

firehose

Information overload, SIEM version

Our manager is very happy with the performance of his security information and event management platform, but sometimes it’s too much for the network bandwidth. Fortunately, an easy fix is at hand.

mobile fingerprint identification

Biometric security is on the rise

Does biometrics have a huge role to play in corporate security programs? We asked several experts to weigh in on the pros and cons of biometric security.

clean desk

Low tech 'visual hacking' successful nine times out of 10

Researchers were able to get sensitive corporate information just by looking around corporate offices in 88 percent of attempts, according to a new study

patch bandage band-aid first-aid ouch cure remedy

Google relaxes strict bug disclosure rules after Microsoft grievances

Google today relaxed a strict 90-day vulnerability disclosure that put it at odds with rival Microsoft, saying it would give vendors a 14-day grace period if they promised to fix a flaw within the two-week stretch.

Book Report: Countdown to Zero Day

Kim Zetter's book on Stuxnet sheds light on esoteric areas like malware analysis, process automation, and cyber war.

cutcaster 902830953 tour small

Throw your vendor under the bus after a breach? Not quite so fast

Tips for your third-party risk management program.

cwjan15 klossner humanerror cartoon

The risks of a big man-made IT disaster are on the rise

IT services are but one human error away from a spectacular failure, and there's very little evidence to suggest that we've found a way to stop people from making mistakes. (Insider, registration required.)

Load More