compliance
3 steps to embracing NIST 800 security controls
One proven path to improving any organization’s security posture is to embrace the National Institute of Standards and Technology’s risk management framework set forth in its …
Trust is the key to cloud adoption
Intel Security released a global report advocating the need for technology vendors to help businesses, governments and consumers understand the implications surrounding …
Software tools and services used to achieve ISO 27001
With high profile breaches becoming almost a daily occurrence in the media, many organizations are now turning to the ISO 27001 information security standard to help them stay …
Developing a mobile health app? Check which federal laws apply
The Federal Trade Commission has created a new web-based tool for mobile health app developers, which is designed to help the developers understand what federal laws and …
My reflections after visiting RSA Conference 2016
RSA Conference has long been the place where security vendors announce new products and services, and industry trends are made. I was told by Centrify that recent breaches …
Qualys extends Cloud Agent Platform to support Linux and Mac OS
Qualys announced the expansion of the Qualys Cloud Agent Platform. The Cloud Agent platform empowers organizations with flexibility and real-time asset inventory searches on a …
Privileged identity management for SSH keys
ManageEngine launched Key Manager Plus, a comprehensive, Web-based, SSH key management solution at RSA Conference 2016. Available immediately, the new product joins …
Correlate real-time data from mobile devices across the enterprise
OptioLabs announced the availability of OptioInsight for enterprises using OptioCore-secured devices. OptioInsight correlates real-time data from mobile devices across the …
Mastercard’s Selfie ID: Playing Russian Roulette with consumer identities?
At this week’s Mobile World Congress in Barcelona, MasterCard announced it will accept selfie photographs and fingerprints as an alternative to passwords when verifying …
Why the legal sector is risking confidential information
The lack of unique logins, manual logoffs and concurrent logins is putting confidential information in the legal sector at risk, new research has revealed. A report by IS …
Compliance compounded by evolving threat landscape
As industry business models change, compliance challenges are being compounded by an evolving threat landscape and by increased scrutiny from federal agencies looking to …
New date for migrating off vulnerable SSL and early TLS encryption
Following significant feedback from the global PCI community and security experts, the Payment Card Industry Security Standards Council (PCI SSC) announced a change to the …
Featured news
Resources
Don't miss
- Balancing usability and security in the fight against identity-based attacks
- MSSqlPwner: Open-source tool for pentesting MSSQL servers
- Critical SimpleHelp vulnerabilities fixed, update your server instances!
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)