Expert analysis
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Protecting your organization against privileged identity theft
What do the top data breaches of the 21st century have in common? Privileged identity abuse. In these breach instances, well-resourced, external actors were able to gain the …
SOC-as-a-Service promises threat protection in a world of scarce resources
Despite more than a few decades’ worth of technological advancement and millions of dollars’ worth of research, cyber threats continue to flourish. The situation has been …
Make sure you keep an eye on your APIs
Application programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Kubernetes security matures: Inside the project’s first audit
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created …
August 2019 Patch Tuesday forecast: Expect updates from Adobe, stay current on other updates
Microsoft released details on August 6 regarding another variant of the Spectre Variant 1 speculative execution side channel vulnerability (CVE-2019-1125). The vulnerability …
Prevent lateral attacks inside the data center with a defense-in-depth hardware layer
IT departments tend to be concerned primarily with cybersecurity attacks that originate from outside the enterprise, known as a “north-south” attacks. This often leaves them …
Security orchestration and automation checklist: How to choose the right vendor
Faced up against the well-chronicled global skills shortage, the ceaseless bombardment of security alerts and the hodgepodge of security tools unable to communicate with each …
DNS security is no longer optional
Several high-profile DNS security incidents have made headlines recently, a reminder that this integral part of the internet must not be taken for granted. Unlike enterprise …
Five examples of user-centered bank fraud
In today’s digital-first world, banks and financial service companies need to allow their customers to easily manage money online in order to compete. Unfortunately, most …
Research shows that devices banned by US government lack basic security practices
As the August 13 deadline looms for the US ban on Chinese surveillance cameras, the news cycle is re-engaged with the issue. The panic about banned cameras still being in …
Featured news
Resources
Don't miss
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers
- U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
- A safer way to break industrial systems (on purpose)
- Maltrail: Open-source malicious traffic detection system