Risk assessments metrics and frameworks
- July 28, 2017
Analyzing infosec through the lens of game theory shows that cyber-risk analysis and wasting attacker time may be highly effective cybersecurity strategies.
- February 22, 2017
One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives.
- December 09, 2016
The IBM Watson for Cyber Security beta program aims to augment human intelligence, but experts question if IBM can distinguish it from other machine learning products.
- September 21, 2016
The SWIFT messaging system aims to improve the security of supported banks with new antifraud reports, but experts are unsure how useful the anomaly detection will be.
- September 15, 2016
Oracle's lack of response to security researchers raises more questions after a zero-day MySQL vulnerability was reported, though patches may have already been released.
- July 18, 2016
Responsible disclosure wins as researchers roll out branded website for 'httpoxy,' a set of vulnerabilities in server-side web apps that use the HTTP_PROXY variable.
- May 18, 2016
Internet pioneer Paul Vixie spoke with SearchSecurity about Internet crime, the glibc bug and other pervasive vulnerabilities that may never be eradicated.
- April 19, 2016
DHS says users need to uninstall QuickTime for Windows immediately as Apple quietly sends the software to its end of life following the disclosure of two zero-day flaws.
- April 14, 2016
The much-hyped Badlock bug is still important to patch, but raised issues with celebrity vulnerability promotion and responsible disclosure of security vulnerabilities.
- April 08, 2016
Vulnerability branding was once a practice that elevated understanding of flaws and potentially led to better remediation, but now serves as little more than marketing for security researchers.
- November 23, 2015
Adobe CSO Brad Arkin spoke at the recent Privacy. Security. Risk. 2015 event about his experiences dealing with the company's massive data breach two years ago.
- November 19, 2015
TechTarget 2015 Annual Salary and Careers Survey: Out of the myriad of security responsibilities for an enterprise, IT risk management and regulatory compliance occupy the most time.
- September 18, 2015
An internal audit of the U.S. Department of Homeland Security has been completed, detailing areas where its cyber mission has failed and what plans are in place to make improvements.
- July 29, 2015
Video: Security operations centers are critical to continuous network monitoring and detecting data breaches. Eric Cole discusses SOCs and the role security automation plays in them.
- June 26, 2015
RubyGems software packaging client was found to have a DNS vulnerability that redirects users to malicious gem servers.