• May 07, 2015 07 May'15

    Inside the WhiteHat Aviator Web browser controversy

    Robert 'Rsnake' Hansen of WhiteHat Security discusses the Aviator Web browser, why Google lashed out against it, the challenges of browser security and lessons learned for developing secure software.

  • May 06, 2015 06 May'15

    Experts debate the value and future of data loss prevention tools

    Data loss prevention tools have been on the market for close to 10 years, but adoption and deployment are still inconsistent. Experts point to a shift in how enterprises will deploy DLP moving forward.

  • May 06, 2015 06 May'15

    Microsoft debuts password-free Windows Hello, PatchTuesday changes

    Microsoft Ignite 2015 showed that Microsoft may have rethought the Tuesday part of Patch Tuesday, but Windows Update is stronger than ever.

  • May 05, 2015 05 May'15

    Local Administrator Password Solution aims to stop credential replay

    Microsoft has released its Local Administrator Password Solution for a common admin login account across all domain-joined computers in hopes that it will decrease pass-the-hash attacks.

  • May 04, 2015 04 May'15

    Anti-sandbox capabilities found in Dyre malware

    Seculert research discovers that a new version of the financial malware Dyre is avoiding sandbox detection by counting the number of cores.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • May 01, 2015 01 May'15

    Subscription model for SSL certificates could be easier and cheaper

    A Utah-based startup hopes to change the way enterprises buy SSL certificates to a subscription model, and one expert thinks it could work as long as enterprises can trust the security.

  • May 01, 2015 01 May'15

    Government cybersecurity flounders as cybersecurity bills pass House

    News roundup: Many believe the government should help avert cybersecurity woes, yet two House-approved cybersecurity bills are frowned upon. Plus: DDoS increase linked to IoT; Google password alert; 70% put networks at risk with undocumented changes.

  • April 30, 2015 30 Apr'15

    How WestJet Airlines nixed network complexity, boosted security

    At an RSA Conference session, attendees learned how WestJet Airlines' Security Architecture Made Simple with software-defined security and automation reduced network turbulence.

  • April 30, 2015 30 Apr'15

    Government agencies struggling with security data analytics

    Security data analytics are a must-have for government agencies to stay one step ahead of cyber attackers, according to a study conducted by MeriTalk.

  • April 29, 2015 29 Apr'15

    Port monitoring critical to detecting, mitigating attacks using SSL

    As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them.

  • April 29, 2015 29 Apr'15

    Secunia: End-of-life software posing a big security risk

    Secunia's quarterly Personal Software Inspector (PSI) report shows that while OS and application patching has remained steady, users may be ignoring end-of-life software and the risks associated with it.

  • April 29, 2015 29 Apr'15

    IT security and compliance: Get leadership on board to find balance

    At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation.

  • April 29, 2015 29 Apr'15

    RSA Conference 2015 recap: Record attendance, record stakes

    This year's RSA Conference once again broke the previous year's attendance record. Is the show getting too big for San Francisco? Plus key takeaways and final words from our executive editor.

  • April 28, 2015 28 Apr'15

    Comparing the top SSL VPN products

    Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them.

  • April 28, 2015 28 Apr'15

    Open source threat model aims to make enterprise safer with less work

    An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business.