-
Article
Despite benefits, skepticism surrounds bug bounty programs
Some people think bug bounty programs are the answers to vulnerability woes, yet others remain skeptical of the negative impacts they present. RSA Conference panelists discussed both sides of one of today's hottest and most controversial IT topics. Read Now
-
Article
Open source threat model aims to make enterprise safer with less work
An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business. Read Now
-
Article
Industry experts warn only cyberliability insurance covers breaches
Cyberliability insurance gains popularity as industry experts warn that, contrary to popular belief, general insurance won't protect against cyberattacks. Read Now
-
Article
Port monitoring critical to detecting, mitigating attacks using SSL
As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them. Read Now
Editor's note
The U.S. iteration of the RSA Conference is the information security industry's biggest annual conference. The event, which runs from Apr. 20-24 at the Moscone Center in San Francisco, showcases cybersecurity's hottest trends, tactics and technologies. SearchSecurity's editors will be covering all aspects of RSAC 2015, so check back often for keynote coverage, exclusive interviews and in-depth coverage of hot-button items like threat intelligence, Internet of Things security, nation-state cyberespionage and much more.
Top news stories from RSA 2015
RSA's Yoran pushes for radical change in infosec
New RSA President Amit Yoran says the information security industry and RSA need radical change to stop evolving threats.
Business savvy key to security success
Executives are finally paying attention to security, but experts say to benefit infosec leaders must learn business-savvy security skills and think long term.
1IoT, threat intelligence and security analytics
As interest in threat intelligence and security analytics skyrockets, plenty of other emerging technologies related to the Internet of Things, cloud computing, big data and the consumerization of IT are having a tremendous effect on enterprise information security programs. Learn what experts and practitioners are doing to get ahead of the negative security implications of emerging technologies.
-
Article
Cloud visibility a top concern ahead of RSA Conference 2015
In the cloud security realm, experts say improved cloud visibility and big data analytics are expected to be major themes at this year's RSA Conference. Read Now
-
Article
CSA, (ISC)2 introduce new cloud security certification
The Cloud Security Alliance and the International Information Systems Security Certification Consortium introduced a new, jointly developed cloud security certification. Read Now
-
Article
Waratek grabs RSA Innovation Sandbox honors
Runtime application self-protection startup Waratek wins coveted RSA Innovation award. Read Now
-
Article
Threat intelligence programs maturing despite staffing, tech obstacles
A Forrester analyst told RSA Conference 2015 attendees that enterprise threat intelligence programs are maturing, though obstacles like nascent technology and hard-to-find employees mean some firms may never reach full maturity. Read Now
-
Article
Government cybersecurity experts push for better information sharing
At RSA 2015, former federal officials called for better government cybersecurity cooperation between agencies and with the private sector. Read Now
-
Article
IoT discovery and federation controls lacking
IoT discovery and federation controls are lacking. Benjamin Jun says the answer is to build better IoT federation and trust protocols. Read Now
-
Article
How WestJet Airlines nixed network complexity, boosted security
At an RSA Conference session, attendees learned how WestJet Airlines' Security Architecture Made Simple with software-defined security and automation reduced network turbulence. Read Now
2 Exploring enterprise security management issues
A CISO's life is rarely ever dull. Security policies, metrics and program management issues may not seem exciting, but each can be key to preventing a devastating data breach or security incident. Learn how to get ahead of these and other vexing enterprise information security management issues with advice from experts at RSA Conference 2015.
-
Article
IT security and compliance: Get leadership on board to find balance
At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation. Read Now
-
Article
Successful women in security tout need for mentoring, encouragement
Female infosec pros say the industry needs to do more to not only encourage women to pursue infosec careers, but also help mentor them along the way. Read Now
-
Article
Hiring millennials key to reducing security workforce shortage
At RSA Conference 2015, speakers at an (ISC)2 panel said attracting and hiring millennials is a huge key to alleviating the worsening information security workforce shortage. Read Now
-
Article
Qualys introduces new Web application firewall, cloud agent at RSA 2015
Qualys introduced three new offerings at RSA Conference 2015, including an improved Web application firewall and a new cloud agent platform. Read Now
-
Article
Amazon, Google highlight cloud provider security issues at RSAC 2015
Amazon, Google, Microsoft and others discussed a range of cloud security issues during a panel discussion at RSA Conference 2015. Read Now
-
Article
Charney: Cloud computing transparency, control key to better security
At RSA Conference 2015, Microsoft's Scott Charney said cloud security products are the future, but to gain the trust of enterprise customers, they need to offer better cloud computing transparency and control. Read Now
-
Article
Cloud privacy, security improving, but obstacles remain
At RSA Conference 2015 security officials from Microsoft, Google and more discussed cloud security and privacy improvements and top threats today. Read Now
-
Article
Pescatore on security success: Breach prevention is possible
At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches. Read Now
-
Article
Effective data breach response plans hinge on human preparedness
Experts at a Verizon event at RSA Conference 2015 say no data breach response plan is complete until certain human factors are considered. Read Now
-
Article
RSA attendees ponder how to trim bloated security portfolios
At a roundtable discussion at RSA Conference 2015, security admins pondered what to do about bloated security portfolios. Read Now
-
Article
Clarity needed to cultivate next-gen cybersecurity workforce
Millennials are hesitant to pursue a career in cybersecurity, mainly because they aren't sure exactly what the job entails -- and if they have the proper training for it. Read Now
-
Article
On healthcare data security, not all security pros see unique challenges
At an RSA Conference 2015 discussion on healthcare data security, experts with decades of experience perceive a unique challenge, while security pros see similarities with other verticals. Read Now
-
Article
DevOps explained: Why experts call DevOps and security a perfect match
At RSA Conference 2015, a pair of DevOps proponents explained why the nascent movement to integrate development and IT operations staff pays security dividends. Read Now
3RSA 2015 video
Our editors and reporters talk with security experts on the hottest topics emerging from this year's RSA Conference.
-
Video
Watters: 'Cyber officers' are now risk officers for businesses
More data is thought to be a good thing in terms of threat intelligence, but iSight CEO John Watters says enterprises need to be aware of the quality and context of the data when assessing risk. Watch Now
-
Video
Growing threats make security vulnerability management essential
At RSA Conference 2015, Qualys CTO Wolfgang Kandek said enterprises need to be smart about how they tackle security vulnerabilities because there are simply too many for organizations to handle. Watch Now
-
Video
Haven't suffered a network security breach recently? Think again
If you think your organization hasn't suffered a network security breach in the last six months, you're just not looking closely enough, according to Eric Cole at RSA Conference 2015. Watch Now
-
Video
Advice to help today's CISOs succeed at security leadership
Renee Guttmann, vice president of the Office of the CISO at Accuvant, talks to SearchSecurity about security leadership, and offers advice to today's aspiring CISOs. Watch Now
-
Video
Why Web browser security is a goldmine for attackers
Video: Robert 'RSnake' Hansen of WhiteHat Security discusses Web browser security, third-party software vulnerabilities and the sad state of browser security throughout the industry. Watch Now
-
Video
Too much emphasis on threat intelligence sharing, Gula says
Tenable founder Ron Gula says sharing information to detect threats is great, but getting the security posture properly designed is the better option. Watch Now
-
Video
Security information sharing, visibility a missed opportunity
Video: Security information sharing and visibility platforms are being overlooked, according to Cisco's Martin Roesch, and that's a mistake. Watch Now
-
Video
IT consultants leading edge of Internet of Everything security
Cisco security services SVP Bryan Palma discusses how Cisco's consulting teams have an early view of how the Internet of Everything will roll out. Watch Now
-
Video
Want to increase IT security budget dollars? Get in your CEO's head
John Dickson, principal at Denim Group, talks to SearchSecurity at RSA Conference 2015 about tried and true ways security admins have been able to attain security dollars despite tight resources. Watch Now
-
Video
Inside the WhiteHat Aviator Web browser controversy
Robert 'Rsnake' Hansen of WhiteHat Security discusses the Aviator Web browser, why Google lashed out against it, the challenges of browser security and lessons learned for developing secure software. Watch Now
-
Video
Schneier: Incident response management key to surviving a data breach
Video: Bruce Schneier, CTO of Resilient Systems, talks to SearchSecurity about the importance of strong incident response management in reaction to the 'year of the data breach.' Watch Now
-
Video
Google's Adrian Ludwig talks about fighting Android threats
Google is fighting a constant battle against Android malware and vulnerabilities, and Adrian Ludwig, Google's lead for Android security, talks to SearchSecurity about how protections are getting better. Watch Now
-
Video
McGraw: IEEE helps find software development design flaws
Secure software expert Gary McGraw says the IEEE Center for Secure Design can help companies find patterns in their software security flaws. Watch Now
-
Video
Shadow cloud problem growing, SkyHigh Networks says
Kamal Shah of SkyHigh Networks talks with SearchSecurity about the rapid adoption of shadow cloud apps and services in the enterprise. Watch Now
-
Video
(ISC)2 responds to criticism with global academic program
(ISC)2 executive director David Shearer responds to criticisms about the organization's lack of introductory certifications within its global academic program. Watch Now
-
Video
McGraw: Software security testing is increasingly automated
Security software expert Gary McGraw says testing for security flaws must be automated if everything is going to be checked. Watch Now
-
Video
Cisco Security Services set for 2x product growth in 2015
Cisco's Bryan Palma discusses Cisco's strategy for security services and talks about the recent Neohapsis acquisition. Watch Now
-
Video
Network security improved by Cisco data mining
Cisco network security involves numerous users and products; Martin Roesch explains why the huge amount of data that results from this is a good thing. Watch Now
-
Video
From the frontlines: Horror stories on information breach response
Video: KPMG's Ronald Plesco has seen some crazy things in his time helping organizations in security incident response, and he shares some of them with SearchSecurity. Watch Now
-
Video
Stale, dead apps emerging as serious mobile security risks
At RSA 2015, Appthority president and co-founder Domingo Guerra outlines emerging mobile security risks enterprises must be aware of -- and the issues aren't limited to just bring your own devices (BYOD). Watch Now