Evaluate

Evaluate

Weigh the pros and cons of technologies, products and projects you are considering.

• Facebook user data: How do malicious apps steal user data?

  Malicious apps collected Facebook user data through Facebook APIs. Expert Michael Cobb explains how social networking platforms can monitor third-party apps' access to data. Continue Reading

• UPnP vulnerability: How is the UPnP protocol being misused?

  The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading

• SIEM benefits include efficient incident response, compliance

  SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting. Continue Reading

• What does the expansion of MANRS mean for BGP security?

  The Internet Society expanded MANRS to crack down on BGP security. Expert Michael Cobb explains what MANRS is and its implications for BGP server security. Continue Reading

• Three steps to improve data fidelity in enterprises

  Ensuring data fidelity has become crucial for enterprises. Expert Char Sample explains how to use dependency modeling to create boundaries and gather contextual data. Continue Reading

• A comprehensive guide to SIEM products

  Expert Karen Scarfone examines security information and event management systems and explains why SIEM systems and SIEM products are crucial for enterprise security.Continue Reading

• Domain fronting: Why cloud providers are concerned about it

  Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why.Continue Reading

• Incident response playbook in flux as services, tools arrive

  IR is shifting, with new technology, automation, machine learning and third-party services changing how IR is performed. But in-house security will remain central.Continue Reading

• How to integrate an incident response service provider

  Adding a third-party incident response service to your cybersecurity program can bulk up enterprise defenses, but the provider must be integrated carefully to reap the benefits.Continue Reading

• Machine learning security, a real advance in tech protection

  Some pioneers of AI in cybersecurity find progress thus far limited, but machine learning still offers an advancement in protecting enterprise networks and data.Continue Reading

• How bad is the iBoot source code leak for Apple security?

  The iBoot source code on Apple devices was leaked to the public on GitHub. Expert Michael Cobb explains how it happened and what the implications are for iOS security.Continue Reading

• Are Meltdown and Spectre real vulnerabilities or mere flaws?

  There's been some debate over whether Meltdown and Spectre are true vulnerabilities. Expert Michael Cobb discusses what qualifies as a vulnerability and if these two make the cut.Continue Reading

• A security operations center for hire? Something to consider

  There are some good reasons your company should consider hiring a third party to provide SOC services, but certain aspects of security operations should be kept in-house.Continue Reading

• SOC services: How to find the right provider for your company

  SOCs are the latest services you can now outsource rather than build in-house. But should you entrust them to a third party? Yes—but make sure you know how to pick the best.Continue Reading

• Will biometric authentication systems replace passwords?

  Biometric authentication systems have gained traction on mobile devices, but when will they become dominant within the enterprise? Expert Bianca Lopes weighs in on the topic.Continue Reading