Data security technology and strategy
- March 24, 2020
What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.
- February 12, 2020
Vendors specializing in data security, risk and compliance, and IAM raised the most funding in 2019, according to Momentum Cyber, a strategic advisor and investment bank for the cybersecurity industry.
- January 28, 2020
Researchers unveiled a new speculative execution attack that leaks data from most Intel microprocessors and gives attackers greater control over what data is leaked.
- August 14, 2019
Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics.
- August 09, 2019
Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal.
- April 19, 2019
During the launch of the Forcepoint Cyber Experience Center in Boston, Forcepoint execs emphasized the need for adopting a new approach to cybersecurity that focuses on the human factor.
- April 15, 2019
With the release of programs like Access Transparency, Virtual Private Cloud and GKE Sandbox, Google aims to improve Google Cloud security and identity protection.
- March 07, 2019
Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team.
- November 20, 2018
Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most AWS exposures, is doubtful the changes will end the problem.
- May 17, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it.
- April 06, 2018
Researchers found misconfigured cloud storage across multiple platforms left huge amounts of data exposed, including medical information and payroll data.
- July 14, 2017
News roundup: An AWS S3 bucket leak containing personal data of millions of Verizon customers was exposed to the public. Plus, DNC hack victims are suing the Trump campaign, and more.
- June 29, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the Republican National Committee's voter database was accidentally exposed in an Amazon S3 bucket.
- November 13, 2015
News roundup: WebSphere, JBoss, Jenkins and more hit by Java vulnerability in an open source library. Plus, SAP HANA deals with critical vulnerabilities, and more.
- October 09, 2015
News roundup: The EU Court has invalidated the Safe Harbor agreement, leaving companies scrambling to deal with overseas data transfers securely. Plus: SHA-1 collision attack; NIST email security initiatives; worry over cyberthreats.
- August 25, 2015
Video: Threat intelligence tools are a growing market and enterprises need to be able to see through the hype to get the best product for them.
- June 02, 2015
Researchers find that insecure implementation of cloud backups by mobile apps may affect hundreds of thousands of apps and leave as many as 56 million credentials exposed.
- May 21, 2015
A new study shows enterprises with security analytics are confident in their threat detection capabilities, while those without are overwhelmed by copious false positives and alerts.
- April 01, 2015
Competition for Hadoop-based analytics may put tools and services within reach for large and midsize organizations, says Robert Richardson.
- March 04, 2015
NoSQL database security has taken a backseat to performance in Hadoop-based security big data analytics systems, but that may soon change thanks to growing demand and maturing NoSQL security products.
- January 06, 2015
Research from IBM indicates cyberattackers are going after retailers with surgical precision, using fewer attack attempts yet frequently compromising vulnerable databases.
- October 27, 2014
Research from Nemertes shows an increasing percentage of enterprises are utilizing big data analytics for security as traditional defenses fail to hold off attackers.
- July 18, 2014
With another round of patches for several serious Java flaws, Oracle's quarterly CPU showed that Java security problems are not receding.
- May 15, 2014
Attorney Francoise Gilbert analyzes the White House big data initiative and the data security and privacy ramifications for enterprises.
- April 04, 2014
OpenDNS CTO Dan Hubbard says big data techniques like machine learning and data mining can be used to spot and mitigate unknown Internet threats.
- April 01, 2014
When will big data technologies move past the hype and help security teams?
- February 28, 2014
Verizon is touting its largest-ever data set for the 2014 DBIR, but the gap is widening between when breaches happen and when they're discovered.
- February 28, 2014
Security vendors often claim that attackers are unpredictable, but two Verizon DBIR researchers say better data can find recognizable patterns.
- February 26, 2014
At the 2014 RSA Conference, a trio of CISOs said that SIEM still has its uses, but when it comes to big data analytics, tools like Splunk are needed.
- January 28, 2014
The Online Trust Alliance marks Data Privacy Day with events to help enterprises plan for inevitable data protection and privacy incidents.
- January 27, 2014
A researcher says Oracle hasn't properly addressed long-standing Oracle Forms and Reports flaws, which could be exploited to gain remote access.
- January 21, 2014
The first Oracle Critical Patch Update of 2014 included fixes for 36 Java vulnerabilities, but only 5 Oracle Database vulnerabilities. Why so few?
- November 11, 2013
KEYW spin-off Hexis Cyber Solutions has introduced a security data analytics system that competes with RSA's former NetWitness entry.
- November 01, 2013
Wading into the murky waters of security metrics? Jay Jacobs offers his take on data collection and incident reporting with the VERIS framework.
- August 01, 2013
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer?
- February 28, 2013
RSA's Art Coviello explains why the shortcomings of current mainstream security products are part of what's driving enterprise interest in big data.
- February 27, 2013
CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts.
- October 24, 2012
Trusted insiders often play a role in IP theft, according to a new report. Spot the warning signs and apply the right data protection, say experts.
- July 26, 2012
At Black Hat 2012, longtime Oracle thorn David Litchfield presents working exploits targeting Oracle database indexing vulnerabilities.
- June 12, 2012
The research firm says big data security analysis will be critical to fighting off advanced attacks, but few easy technology options exist today.
- February 28, 2012
RSA’s Arthur Coviello urged security pros to break down silos and intelligence-driven security programs, or face a tough year.
- January 16, 2012
Symantec said the $115 million-dollar deal boosts its e-discovery business and offer security and antispam capabilities for on-premise and hosted email.
- July 05, 2011
Data reduction software is an essential part of any computer forensics process. Expert Richard W. Walker looks at data reduction software tools and processes and the role they play.
- April 28, 2011
Column: What do recent data breaches at RSA, WordPress and Sony have in common? Companies must not only find weaknesses, but also actively hunt down intruders.
- March 23, 2011
The security giant is expanding into the database security market, announcing its intention to acquire Sentrigo. The terms of the deal were not released.
- February 15, 2011
Solera Networks has updated its OS network forensics platform, adding reporting of malware threats, new application classification and tools to give more visibility into the network.
- September 27, 2010
Study finds the need for more oversight of state agencies and recommends new laws that hold agencies and third-party service providers accountable for their security programs.
- November 30, 2009
Deal reportedly worth $225 million.
- October 16, 2009
A Burton Group study identified the leaders in the data leakage prevention market and found some enterprises deploying the technology to educate end users about security policies.
- September 10, 2009
MSSP and PCI compliance firm buys one of dwindling field of independent DLP vendors.
- September 02, 2009
Database security vendor Sentrigo today released some detail about a flaw discovered a year ago in Microsoft SQL Server that exposes passwords stored in memory as cleartext. Microsoft is not planning to patch this flaw. Sentrigo released a free ...
- February 04, 2009
A new open source fuzzing tool is available to test PL/SQL applications for security vulnerabilities. The free tool was developed by database security vendor Sentrigo.
- December 23, 2008
Code is publicly available targeting an unpatched flaw in SQL Server to gain access to critical files and execute malicious code.
- October 29, 2008
Company joins a number of vendors in the application hardening market with a technology that embeds protections in a program at compile time.
- June 17, 2008
Fortinet said that IPLocks' vulnerability scanning technology will help it broaden its portfolio beyond application security.
- August 02, 2007
Database security researcher, David Litchfield of UK-based NGS Software will release a free Forensic Examiners Database Scalpel, he says could aid data breach investigations.
- February 08, 2007
Despite the Oracle CEO's no-show, the database software giant talked up its framework for secure data sharing; meanwhile, CA's CEO called for simplified security products.
- February 05, 2007
Times have changed, and RSA Conference keynote speakers no longer need cryptography and security backgrounds. This year's headliners include several rock stars of the IT industry, along with some newcomers and several old veterans.
- August 02, 2006
Black Hat: Database security guru David Litchfield unveils 20-plus IBM Informix flaws that attackers could exploit to create malicious files, gain DBA-level privileges and access sensitive data.
- October 26, 2005
They may not be. But a new survey suggests more IT shops are taking an interest in open source options, partly because of security holes in mainstream databases.
- October 24, 2005
As database administrators digest Oracle's supersize patch release, security experts warn of unfixed flaws and at least one exploit.
- October 11, 2005
Expert Derek Melber signals a warning about securing user accounts in your domain. using Active Directory.
- September 27, 2005
Auditors are honing in on directory services to see if companies have internal controls now mandated by law.
- June 20, 2005
Just one day after the FTC hands down its ruling on the BJ's privacy breach, CardSystems reveals it failed to protect the data of 40 million credit card customers.
- May 29, 2005
Numerous flaws in Oracle's Metalink Knowledge Base could reveal sensitive customer reports on vulnerabilities and other matters. Other vendors may also be affected.
- November 01, 2004
Political activists and IT experts fear security glitches could affect e-voting machines -- and the outcome of a close presidential race.
- August 04, 2004
Researchers have identified 34 vulnerabilities in Oracle's database; the majority of the flaws are critical.
- July 29, 2004
The second of a two-part interview with SPI Dynamics CTO Caleb Sima tells what you should fear, why and what you can do to mitigate your risk.
- July 26, 2004
SQL injection exploits may soon be as common as those targeting Windows and Unix flaws, experts say. An estimated 60% of Web applications using dynamic content are likely vulnerable, with devastating consequences for an enterprise. A presentation of...
- January 23, 2004
This weekend marks the one-year anniversary of the debut of the SQL Slammer worm, an infamous time in information-security annals. Experts remind administrators that the lessons learned a year ago remain relevant today.
- April 21, 2003
SAN FRANCISCO -- The growth rate of system and software vulnerabilities has tripled in the last 24 months to 60 per month, and new viruses are popping up at a rate of 10 to 15 a month. In the meantime, enterprises are being bombarded with constant ...
- January 17, 2002
Top 10 database security headaches