News

Network intrusion detection and prevention IDS IPS

• August 05, 2015 05 Aug'15

  Security machine learning methods needed to adapt to evolving threats

  Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats.

• June 03, 2015 03 Jun'15

  Adversaries never sleep: unknown malware downloaded every 34 seconds

  In its 2015 Security Report, Check Point Software has found adversaries are exploiting the ease of creating unknown malware to boost the chance of a successful attack, and sandboxing adoption may be the best way to mitigate risk.

• May 21, 2015 21 May'15

  Too many false positives, security alerts inundate enterprise, study says

  A new study shows enterprises with security analytics are confident in their threat detection capabilities, while those without are overwhelmed by copious false positives and alerts.

• April 29, 2015 29 Apr'15

  Port monitoring critical to detecting, mitigating attacks using SSL

  As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them.

• March 09, 2015 09 Mar'15

  For threat intelligence programs, ROI evaluation proves tricky

  Threat intelligence programs are taking root in many enterprises, but experts say variables like disparate service offerings, pricing models and response capabilities make ROI evaluation a vexing proposition.

• March 04, 2015 04 Mar'15

  Big data security analytics: Can it revolutionize information security?

  Demetrios Lazarikos describes the security big data system he implemented at retail giant Sears, as well as how it helped thwart retail fraud activity and how he convinced executives to support the implementation.

• February 26, 2015 26 Feb'15

  HP: Threat intelligence sources need vetting, regression testing

  According to HP Security Research, threat intelligence best practices can be difficult to implement, and even the most trustworthy sources must be tested for fidelity.

• February 23, 2015 23 Feb'15

  Cisco touts OpenAppID for internal application traffic visibility

  Use of Cisco's OpenAppID application-layer traffic-detection tool is still modest compared to Snort, but the networking giant says it can help enterprises improve traffic visibility on internal applications.

• February 13, 2015 13 Feb'15

  Security information sharing: A double-edged sword

  News roundup: While data sharing can boost intelligence and improve security, recent events show the benefits don't always outweigh the pitfalls. Plus: Chip-enabled POS systems coming quickly; MongoDB databases exposed; sophisticated phishing scams.

• June 24, 2014 24 Jun'14

  On prevention vs. detection, Gartner says to rebalance purchasing

  At its annual security confab, the research giant said enterprises buy too much threat prevention and not enough detection and response technology.

• March 10, 2014 10 Mar'14

  How will Cisco-Sourcefire security combo affect Cisco product roadmap?

  New Cisco CTO Martin Roesch says the Cisco product roadmap for network security will include a robust NGFW using Sourcefire technology.

• February 25, 2014 25 Feb'14

  Cisco security strategy update: Cisco adds Sourcefire AMP to gateways

  The networking giant unveils a new strategy highlighting Sourcefire technology, including new open source application firewall features for Snort.

• February 19, 2014 19 Feb'14

  Windows Error Reporting may provide intelligence to attackers

  Attackers may be able to use Windows crash data to find their targets' weaknesses, but enterprises can turn the tables via better anomaly detection.

• October 15, 2013 15 Oct'13

  The role of the enterprise intrusion prevention system in APT defense

  One research group says an enterprise IPS can't help detect APTs. But network security expert Brad Casey explains why that isn't necessarily true.

• May 21, 2013 21 May'13

  Sourcefire updates malware detection, malware analysis capabilities

  New features for detecting and analyzing malware in Sourcefire's FireAMP and FirePOWER products supplement flagging signature-based antimalware.