BEST PRACTICES: How testing for known memory vulnerabilities can strengthen DevSecOps

DevOps wrought Uber and Netflix. In the very near future DevOps will help make driverless vehicles commonplace.
Related: What’s driving  ‘memory attacks’
Yet a funny thing has happened as DevOps – the philosophy of designin… Continue reading BEST PRACTICES: How testing for known memory vulnerabilities can strengthen DevSecOps

SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

It’s difficult to convey the scope and scale of cyber attacks that take place on a daily basis, much less connect the dots between them.
Related: The Golden Age of cyber spying
A new book by Dr. Chase Cunningham —  … (more…… Continue reading SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

NEW TECH: Why it makes more sense for ‘PAM’ tools to manage ‘Activities,’ instead of ‘Access’

Privileged Access Management (PAM) arose some 15 years ago as an approach to restricting  access to sensitive systems inside of a corporate network.
Related: Active Directory holds ‘keys to the kingdom’
The basic idea was to make sure … Continue reading NEW TECH: Why it makes more sense for ‘PAM’ tools to manage ‘Activities,’ instead of ‘Access’

STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

We’ve come to rely on our smartphones to live out our digital lives, both professionally and personally.
When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets whi… Continue reading STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

Cyber criminals who specialize in plundering local governments and school districts are in their heyday.
Related: How ransomware became a scourge
Ransomware attacks and email fraud have spiked to record levels across the U.S. in each of the past &#8230… Continue reading BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

Deploying the latest, greatest detection technology to deter stealthy network intruders will take companies only so far.
Related: What we’ve learned from the massive breach of Capitol One
At RSA 2020, I learned about how one of the routine &#8230… Continue reading BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

DevOps is now table stakes for any company hoping to stay competitive. Speed and agility is the name of the game. And everyone’s all-in.
Related: A firewall for microservices
DevSecOps arose to insert security checks and balances into DevOps, aim… Continue reading NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

Q&A: Accedian’s Michael Rezek on using ‘Network Traffic Analysis’ to defend hybrid networks

Defending business networks isn’t getting any easier. Companies can have the latest, greatest perimeter defenses, intrusion detection systems and endpoint protections – and attackers will still get through. Just ask Equifax or Capital One.
Continue reading Q&A: Accedian’s Michael Rezek on using ‘Network Traffic Analysis’ to defend hybrid networks

NEW TECH: QuoLab advances ‘Security Operations Platform’ — SOP — technology

Defending enterprise networks has become a convoluted challenge, one that is only getting more byzantine by the day.
I’ve written about the how SIEMs ingest log and event data from all across hybrid networks, and about how UEBA and SOAR… (m… Continue reading NEW TECH: QuoLab advances ‘Security Operations Platform’ — SOP — technology

MY TAKE: Juniper Networks directs ‘ML’ pattern recognition towards security tasks — at router level

Machine learning (ML) and digital transformation (DX) go hand in glove.
We’ve mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated.
Related: Defend… Continue reading MY TAKE: Juniper Networks directs ‘ML’ pattern recognition towards security tasks — at router level