Collaborate Disseminate
This is the first of a series of articles that introduces and explains application programming interfaces (API) security threats, challenges, and solutions for participants in software development, operations, and protection. Purpose of article series … Continue reading Understanding the basics of API security
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice. Obviously, enterprise teams should i… Continue reading Client-side web security
As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees of effectiveness against different threats. A premise of this article is tha… Continue reading Understanding web security solutions
Threats to web security are explained in this first of a three-part article series, and client-side security is shown to address a commonly missed class of cyber attack exemplified by Magecart. Traditional solutions to web security are outlined, includ… Continue reading A client-side perspective on web security
This article is fifth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of how deception fits into information risk management strategies… Continue reading Cyber risk management and return on deception investment
This article is fourth in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of using deception as part of a proactive defense, including str… Continue reading Deception for proactive defense
This article is the second in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of the central role that authenticity plays in the establish… Continue reading Deception technology: Authenticity and why it matters
This article is first in a five-part series being developed by Dr. Edward Amoroso in conjunction with the deception technology team from Attivo Networks. The article provides an overview of the evolution of deception, including its use in the enterpris… Continue reading An introduction to deception technology
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber… Continue reading The future of OT security in modern industrial operations
The reason SCADA security is so controversial stems primarily from the intense consequences that come from a compromise in this area. In this podcast, Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of … Continue reading Safe IT/OT integration with unidirectional security gateways