What I Expect to See At Black Hat 2016: 5 Themes
Over the years, Black Hat has morphed from a little show for security researchers to a big conference that attracts everyone from black-hat hackers to C-level security execs. Here’s what piques my interest this year.
How Not To Write A Pen Test RFP
The downside of a failed request for a penetration test proposal is a no-win situation for everyone. Here are five common mistakes to avoid.
The Newbie’s 'How To Survive Black Hat' Guide
There’s little chance you won’t be totally exhausted after “drinking from the information firehose” all week. But if you follow these eight steps, it will be a very satisfying kind of fatigue.
Mind The Gap: CISOs Versus 'Operators'
How open communication among security execs and analysts, incidents responders, and engineers can help organizations stay on top of the constantly changing threat landscape.
Security Lessons from My Financial Planner
Security investments can be viewed as a portfolio. If we think in portfolio terms, we realize that ROI is a backwards-looking measure. What else can we learn from financial planners?
‘Bug Poachers:’ A New Breed of Cybercriminal
As if security researchers don’t have enough to worry about, we now have to contend with extortionists who take advantage of the well-established fact that applications are a ripe target for exploitation.
A Look Back At Dark Reading's Best 10 Years (So Far)
The past decade in security -- from botnets that were bigger than some service provider networks to vulnerabilities that affected not only whole industries but the very fabric of the internet. And much, much more...
Revealing Lessons About Vulnerability Research
It’s not clear why a dozen FBI agents showed up at a security researcher’s door last month but as cyber becomes more a factor in product safety, our judicial system needs to get a better grasp on who the real criminals are.