Thought Leaders
Editors
Marilyn Cohodas
Marilyn Cohodas
Community Editor, Dark Reading
Kelly Jackson Higgins
Kelly Jackson Higgins
Executive Editor at Dark Reading
Sara Peters
Sara Peters
Senior Editor at Dark Reading
Tim Wilson
Tim Wilson
Editor in Chief, Dark Reading
Contributors
Tsion Gonen
Tsion Gonen
Chief Strategy Officer, SafeNet
Yoav Leitersdorf and Ofer Schreiber
Yoav Leitersdorf and Ofer Schreiber
Managing Partner & Partner, YL Ventures
Robert R. Ackerman Jr.
Robert R. Ackerman Jr.
Founder & Managing Director, Allegis Capital
Ryan Allphin
Ryan Allphin
Senior Vice President & General Manager, Security Management, McAfee
Dmitri Alperovitch
Dmitri Alperovitch
Co-Founder & CTO, CrowdStrike
François Amigorena
François Amigorena
Founder & CEO, IS Decisions
Ed Amoroso
Ed Amoroso
Chief Security Officer, AT&T
Bret Arsenault
Bret Arsenault
CISO, Microsoft
Liviu Arsene
Liviu Arsene
Senior E-threat Analyst, Bitdefender
Charles Babcock
Charles Babcock
Editor at Large, Cloud
Don Bailey
Don Bailey
Founder & CEO, Lab Mouse Security
Vijay Basani
Vijay Basani
CEO, EiQ Networks
Rohyt Belani
Rohyt Belani
CEO & Co-Founder, PhishMe
Anthony Di Bello
Anthony Di Bello
Director, Security Practice, Guidance Software
David Berlind
Chief Content Officer, UBM TechWeb
Rajat Bhargava
Rajat Bhargava
Co-Founder & CEO, JumpCloud
Michael Biddick
Michael Biddick
CEO, Fusion PPT
Bilton Bilton
Bilton Bilton
Luke Bilton, Director, Digital & Content, UBM
James Bindseil
James Bindseil
President & CEO, Globalscape
Boatner Blankenstein
Boatner Blankenstein
Senior Director, Solutions Engineering, Bomgar
Kevin Bocek
Kevin Bocek
VP Security Strategy & Threat Intelligence, Venafi
Ellis Booker
Ellis Booker
Technology Journalist
Kate Borten
Kate Borten
President, The Marblehead Group
Jennifer Bosavage
Jennifer Bosavage
Editor In Chief, Solution Providers for Retail
Bogdan Botezatu
Bogdan Botezatu
Senior E-threat Analyst, Bitdefender
Tom Bowers
Tom Bowers
Principal Security Strategist, ePlus Technologies
Stephen Boyer
Stephen Boyer
CTO & Founder, BitSight Technologies
Andre Boysen
Andre Boysen
EVP, Digital Identity Evangelist, SecureKey
Mark Bregman
Mark Bregman
Senior Vice President & Chief Technology Officer, Neustar
John Bumgarner
John Bumgarner
Chief Technology Officer for the U.S. Cyber Consequences Unit
Kristin Burnham
Kristin Burnham
Senior Editor, InformationWeek.com
Craig Carpenter
Craig Carpenter
President & COO, Resolution1 Security
David F Carr
David F Carr
Editor, InformationWeek Government/Healthcare
Pat Carroll
Pat Carroll
Executive Chairman & Founder, ValidSoft
Sol Cates
Sol Cates
CSO, Vormetric
Chris Chapman
Chris Chapman
Senior Methodologist, Spirent Communications
Ericka Chickowski
Ericka Chickowski
Contributing Writer, Dark Reading
Thomas Claburn
Thomas Claburn
Editor at Large, Enterprise Mobility
Kerstyn Clover
Kerstyn Clover
Attack & Defense Team Consultant
Michael Coates
Michael Coates
Chairman, OWASP; Director, Product Security, Shape Security
Mark L. Cohn
Mark L. Cohn
Chief Technology Officer, Unisys Federal Systems
Eric Cole
Eric Cole
Founder & Chief Scientist, Secure Anchor Consulting
Leo Cole
Leo Cole
GM, Security Solutions, Trustwave
Andrew Conry-Murray
Andrew Conry-Murray
Director of Content & Community, Interop
Lance Cottrell
Lance Cottrell
Chief Scientist, Ntrepid
Bob Covello
Bob Covello
Security Tech Veteran
George Crump
George Crump
President, Storage Switzerland
Michael K. Daly
Michael K. Daly
CTO, Cybersecurity & Special Missions, Raytheon Intelligence, Information & Services
Andy Daudelin
Andy Daudelin
VP Security Services, AT&T Business Solutions
Michael A. Davis
Michael A. Davis
Contributing Editor
Amy DeCarlo
Amy DeCarlo
Principal Analyst, Security and Data Center Services
Alison Diana
Alison Diana
Senior Editor
Boonsri Dickinson
Boonsri Dickinson
Associate Editor of BYTE
John Dickson
John Dickson
CISSP, Principal, Denim Group
Carric Dooley
Carric Dooley
WW VP of Foundstone Services, Intel Security
Paul Drapeau
Paul Drapeau
Principal Security Researcher, Confer
Andrey Dulkin
Andrey Dulkin
Senior Director, Cyber Innovation, CyberArk
Phil Dunkelberger
Phil Dunkelberger
President & CEO, Nok Nok Labs
Steve Durbin
Steve Durbin
Global VP, Information Security Forum
Adam Ely
Adam Ely
COO, Bluebox
Michael Endler
Michael Endler
Associate Editor, InformationWeek.com
Giora Engel
Giora Engel
VP Product & Strategy, LightCyber
Marisa Fagan
Marisa Fagan
Community Manager, Bugcrowd
Todd Feinman
Todd Feinman
President & CEO, Identity Finder
Jonathan Feldman
Jonathan Feldman
CIO, City of Asheville, NC
Greg Ferro
Greg Ferro
Network Architect & Blogger
Mike Fey
Mike Fey
EVP, GM of Corporate Products & CTO, Intel Security
Michael Finneran
Michael Finneran
President, dBrn Associates, Inc.
Adam Firestone
Adam Firestone
President & GM, Kaspersky Government Security Solutions
Roman Foeckl
Roman Foeckl
CEO & Founder, CoSoSys
Kevin Fogarty
Kevin Fogarty
Technology Writer
John Foley
John Foley
Editor, InformationWeek
Andrew Ford
Andrew Ford
Developer, Bugcrowd
Brian Foster
Brian Foster
CTO, Damballa
Paige Francis
Paige Francis
CIO for IT, Fairfield University
Mike Fratto
Mike Fratto
Former Network Computing Editor
Andrew Froehlich
Andrew Froehlich
President & Lead Network Architect, West Gate Networks
Dave Frymier
Dave Frymier
Chief Information Security Officer, Unisys
Sergio Galindo
Sergio Galindo
GM, GFI Software
Lorna Garey
Lorna Garey
Content Director, InformationWeek Reports
Brad Garlinghouse
Brad Garlinghouse
CEO, Hightail
Randy George
Randy George
Director, IT Operations, Boston Red Sox
Alexandra Gheorghe
Alexandra Gheorghe
Security Specialist, Bitdefender
Joshua Goldfarb
Joshua Goldfarb
CSO, nPulse Technologies
Rick Gordon
Rick Gordon
Managing Partner, Mach37 Cyber Accelerator
Keith Graham
Keith Graham
CTO, SecureAuth
Garret Grajek
Garret Grajek
CTO & COO, SecureAuth
Kevin E. Greene
Kevin E. Greene
Software Assurance Program Manager, Department of Homeland Security Science & Technology Directorate
Levi Gundert
Levi Gundert
Technical Lead, Cisco Threat Research, Analysis, and Communications (TRAC)
Christopher Hadnagy
Christopher Hadnagy
Founder & CEO, Social-Engineer, Inc.
Malcolm Harkins
Malcolm Harkins
Vice President and Chief Security and Privacy Officer, Intel Corporation
Matt Hartley
Matt Hartley
VP Product Management, iSIGHT Partners
Andrew Hay
Andrew Hay
Sr. Security Research Lead & Evangelist, OpenDNS
Doug Henschen
Doug Henschen
Executive Editor, Enterprise Apps
Joe Hernick
Joe Hernick
IT Director
Robert Hinden
Robert Hinden
Check Point Fellow & IPV6 Co-Inventor
David Holmes
David Holmes
World-Wide Security Evangelist, F5
J. Nicholas Hoover
J. Nicholas Hoover
Senior Editor, InformationWeek Government
Rick Howard
Rick Howard
CSO, Palo Alto Networks
Daniel Ingevaldson
Daniel Ingevaldson
CTO, Easy Solutions
Ravi Ithal
Ravi Ithal
Chief Architect, Netskope
William Jackson
William Jackson
Technology Writer
David Jacoby
David Jacoby
Sr. Security Researcher, Kaspersky Lab
Mike Jennett
Mike Jennett
Enterprise IT Mobility Program Director, HP
Dan Jones
Dan Jones
Mobile Editor
Sheila B. Jordan
Sheila B. Jordan
SVP & CIO, Symantec
Rick  Kam
Rick Kam - Rick Kam
President & Co-founder, ID Experts
TK Keanini
TK Keanini
CTO, Lancope
Dave Kearns
Dave Kearns
Analyst, Kuppinger-Cole
Tal Klein
Tal Klein
VP Strategy, Adallom
Bill Kleyman
Bill Kleyman
National Director of Strategy & Innovation, MTM Technologies
John Klossner
John Klossner
Cartoonist
Marianne Kolbasuk McGee
Marianne Kolbasuk McGee
Senior Writer, InformationWeek
George Kurtz
George Kurtz
President & CEO, CrowdStrike
Ray Le Maistre
Ray Le Maistre
Editor-in-chief
Felix Leder
Felix Leder
Senior Malware Researcher, Blue Coat Systems Norway
Martin Lee
Martin Lee
Technical Lead, Threat Research, Analysis & Communications, Cisco
Natalie Lehr
Natalie Lehr
Co-Founder & VP Analytics, TSC Advantage
Robert Lemos
Robert Lemos
Technology Journalist
Pete Lindstrom
Pete Lindstrom
Principal & VP Research, Spire Security
Ricky Link
Ricky Link
Managing Director, Coalfire Systems, Southwest Region
Becca Lipman
Becca Lipman
Senior Editor
Matt Little
Matt Little
VP Product Development, PKWARE
Eric Lundquist
Eric Lundquist
VP & Editorial Analyst for InformationWeek Business Technology Network
Calum MacLeod
Calum MacLeod
VP, EMEA, Lieberman Software
Marc Maiffret
Marc Maiffret
CTO, BeyondTrust
Elena Malykhina
Elena Malykhina
Technology Journalist
Kurt Marko
Kurt Marko
Contributing Editor
Howard Marks
Howard Marks
Network Computing Blogger
Leonard T. Marzigliano
Leonard T. Marzigliano
CISSP-ISSMP, Information Assurance Architect, Defense Logistics Agency
Sean Mason
Sean Mason
VP, Incident Response, Resolution1 Security
Paul McDougall
Paul McDougall
Editor At Large, InformationWeek
Martin McKeay
Martin McKeay
Senior Security Advocate, Akamai
Laurianne McLaughlin
Laurianne McLaughlin
Editor-in-Chief, InformationWeek.com
Michelle McNickle
Michelle McNickle
Associate Editor of InformationWeek Healthcare
Jasmine McTigue
Jasmine McTigue
Principal, McTigue Analytics
David Melnick
David Melnick
Founder & CEO, WebLife Balance
Grayson Milbourne
Grayson Milbourne
Director, Security Intelligence, Webroot
Grant Moerschel
Grant Moerschel
Co-Founder, WaveGard
Scott  Montgomery
Scott Montgomery - Scott Montgomery
VP and CTO-Americas & Public Sector, Intel Security
Ken  Munro
Ken Munro - Ken Munro
Partner & Founder, Pen Test Partners LLP
Chris Murphy
Chris Murphy
Editor, InformationWeek
Lysa Myers
Lysa Myers
Security Researcher, ESET
Corey Nachreiner
Corey Nachreiner
Director, Security Strategy & Research, WatchGuard Technologies
Alon Nafta
Alon Nafta
Senior Security Researcher, SentinelOne
Kaushik Narayan
Kaushik Narayan
CTO, Skyhigh Networks
Kaushik Narayan
Kaushik Narayan
Co-Founder and CTO at Skyhigh Networks
Krishna Narayanaswamy
Krishna Narayanaswamy
Founder & Chief Scientist, Netskope
Wendy Nather
Wendy Nather
Research Director, Enterprise Security Practice
Saryu Nayyar
Saryu Nayyar
CEO, Gurucul
Fritz Nelson
Fritz Nelson
Vice President, Editorial Director InformationWeek Business Technology Network
Fredrik Nilsson
Fredrik Nilsson
General Manager, Axis Communications, North America
Evelyn De Souza & Richard Noguera
Evelyn De Souza & Richard Noguera
Cloud Security Alliance Data Governance Chair & Cloud Compliance & Data Privacy Strategy Leader, Cisco
Roma Nowak
Roma Nowak
Sr Director Web Operations & Production
Susan Nunziata
Susan Nunziata
Editorial Director
Chris Nutt
Chris Nutt
Director, Incident Response & Malware, Mandiant
Thomas Pedersen
Thomas Pedersen
CEO & Founder, OneLogin
John W. Pirc
John W. Pirc
Research Vice President, NSS Labs
Dave Piscitello
Dave Piscitello
VP Security, ICANN
Jason Polancich
Jason Polancich
Founder & Chief Architect, SurfWatchLabs
Malte Pollmann
Malte Pollmann
CEO, Utimaco
Larry Ponemon
Larry Ponemon
Chairman & Founder, Ponemon Institute
Nitin Pradhan
Nitin Pradhan
Managing Partner, GOVonomy
Rob Preston
Rob Preston
VP & Editor in Chief, InformationWeek
Brian Prince
Brian Prince
Contributing Writer, Dark Reading
Tom Quillin
Tom Quillin
Director of Cyber Security Technology & Initiatives, Intel Corporation
Kevin T. Reardon
Kevin T. Reardon
VP, Worldwide Strategy at McAfee, part of Intel Security
Jim Reavis
Jim Reavis
Co-Founder & Executive Director, Cloud Security Alliance
Thibault Reuille
Thibault Reuille
Security Researcher, OpenDNS
Brian Riley
Brian Riley
Technical Director, Government Programs, Green Hills Software
Steve Riley
Steve Riley
Technical Leader, Office of the CTO, Riverbed Technology
Cam Roberson
Cam Roberson
Director Reseller Channel, Beachhead Solutions
Bradon Rogers
Bradon Rogers
Senior Vice President, Worldwide Product and Solution Marketing, McAfee
Tim Rohrbaugh
Tim Rohrbaugh
VP Information Security, Intersections Inc.
Dan Ross
Dan Ross
CEO & President, Promisec
John Rostern
John Rostern
CRISC, QSA, VP Technology Audit & Advisory Services, Coalfire
Mike Rothman
Mike Rothman
Analyst & President, Securosis
Chris Rouland
Chris Rouland
Founder & CEO, Bastille
Jeff Rubin
Jeff Rubin
Co-Founder & VP, Beachhead Solutions
Jason Sachowski
Jason Sachowski
Senior Forensic Investigator, Scotiabank
Nick Sanna
Nick Sanna
President, Digital Risk Management Institute
Tim Sapio
Tim Sapio
Security Analyst, Bishop Fox
Marcia Savage
Marcia Savage
Managing Editor, Network Computing
John H. Sawyer
John H. Sawyer
Contributing Writer, Dark Reading
Ira Scharf
Ira Scharf
Chief Strategy Officer, BitSight Technologies
Jeff Schilling
Jeff Schilling
CSO, Firehost
Jeff Schmidt
Jeff Schmidt
Founder & CEO of JAS Global Advisors LLC
Jaeson Schultz
Jaeson Schultz
Threat Research Engineer, Cisco TRAC Team
Nick Selby
Nick Selby
CEO, StreetCred Software, Inc
Michael  Sentonas
Michael Sentonas - Michael Sentonas
Vice President, Chief Technology Officer, Security Connected at McAfee, part of Intel Security
Greg Shannon
Greg Shannon
Ph.D., chair, IEEE Cybersecurity Initiative & Chief Scientist, CERT Division, Carnegie Mellon University Software Engineering Institute
Kelly Sheridan
Kelly Sheridan
Associate Editor, InformationWeek
JD Sherry
JD Sherry
VP Technology & Solutions, Trend Micro
Kevin Smith
Kevin Smith
VP, The Graham Company
Phil Smith
Phil Smith
SVP Security Solutions, Trustwave
Mark Goldstein & Arun Sood
Mark Goldstein & Arun Sood
Principal, SafeSecurePrivate / PhD, Founder & CEO, SCIT Labs
Troy Leach and Christopher Strand
Troy Leach and Christopher Strand
Chief Technology Officer, PCI Security Standards Council & Senior Director of Compliance, Bit9
Michael Sutton
Michael Sutton
VP Security Research, Zscaler
Shahar Tal
Shahar Tal
Vulnerability & Security Research Manager, Check Point Software Technologies
Bankim Tejani
Bankim Tejani
Senior Security Architect, ServiceMesh
J.J. Thompson
J.J. Thompson
CEO & Managing Director, Rook Security
John Trobough
John Trobough
CEO, Narus
Bala Venkat
Bala Venkat
CMO, Cenzic
Jai Vijayan
Jai Vijayan
Freelance writer
Paul Vixie
Paul Vixie
Chairman & CEO, Farsight Security, Inc.
Mitch Wagner
Mitch Wagner
California Bureau Chief, Light Reading
Julian Waits
Julian Waits
President & CEO, ThreatTrack Security
Mike Walls
Mike Walls
Managing Director Security Operations & Analysis, EdgeWave
Peter Waterhouse
Peter Waterhouse
Senior Technical Marketing Advisor, CA Technologies
Kevin Watson
Kevin Watson
CEO, VendorSafe
Vincent Weafer
Vincent Weafer
Senior Vice President, McAfee Labs
Mark Weinstein
Mark Weinstein
Founder & CEO, Sgrouples
Chris Weltzien
Chris Weltzien
CEO, 6Scan
Bob West
Bob West
Chief Trust Officer, CipherCloud
Lorie Wigle
Lorie Wigle
Vice President, General Manager IOT Security Solutions, Intel Security Group
Jeff Williams
Jeff Williams
CTO, Aspect Security & Contrast Security
Ira Winkler
Ira Winkler
Co-Founder & President, Secure Mentem, Inc.
Timber Wolfe
Timber Wolfe
Principal Security Engineer, TrainACE
Candace Worley
Candace Worley
SVP & GM, Endpoint Security Business, Intel Security
Candace Worley
Candace Worley
SVP & GM, Endpoint Security, McAfee
Amit Yoran
Amit Yoran
President, RSA
Lucas Zaichkowsky
Lucas Zaichkowsky
Enterprise Defense Architect, AccessData
Peter Zavlaris
Peter Zavlaris
Analyst, RiskIQ
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8617
Published: 2015-03-04
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via the release parameter to module/re...

CVE-2015-2209
Published: 2015-03-04
DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.

CVE-2014-7896
Published: 2015-03-03
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before ...

CVE-2014-9283
Published: 2015-03-03
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2014-9683
Published: 2015-03-03
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.