Thought Leaders
Editors
Marilyn Cohodas
Marilyn Cohodas
Community Editor, Dark Reading
Kelly Jackson Higgins
Kelly Jackson Higgins
Executive Editor at Dark Reading
Sara Peters
Sara Peters
Senior Editor at Dark Reading
Tim Wilson
Tim Wilson
Editor in Chief, Dark Reading
Contributors
Robert R. Ackerman Jr.
Robert R. Ackerman Jr.
Founder & Managing Director, Allegis Capital
François Amigorena
François Amigorena
Founder & CEO, IS Decisions
Ed Amoroso
Ed Amoroso
Chief Security Officer, AT&T
Bret Arsenault
Bret Arsenault
CISO, Microsoft
Charles Babcock
Charles Babcock
Editor At Large, InformationWeek
Don Bailey
Don Bailey
Founder & CEO, Lab Mouse Security
Vijay Basani
Vijay Basani
CEO, EiQ Networks
Rohyt Belani
Rohyt Belani
CEO & Co-Founder, PhishMe
Anthony Di Bello
Anthony Di Bello
Director, Security Practice, Guidance Software
David Berlind
Chief Content Officer, UBM TechWeb
Rajat Bhargava
Rajat Bhargava
Co-Founder & CEO, JumpCloud
Michael Biddick
Michael Biddick
CEO, Fusion PPT
James Bindseil
James Bindseil
President & CEO, Globalscape
Boatner Blankenstein
Boatner Blankenstein
Senior Director, Solutions Engineering, Bomgar
Ellis Booker
Ellis Booker
Technology Journalist
Kate Borten
Kate Borten
President, The Marblehead Group
Jennifer Bosavage
Jennifer Bosavage
Editor In Chief, Solution Providers for Retail
Tom Bowers
Tom Bowers
Principal Security Strategist, ePlus Technologies
Stephen Boyer
Stephen Boyer
CTO & Founder, BitSight Technologies
Andre Boysen
Andre Boysen
EVP, Digital Identity Evangelist, SecureKey
Mark Bregman
Mark Bregman
Senior Vice President & Chief Technology Officer, Neustar
John Bumgarner
John Bumgarner
Chief Technology Officer for the U.S. Cyber Consequences Unit
Kristin Burnham
Kristin Burnham
Senior Editor, InformationWeek.com
Craig Carpenter
Craig Carpenter
Chief Cybersecurity Strategist, AccessData
David F Carr
David F Carr
Editor, InformationWeek Government/Healthcare
Pat Carroll
Pat Carroll
Executive Chairman & Founder, ValidSoft
Sol Cates
Sol Cates
CSO, Vormetric
Chris Chapman
Chris Chapman
Senior Methodologist, Spirent Communications
Ericka Chickowski
Ericka Chickowski
Contributing Writer, Dark Reading
Thomas Claburn
Thomas Claburn
Editor-at-Large
Kerstyn Clover
Kerstyn Clover
Attack & Defense Team Consultant
Michael Coates
Michael Coates
Chairman, OWASP; Director, Product Security, Shape Security
Mark L. Cohn
Mark L. Cohn
Chief Technology Officer, Unisys Federal Systems
Eric Cole
Eric Cole
Founder & Chief Scientist, Secure Anchor Consulting
Leo Cole
Leo Cole
GM, Security Solutions, Trustwave
Andrew Conry-Murray
Andrew Conry-Murray
Director of Content & Community, Interop
Lance Cottrell
Lance Cottrell
Chief Scientist, Ntrepid
Bob Covello
Bob Covello
Security Tech Veteran
George Crump
George Crump
President, Storage Switzerland
Michael K. Daly
Michael K. Daly
CTO, Cybersecurity & Special Missions, Raytheon Intelligence, Information & Services
Andy Daudelin
Andy Daudelin
VP Security Services, AT&T Business Solutions
Michael A. Davis
Michael A. Davis
Contributing Editor
Amy DeCarlo
Amy DeCarlo
Principal Analyst, Security and Data Center Services
Alison Diana
Alison Diana
Senior Editor
Boonsri Dickinson
Boonsri Dickinson
Associate Editor of BYTE
John Dickson
John Dickson
CISSP, Principal, Denim Group
Andrey Dulkin
Andrey Dulkin
Senior Director, Cyber Innovation, CyberArk
Phil Dunkelberger
Phil Dunkelberger
President & CEO, Nok Nok Labs
Steve Durbin
Steve Durbin
Global VP, Information Security Forum
Adam Ely
Adam Ely
COO, Bluebox
Michael Endler
Michael Endler
Associate Editor, InformationWeek.com
Marisa Fagan
Marisa Fagan
Community Manager, Bugcrowd
Jonathan Feldman
Jonathan Feldman
CIO, City of Asheville, NC
Mike Fey
Mike Fey
EVP, GM of Corporate Products & CTO, Intel Security
Michael Finneran
Michael Finneran
President, dBrn Associates, Inc.
Roman Foeckl
Roman Foeckl
CEO & Founder, CoSoSys
Kevin Fogarty
Kevin Fogarty
Technology Writer
John Foley
John Foley
Editor, InformationWeek
Brian Foster
Brian Foster
CTO, Damballa
Paige Francis
Paige Francis
CIO for IT, Fairfield University
Mike Fratto
Mike Fratto
Former Network Computing Editor
Andrew Froehlich
Andrew Froehlich
President & Lead Network Architect, West Gate Networks
Dave Frymier
Dave Frymier
Chief Information Security Officer, Unisys
Lorna Garey
Lorna Garey
Content Director, InformationWeek Reports
Brad Garlinghouse
Brad Garlinghouse
CEO, Hightail
Randy George
Randy George
Director, IT Operations, Boston Red Sox
Joshua Goldfarb
Joshua Goldfarb
CSO, nPulse Technologies
Rick Gordon
Rick Gordon
Managing Partner, Mach37 Cyber Accelerator
Garret Grajek
Garret Grajek
CTO & COO, SecureAuth
Kevin E. Greene
Kevin E. Greene
Software Assurance Program Manager, Department of Homeland Security Science & Technology Directorate
Levi Gundert
Levi Gundert
Technical Lead, Cisco Threat Research, Analysis, and Communications (TRAC)
Christopher Hadnagy
Christopher Hadnagy
Founder & CEO, Social-Engineer, Inc.
Malcolm Harkins
Malcolm Harkins
Vice President and Chief Security and Privacy Officer, Intel Corporation
Matt Hartley
Matt Hartley
VP Product Management, iSIGHT Partners
Andrew Hay
Andrew Hay
Sr. Security Research Lead & Evangelist, OpenDNS
Doug Henschen
Doug Henschen
Executive Editor, InformationWeek
Joe Hernick
Joe Hernick
IT Director
Robert Hinden
Robert Hinden
Check Point Fellow & IPV6 Co-Inventor
J. Nicholas Hoover
J. Nicholas Hoover
Senior Editor, InformationWeek Government
Rick Howard
Rick Howard
CSO, Palo Alto Networks
Daniel Ingevaldson
Daniel Ingevaldson
CTO, Easy Solutions
Ravi Ithal
Ravi Ithal
Chief Architect, Netskope
William Jackson
William Jackson
Technology Writer
David Jacoby
David Jacoby
Sr. Security Researcher, Kaspersky Lab
Mike Jennett
Mike Jennett
Enterprise IT Mobility Program Director, HP
Dan Jones
Dan Jones
Mobile Editor
Sheila B. Jordan
Sheila B. Jordan
SVP & CIO, Symantec
TK Keanini
TK Keanini
CTO, Lancope
Dave Kearns
Dave Kearns
Analyst, Kuppinger-Cole
Tal Klein
Tal Klein
VP Strategy, Adallom
Bill Kleyman
Bill Kleyman
National Director of Strategy & Innovation, MTM Technologies
John Klossner
John Klossner
Cartoonist
Marianne Kolbasuk McGee
Marianne Kolbasuk McGee
Senior Writer, InformationWeek
George Kurtz
George Kurtz
President & CEO, CrowdStrike
Ray Le Maistre
Ray Le Maistre
Editor-in-chief
Felix Leder
Felix Leder
Senior Malware Researcher, Blue Coat Systems Norway
Martin Lee
Martin Lee
Technical Lead, Threat Research, Analysis & Communications, Cisco
Robert Lemos
Robert Lemos
Technology Journalist
Pete Lindstrom
Pete Lindstrom
Principal & VP Research, Spire Security
Becca Lipman
Becca Lipman
Senior Editor
Eric Lundquist
Eric Lundquist
VP & Editorial Analyst for InformationWeek Business Technology Network
Calum MacLeod
Calum MacLeod
VP, EMEA, Lieberman Software
Elena Malykhina
Elena Malykhina
Technology Journalist
Kurt Marko
Kurt Marko
Contributing Editor
Howard Marks
Howard Marks
Network Computing Blogger
Leonard T. Marzigliano
Leonard T. Marzigliano
CISSP-ISSMP, Information Assurance Architect, Defense Logistics Agency
Paul McDougall
Paul McDougall
Editor At Large, InformationWeek
Martin McKeay
Martin McKeay
Senior Security Advocate, Akamai
Laurianne McLaughlin
Laurianne McLaughlin
Editor-in-Chief, InformationWeek.com
Michelle McNickle
Michelle McNickle
Associate Editor of InformationWeek Healthcare
Jasmine McTigue
Jasmine McTigue
Principal, McTigue Analytics
David Melnick
David Melnick
Founder & CEO, WebLife Balance
Grayson Milbourne
Grayson Milbourne
Director, Security Intelligence, Webroot
Grant Moerschel
Grant Moerschel
Co-Founder, WaveGard
Chris Murphy
Chris Murphy
Editor, InformationWeek
Lysa Myers
Lysa Myers
Security Researcher, ESET
Corey Nachreiner
Corey Nachreiner
Director, Security Strategy & Research, WatchGuard Technologies
Kaushik Narayan
Kaushik Narayan
CTO, Skyhigh Networks
Krishna Narayanaswamy
Krishna Narayanaswamy
Founder & Chief Scientist, Netskope
Wendy Nather
Wendy Nather
Research Director, Enterprise Security Practice
Fritz Nelson
Fritz Nelson
Vice President, Editorial Director InformationWeek Business Technology Network
Fredrik Nilsson
Fredrik Nilsson
General Manager, Axis Communications, North America
Evelyn De Souza & Richard Noguera
Evelyn De Souza & Richard Noguera
Cloud Security Alliance Data Governance Chair & Cloud Compliance & Data Privacy Strategy Leader, Cisco
Roma Nowak
Roma Nowak
Sr Director Web Operations & Production
Susan Nunziata
Susan Nunziata
Community Editor
Chris Nutt
Chris Nutt
Director, Incident Response & Malware, Mandiant
Thomas Pedersen
Thomas Pedersen
CEO & Founder, OneLogin
John W. Pirc
John W. Pirc
Research Vice President, NSS Labs
Dave Piscitello
Dave Piscitello
VP Security, ICANN
Jason Polancich
Jason Polancich
Founder & Chief Architect, SurfWatchLabs
Malte Pollmann
Malte Pollmann
CEO, Utimaco
Nitin Pradhan
Nitin Pradhan
Managing Partner, GOVonomy
Rob Preston
Rob Preston
VP & Editor in Chief, InformationWeek
Brian Prince
Brian Prince
Contributing Writer, Dark Reading
Tom Quillin
Tom Quillin
Director of Cyber Security Technology & Initiatives, Intel Corporation
Jim Reavis
Jim Reavis
Co-Founder & Executive Director, Cloud Security Alliance
Brian Riley
Brian Riley
Technical Director, Government Programs, Green Hills Software
Steve Riley
Steve Riley
Technical Leader, Office of the CTO, Riverbed Technology
Cam Roberson
Cam Roberson
Director Reseller Channel, Beachhead Solutions
Tim Rohrbaugh
Tim Rohrbaugh
VP Information Security, Intersections Inc.
Dan Ross
Dan Ross
CEO & President, Promisec
John Rostern
John Rostern
CRISC, QSA, VP Technology Audit & Advisory Services, Coalfire
Mike Rothman
Mike Rothman
Analyst & President, Securosis
Jeff Rubin
Jeff Rubin
Co-Founder & VP, Beachhead Solutions
Jason Sachowski
Jason Sachowski
Sr. Manager, Security R&D, Scotiabank
Tim Sapio
Tim Sapio
Security Analyst, Bishop Fox
Marcia Savage
Marcia Savage
Managing Editor, Network Computing
John H. Sawyer
John H. Sawyer
Contributing Writer, Dark Reading
Ira Scharf
Ira Scharf
Chief Strategy Officer, BitSight Technologies
Jaeson Schultz
Jaeson Schultz
Threat Research Engineer, Cisco TRAC Team
Nick Selby
Nick Selby
CEO, StreetCred Software, Inc
Kelly Sheridan
Kelly Sheridan
Associate Editor, Insurance & Technology
JD Sherry
JD Sherry
VP Technology & Solutions, Trend Micro
Kevin Smith
Kevin Smith
VP, The Graham Company
Mark Goldstein & Arun Sood
Mark Goldstein & Arun Sood
Principal, SafeSecurePrivate / PhD, Founder & CEO, SCIT Labs
Michael Sutton
Michael Sutton
VP Security Research, Zscaler
Shahar Tal
Shahar Tal
Vulnerability & Security Research Manager, Check Point Software Technologies
Bankim Tejani
Bankim Tejani
Senior Security Architect, ServiceMesh
J.J. Thompson
J.J. Thompson
CEO & Managing Director, Rook Security
John Trobough
John Trobough
CEO, Narus
Bala Venkat
Bala Venkat
CMO, Cenzic
Jai Vijayan
Jai Vijayan
Freelance writer
Paul Vixie
Paul Vixie
Chairman & CEO, Farsight Security, Inc.
Mitch Wagner
Mitch Wagner
California Bureau Chief, Light Reading
Julian Waits
Julian Waits
President & CEO, ThreatTrack Security
Peter Waterhouse
Peter Waterhouse
Senior Technical Marketing Advisor, CA Technologies
Mark Weinstein
Mark Weinstein
Founder & CEO, Sgrouples
Chris Weltzien
Chris Weltzien
CEO, 6Scan
Bob West
Bob West
Chief Trust Officer, CipherCloud
Jeff Williams
Jeff Williams
CTO, Aspect Security & Contrast Security
Ira Winkler
Ira Winkler
Co-Founder & President, Secure Mentem, Inc.
Timber Wolfe
Timber Wolfe
Principal Security Engineer, TrainACE
Candace Worley
Candace Worley
SVP & GM, Endpoint Security, McAfee
Lucas Zaichkowsky
Lucas Zaichkowsky
Enterprise Defense Architect, AccessData
Peter Zavlaris
Peter Zavlaris
Analyst, RiskIQ
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2336
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

CVE-2014-3366
Published: 2014-10-31
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.