Analytics //

Security Monitoring

News & Commentary
The Top 5 Security Threats & Mitigations for Industrial Networks
Barak Perelman, CEO, IndegyCommentary
While vastly different than their IT counterparts, operational technology environments share common risks and best practices.
By Barak Perelman CEO, Indegy, 9/18/2018
Comment0 comments  |  Read  |  Post a Comment
The Economics of AI-Enabled Security
Dark Reading Staff, CommentaryVideo
While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Filtering the Threat Intelligence Tsunami
Dark Reading Staff, CommentaryVideo
Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Ensuring Web Applications Are Hardened, Secure
Dark Reading Staff, CommentaryVideo
Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.
By Dark Reading Staff , 8/17/2018
Comment0 comments  |  Read  |  Post a Comment
Improving the Adoption of Security Automation
Dan Koloski, Vice President, Oracle's Systems Management and Security  products groupCommentary
Four barriers to automation and how to overcome them.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 6/20/2018
Comment1 Comment  |  Read  |  Post a Comment
Panorays Debuts With $5 Million Investment
Dark Reading Staff, Quick Hits
Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.
By Dark Reading Staff , 6/5/2018
Comment1 Comment  |  Read  |  Post a Comment
I, for One, Welcome Our Robotic Security Overlords
Danelle Au, VP Strategy, SafeBreachCommentary
Automation will come in more subtle ways than C-3PO and it's transforming cybersecurity.
By Danelle Au VP Strategy, SafeBreach, 6/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMCCommentary
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018
Comment3 comments  |  Read  |  Post a Comment
FireEye Offers Free Tool to Detect Malicious Remote Logins
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Open source GeoLogonalyzer helps to weed out hackers exploiting stolen credentials to log into their targets.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/30/2018
Comment0 comments  |  Read  |  Post a Comment
Machine Learning, Artificial Intelligence & the Future of Cybersecurity
Craig Hinkley, CEO, WhiteHat SecurityCommentary
The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.
By Craig Hinkley CEO, WhiteHat Security, 5/30/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Steps for Applying Data Science to Security
Steve Zurier, Freelance Writer
Two experts share their data science know-how in a tutorial focusing on internal DNS query analysis.
By Steve Zurier Freelance Writer, 5/23/2018
Comment0 comments  |  Read  |  Post a Comment
New Survey Shows Hybrid Cloud Confidence
Dark Reading Staff, Quick Hits
Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.
By Dark Reading Staff , 4/23/2018
Comment0 comments  |  Read  |  Post a Comment
How Measuring Security for Risk & ROI Can Empower CISOs
Vikram Phatak, Chief Executive Officer of NSS LabsCommentary
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
By Vikram Phatak Chief Executive Officer of NSS Labs, 3/28/2018
Comment1 Comment  |  Read  |  Post a Comment
The Containerization of Artificial Intelligence
Hamid Karimi, VP of Business Development at Beyond SecurityCommentary
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
By Hamid Karimi VP of Business Development at Beyond Security, 3/16/2018
Comment1 Comment  |  Read  |  Post a Comment
Critical Start to Buy Advanced Threat Analytics
Dark Reading Staff, Quick Hits
Firms previously had teamed up in SOC services.
By Dark Reading Staff , 3/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Security Worries? Let Policies Automate the Right Thing
John De Santis, CEO, HyTrustCommentary
By programming 'good' cybersecurity practices, organizations can override bad behavior, reduce risk, and improve the bottom line.
By John De Santis CEO, HyTrust, 12/20/2017
Comment7 comments  |  Read  |  Post a Comment
Comprehensive Endpoint Protection Requires the Right Cyber Threat Intelligence
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
CTI falls into three main categories -- tactical, operational, and strategic -- and answers questions related to the "who, what, and why" of a cyber attack.
By Adam Meyers VP of Intelligence, CrowdStrike, 12/19/2017
Comment1 Comment  |  Read  |  Post a Comment
Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps
Justin Monti, CTO, MKACyberCommentary
By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.
By Justin Monti CTO, MKACyber, 12/5/2017
Comment0 comments  |  Read  |  Post a Comment
The Looming War of Good AI vs. Bad AI
Derek Manky, Global Security Strategist, FortinetCommentary
The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.
By Derek Manky Global Security Strategist, Fortinet, 11/28/2017
Comment1 Comment  |  Read  |  Post a Comment
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Kaspersky Lab's internal investigation found a backdoor Trojan and other malware on the personal computer of the NSA employee who took home agency hacking tools.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/16/2017
Comment6 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
RDP Ports Prove Hot Commodities on the Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
How Data Breaches Affect the Enterprise
How Data Breaches Affect the Enterprise
This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17182
PUBLISHED: 2018-09-19
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations...
CVE-2018-17144
PUBLISHED: 2018-09-19
Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.
CVE-2017-3912
PUBLISHED: 2018-09-18
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6690
PUBLISHED: 2018-09-18
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6693
PUBLISHED: 2018-09-18
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...