Advertise

Analytics //

Security Monitoring

News & Commentary

Security Researchers Struggle with Bot Management Programs

Kaan Onarlioglu, Senior Security Researcher, Akamai

Commentary

Bots are a known problem, but researchers will tell you that bot defenses create problems of their own when it comes to valuable data.

By Kaan Onarlioglu Senior Security Researcher, Akamai, 10/10/2018

0 comments | Read | Post a Comment

Turn the NIST Cybersecurity Framework into Reality: 5 Steps

Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems

Commentary

Actionable advice for tailoring the National Institute of Standards and Technology's security road map to your company's business needs.

By Mukul Kumar & Anupam Sahai CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018

6 comments | Read | Post a Comment

Latest Comment: ElizaPt, Your way of telling the whole thing in this post is genuinely fastidious, all...

The Top 5 Security Threats & Mitigations for Industrial Networks

Commentary

While vastly different than their IT counterparts, operational technology environments share common risks and best practices.

By Barak Perelman CEO, Indegy, 9/18/2018

0 comments | Read | Post a Comment

The Economics of AI-Enabled Security

Commentary Video

While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.

By Dark Reading Staff , 8/17/2018

0 comments | Read | Post a Comment

Filtering the Threat Intelligence Tsunami

Commentary Video

Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted "pull" model that focuses on YARA-type binary pattern matching.

By Dark Reading Staff , 8/17/2018

0 comments | Read | Post a Comment

Ensuring Web Applications Are Hardened, Secure

Commentary Video

Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may be inadvertently exposing data and/or violating compliance mandates.

By Dark Reading Staff , 8/17/2018

0 comments | Read | Post a Comment

Improving the Adoption of Security Automation

Dan Koloski, Vice President, Oracle's Systems Management and Security products group

Commentary

Four barriers to automation and how to overcome them.

By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 6/20/2018

1 Comment | Read | Post a Comment

Latest Comment: nathanluise92, You mention only 4 barriers, but what if it is more than 4? Also it depends...

Panorays Debuts With $5 Million Investment

Quick Hits

Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.

By Dark Reading Staff , 6/5/2018

1 Comment | Read | Post a Comment

Latest Comment: [email protected], Graet team, smart solution that provides a smart, non-intrussive risk-scoring...

I, for One, Welcome Our Robotic Security Overlords

Commentary

Automation will come in more subtle ways than C-3PO — and it's transforming cybersecurity.

By Danelle Au VP Strategy, SafeBreach, 6/5/2018

1 Comment | Read | Post a Comment

Latest Comment: Babette, Good post.Thank you for sharing it.It is informative and very useful too

Building a Safe, Efficient, Cost-Effective Security Infrastructure

Ken Mills, General Manager of IoT, Surveillance and Security, Dell EMC

Commentary

The Industrial Internet of Things allows organizations to address both physical and digital security concerns.

By Ken Mills General Manager of IoT, Surveillance and Security, Dell EMC, 6/4/2018

3 comments | Read | Post a Comment

Latest Comment: OtherKen, Paul Thank you taking time to read my article. You are right that IoT is all...

FireEye Offers Free Tool to Detect Malicious Remote Logins

Kelly Jackson Higgins, Executive Editor at Dark Reading

News

Open source GeoLogonalyzer helps to weed out hackers exploiting stolen credentials to log into their targets.

By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/30/2018

0 comments | Read | Post a Comment

Machine Learning, Artificial Intelligence & the Future of Cybersecurity

Commentary

The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.

By Craig Hinkley CEO, WhiteHat Security, 5/30/2018

1 Comment | Read | Post a Comment

Latest Comment: artificial intelligence, - Very useful blog with clear standardisation and great quality.

6 Steps for Applying Data Science to Security

Two experts share their data science know-how in a tutorial focusing on internal DNS query analysis.

By Steve Zurier Freelance Writer, 5/23/2018

0 comments | Read | Post a Comment

New Survey Shows Hybrid Cloud Confidence

Quick Hits

Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.

By Dark Reading Staff , 4/23/2018

0 comments | Read | Post a Comment

How Measuring Security for Risk & ROI Can Empower CISOs

Vikram Phatak, Chief Executive Officer of NSS Labs

Commentary

For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?

By Vikram Phatak Chief Executive Officer of NSS Labs, 3/28/2018

1 Comment | Read | Post a Comment

Latest Comment: AnnaEverson, Thanks a lot for such incredible article) I think it is really usefull...

The Containerization of Artificial Intelligence

Hamid Karimi, VP of Business Development at Beyond Security

Commentary

AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.

By Hamid Karimi VP of Business Development at Beyond Security, 3/16/2018

1 Comment | Read | Post a Comment

Latest Comment: AnnaEverson, You need more example - nothing to analyse(

Critical Start to Buy Advanced Threat Analytics

Quick Hits

Firms previously had teamed up in SOC services.

By Dark Reading Staff , 3/15/2018

1 Comment | Read | Post a Comment

Latest Comment: AnnaEverson, What is that for ?

Security Worries? Let Policies Automate the Right Thing

Commentary

By programming 'good' cybersecurity practices, organizations can override bad behavior, reduce risk, and improve the bottom line.

By John De Santis CEO, HyTrust, 12/20/2017

7 comments | Read | Post a Comment

Latest Comment: JohnTMoran, That's the key though; the goal of automation should be to support people,...

Comprehensive Endpoint Protection Requires the Right Cyber Threat Intelligence

Adam Meyers, VP of Intelligence, CrowdStrike

Commentary

CTI falls into three main categories -- tactical, operational, and strategic -- and answers questions related to the "who, what, and why" of a cyber attack.

By Adam Meyers VP of Intelligence, CrowdStrike, 12/19/2017

1 Comment | Read | Post a Comment

Latest Comment: DoothCom, So what would the learning curve look like for older companies adjusting...

Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps

Commentary

By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.

By Justin Monti CTO, MKACyber, 12/5/2017

0 comments | Read | Post a Comment

More Stories

Current Conversations

Posted by ElizaPt

Your way of telling the whole thing in this post is genuinely fastidious, all be capable of simply understand it, Thanks a lot.

In reply to: Thanks!
Post Your Own Reply

Posted by Sportialize

Hehe, nice find !

In reply to: Re: proof reading is for losers right?
Post Your Own Reply

Posted by Marilyn Cohodas

Yep. copy & paste error left out Step 4! Details in the commentary. But here's a brief recap: Step 1: Set your target goals Step 2: Create a detailed profile Step 3: Assess your current position Step 4: Gap analysis...

In reply to: There really are 5 steps!
Post Your Own Reply

Posted by Marilyn Cohodas

Good catch! All fixed. Thanks for being such a great proofreader. --the editors

In reply to: Re: proof reading is for losers right?
Post Your Own Reply

Posted by Marilyn Cohodas

Good catch! It's four steps. Editor error! :-) Fortunately we have very astute readers. Thanks!

In reply to: Re: proof reading is for losers right?
Post Your Own Reply

Posted by errwhat

Step 1, Step 2, Step 2 again, Step 4 and no step 5? I think you might need to proof read this again ^^

In reply to: proof reading is for losers right?
Post Your Own Reply

Posted by Hazelsnow

The update to Gmail will now present alerts to users to warn about unintended external reply warning to users to help prevent data loss. If a user attempts to reply to a user outside the company's domain, a popup will seek...

In reply to: gmail security
Post Your Own Reply

Posted by [email protected]

Graet team, smart solution that provides a smart, non-intrussive risk-scoring of 3rd parties. With today's threat landscape and complex ecoystem environments it's almost a must have information. Congrats Panoyas tea...

In reply to: Congrats!
Post Your Own Reply

Posted by acepsaepul23

Complete demo and the UIExtensions library has the ability to read and display bookmarks but there doesn't appear to be any information on creating bookmarks from within the SDK. Looking through the forums, all I see...

In reply to: Health
Post Your Own Reply

Posted by Babette

Good post.Thank you for sharing it.It is informative and very useful too

In reply to: Good post
Post Your Own Reply

Posted by artificial intelligence

- Very useful blog with clear standardisation and great quality.

In reply to: Artificial intelligence
Post Your Own Reply

Posted by OtherKen

Paul Thank you taking time to read my article. You are right that IoT is all about communication between things, people and the data. The challenge is how to manage all this new data and to determine what is important and...

In reply to: Re: hi
Post Your Own Reply

More Conversations

Products & Releases

Endace Launches Petabyte Network Recording Appliance

Belden and Claroty Announce Strategic Partnership

Industrial Cybersecurity Leader Nozomi Networks Raises $30 Million

Corelight Secures $25 Million in Series B Funding Led by General Catalyst

Semmle Launches Globally with $21 Million Series B Investment Led by Accel Partners

A10 Adds Real-Time Security Analytics to A10 Harmony Controller

Cyberbit Recognized on 2018 Emerging Vendors List

JASK Announces $25M Series B Financing Led by Kleiner Perkins

More Products & Releases

Hot Topics

Editors' Choice

12 Free, Ready-to-Use Security Tools

Steve Zurier, Freelance Writer, 10/12/2018

Most IT Security Pros Want to Change Jobs

Dark Reading Staff 10/12/2018

6 Security Trends for 2018/2019

Curtis Franklin Jr., Senior Editor at Dark Reading, 10/15/2018

Webinars

How Headless CMS Fits into Modern Web Architectures

Lambda Architecture with In-Memory Technology

Purple Team Tactics & TI for Effectively Training Your Cybersecurity Team

Webinar Archives

White Papers

Mobile Devices: The New Support Frontier for IT (IDG Report)

Building Security In Maturity Model (BSIMM9)

How VPNs and Firewalls Put You at Risk

Definitive Guide to Software-Defined Perimeters

10 Endpoint Security Problems Solved by the Cloud for McAfee Users

More White Papers

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-18381
PUBLISHED: 2018-10-16

Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.

CVE-2018-18382
PUBLISHED: 2018-10-16

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.

CVE-2018-18374
PUBLISHED: 2018-10-16

XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.

CVE-2018-18375
PUBLISHED: 2018-10-16

goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.

CVE-2018-18376
PUBLISHED: 2018-10-16

goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.

Terms of Service
Privacy Statement
Legal Entities