Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Security Monitoring
<<   <   Page 2 / 2
Improving the Adoption of Security Automation
Commentary  |  6/20/2018  | 
Four barriers to automation and how to overcome them.
Panorays Debuts With $5 Million Investment
Quick Hits  |  6/5/2018  | 
Panorays, a company focusing on third-party security issues for the enterprise, has exited stealth mode.
I, for One, Welcome Our Robotic Security Overlords
Commentary  |  6/5/2018  | 
Automation will come in more subtle ways than C-3PO and it's transforming cybersecurity.
Building a Safe, Efficient, Cost-Effective Security Infrastructure
Commentary  |  6/4/2018  | 
The Industrial Internet of Things allows organizations to address both physical and digital security concerns.
FireEye Offers Free Tool to Detect Malicious Remote Logins
News  |  5/30/2018  | 
Open source GeoLogonalyzer helps to weed out hackers exploiting stolen credentials to log into their targets.
Machine Learning, Artificial Intelligence & the Future of Cybersecurity
Commentary  |  5/30/2018  | 
The ability to learn gives security-focused AI and ML apps unrivaled speed and accuracy over their more basic, automated predecessors. But they are not a silver bullet. Yet.
6 Steps for Applying Data Science to Security
Slideshows  |  5/23/2018  | 
Two experts share their data science know-how in a tutorial focusing on internal DNS query analysis.
New Survey Shows Hybrid Cloud Confidence
Quick Hits  |  4/23/2018  | 
Executives are mostly confident in their hybrid cloud security, according to the results of a new survey.
How Measuring Security for Risk & ROI Can Empower CISOs
Commentary  |  3/28/2018  | 
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
The Containerization of Artificial Intelligence
Commentary  |  3/16/2018  | 
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
Critical Start to Buy Advanced Threat Analytics
Quick Hits  |  3/15/2018  | 
Firms previously had teamed up in SOC services.
Security Worries? Let Policies Automate the Right Thing
Commentary  |  12/20/2017  | 
By programming 'good' cybersecurity practices, organizations can override bad behavior, reduce risk, and improve the bottom line.
Comprehensive Endpoint Protection Requires the Right Cyber Threat Intelligence
Commentary  |  12/19/2017  | 
CTI falls into three main categories -- tactical, operational, and strategic -- and answers questions related to the "who, what, and why" of a cyber attack.
Improve Signal-to-Noise Ratio with 'Content Curation:' 5 Steps
Commentary  |  12/5/2017  | 
By intelligently managing signatures, correlation rules, filters and searches, you can see where your security architecture falls down, and how your tools can better defend the network.
The Looming War of Good AI vs. Bad AI
Commentary  |  11/28/2017  | 
The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.
121 Pieces of Malware Flagged on NSA Employee's Home Computer
News  |  11/16/2017  | 
Kaspersky Lab's internal investigation found a backdoor Trojan and other malware on the personal computer of the NSA employee who took home agency hacking tools.
Death of the Tier 1 SOC Analyst
News  |  11/16/2017  | 
Say goodbye to the entry-level security operations center (SOC) analyst as we know it.
Deception Technology: Prevention Reimagined
Commentary  |  11/15/2017  | 
How state-of-the-art tools make it practical and cost-effective to identify and engage attackers in early lateral movement stages to prevent them from reaching critical systems and data.
Siemens Teams Up with Tenable
News  |  11/8/2017  | 
ICS/SCADA vendor further extends its managed security services for critical infrastructure networks.
Advanced Analytics + Frictionless Security: What CISOS Need to Know
Commentary  |  10/25/2017  | 
Advances in analytics technologies promise to make identity management smarter and more transparent to users. But the process is neither straightforward nor easy.
Unstructured Data: The Threat You Cannot See
Commentary  |  10/10/2017  | 
Why security teams needs to take a cognitive approach to the increasing volumes of data flowing from sources they don't control.
How to Live by the Code of Good Bots
Commentary  |  9/27/2017  | 
Following these four tenets will show the world that your bot means no harm.
7 SIEM Situations That Can Sack Security Teams
Slideshows  |  9/27/2017  | 
SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.
Security Orchestration & Automation: Parsing the Options
Commentary  |  9/15/2017  | 
Once you head down the path of orchestration, security teams will need to decide how much automation they are ready for. Here's how.
What CISOs Need to Know about the Psychology behind Security Analysis
Commentary  |  8/14/2017  | 
Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate.
Using AI to Break Detection Models
News  |  7/25/2017  | 
Pitting machine learning bots against one another is the new spy vs. spy battle in cybersecurity today.
How to Succeed at Incident Response Metrics
Commentary  |  6/2/2017  | 
Establishing a baseline of what information you need is an essential first step.
How to Integrate Threat Intel & DevOps
Commentary  |  5/4/2017  | 
Automating intelligence can help your organization in myriad ways.
Forget the Tax Man: Time for a DNS Security Audit
Slideshows  |  4/11/2017  | 
Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.
As Cloud Use Expands, So Do Security Blind Spots, Studies Show
News  |  4/4/2017  | 
Three-quarters of IaaS and SaaS apps arent monitored.
Data Visualization: Keeping an Eye on Security
Commentary  |  3/27/2017  | 
Visualization can be one of the most powerful approaches a security team can use to make sense of vast quantities of data. So why does it end up as an afterthought?
Prioritizing Threats: Why Most Companies Get It Wrong
Commentary  |  3/24/2017  | 
To stay safer, focus on multiple-threat attack chains rather than on individual threats.
Getting Beyond the Buzz & Hype of Threat Hunting
Commentary  |  3/20/2017  | 
When harnessed properly, threat hunting can be one of the most useful techniques for finding attackers in your network. But it wont happen overnight.
Trust, Cloud & the Quest for a Glass Wall around Security
Commentary  |  3/8/2017  | 
In the next year, were going to see a leap towards strategic, business-level objectives that can be resolved by simplifying infrastructure and granting greater visibility in real time.
20 Cybersecurity Startups To Watch In 2017
Slideshows  |  2/24/2017  | 
VC money flowed plentifully into the security market last year, fueling a new crop of innovative companies.
IBM Brings Watson Cognitive Computing To The SOC
News  |  2/13/2017  | 
Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Security's QRadar system.
Why Youre Doing Cybersecurity Risk Measurement Wrong
Commentary  |  1/30/2017  | 
Measuring risk isnt as simple as some make it out to be, but there are best practices to help you embrace the complexity in a productive way. Here are five.
Cloud Security & IoT: A Look At What Lies Ahead
Commentary  |  1/18/2017  | 
In the brave new world of cloud, security teams must be as agile as possible. This means leveraging proactive monitoring tools, locking down access points, and forecasting requirements
7 Ways To Fine-Tune Your Threat Intelligence Model
Slideshows  |  1/5/2017  | 
The nature of security threats is too dynamic for set-and-forget. Here are some ways to shake off that complacency.
Chinas Cybersecurity Law Seeks Scrutiny Of Technology
Quick Hits  |  12/28/2016  | 
Countrys top internet regulator releases framework for stricter cyberspace laws, including review of local and foreign technology.
5 Things Security Pros Need To Know About Machine Learning
Slideshows  |  12/12/2016  | 
Experts share best practices for data integrity, pattern recognition and computing power to help enterprises get the most out of machine learning-based technology for cybersecurity.
Encryption: A Backdoor For One Is A Backdoor For All
Commentary  |  10/14/2016  | 
We need legislation that allows law enforcement to find criminals and terrorists without eroding our security and privacy.
Incident Response A Challenge For 98% Of InfoSec Pros
News  |  10/6/2016  | 
Too many alerts and too little staff leave security pros swimming in threat intel and begging for automation.
20 Questions To Explore With Security-as-a-Service Providers
Commentary  |  10/5/2016  | 
This list will help you leverage the niche expertise of security-as-a-service providers, and assess which vendor can best meet your needs
A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack
Commentary  |  9/21/2016  | 
This slightly modified model is a practical way to keep attackers out of your systems.
Yes, The Cloud Can Be A Security Win
Commentary  |  9/15/2016  | 
With the right controls in place, the cloud doesnt have to be a scary place. These guidelines can help your company stay safe.
Look The Other Way: DDoS Attacks As Diversions
Look The Other Way: DDoS Attacks As Diversions
Dark Reading Videos  |  9/7/2016  | 
Black Hat News Desk talks to Joe Loveless of Neustar.
Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain
Commentary  |  9/6/2016  | 
With nearly the same speed and precision that the human eye can identify a water bottle, the technology of deep learning is enabling the detection of malicious activity at the point of entry in real-time.
The New Security Mindset: Embrace Analytics To Mitigate Risk
Commentary  |  9/5/2016  | 
Sure, conducting a penetration test can find a weakness. But to truly identify key areas of risk, organizations must start to think more creatively, just like todays hackers.
How To Talk About Security With Every C-Suite Member
Commentary  |  9/1/2016  | 
Reframe your approach with context in order to get your message across.
<<   <   Page 2 / 2


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24285
PUBLISHED: 2021-04-12
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.
CVE-2021-29379
PUBLISHED: 2021-04-12
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover pa...
CVE-2015-20001
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
CVE-2020-36317
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...
CVE-2020-36318
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.