Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Research from Omdia

Latest Content
Page 1 / 2   >   >>
Transforming Security by Adopting Sustainable Software Patching
Research  |  10/2/2020  | 
Organizations need to better understand the value of proactive management in the patching workload and lifecycle. Patching should be embedded in the organization's IT governance framework.
Arista Buys Awake Security for an XDR Play
Research  |  9/29/2020  | 
This acquisition positions networking vendor Arista to compete in the emerging XDR market, in which detection and response span multiple areas of corporate infrastructure.
Ivanti Support the Future of Work with Acquisitions of MobileIron, Pulse Secure
Research  |  9/29/2020  | 
with Adam Holtby and Rik Turner
The move combines a trio of capabilities across enterprise IT service management, UEM, and zero-trust access that are all vital in supporting and securing a more mobile and remote workforce.
Check Point Looks to Secure Application Access via Odo Security Acquisition
Research  |  9/28/2020  | 
Check Point has acquired zero-trust access specialist Odo Security, and will incorporate the OdoAccess clientless solution into the Check Point CloudGuard Connect platform.
Fundamentals of Outbound Email Security
Research  |  9/23/2020  | 
Outbound email security focuses on building in controls to offset identified risks from various insider threat scenarios, many of which have received little attention from defenders to date.
On the Radar: Nubeva Offers Innovative Approach for Encrypted Network Traffic Visibility
Research  |  9/9/2020  | 
Nubeva provides encrypted network traffic visibility to enterprises with a unique technology called Symmetric Key Intercept that rapidly harvests decryption keys.
On the Radar: Pulse Secure Delivers Zero-Trust Secure Access Service
Research  |  9/8/2020  | 
Pulse Secure is an information security vendor with a focus on secure remote access for people, devices, things, and services.
Fastly Pays $775 Million to Boost Security Services with its Signal Sciences Buy
Research  |  9/4/2020  | 
Fastly has announced the $775m acquisition of application security vendor Signal Sciences. Signal Sciences will bolster Fastlys portfolio: it will join the content delivery networks that lead with or feature AppSec capabilities.
Palo Alto Networks Adds Security Consulting and Forensics with Purchase of The Crypsis Group
Research  |  8/28/2020  | 
Palo Alto Networks intends to buy The Crypsis Group, a cybersecurity services and managed security services provider, for $265m to bolster sales opportunities and support for its Cortex XDR solutions.
On the Radar: CloudKnox Reins in Permissions to Tighten Cloud Security
Research  |  8/27/2020  | 
Enterprise cloud computing usage continues to grow and as a result so does the attack surface that adversaries can exploit.
Everything About Network Traffic Decryption is About to Change
Research  |  8/19/2020  | 
Understand encrypted traffic decryption change agents involving standards and technology, and the importance of emerging SSL/TLS decryption alternatives such as session key forwarding and encrypted traffic inference.
AWS Security Tools for Its IaaS and PaaS Environments
Research  |  8/19/2020  | 
AWS has been providing cloud computing services for over a decade and remains the clear leader in the IaaS market. Over that time, it has expanded and enhanced the security capabilities of its platform and services.
Forcepoint Hopes for Breakout Moment by Hopping on the ZTA Bandwagon
Research  |  8/13/2020  | 
The debut of Forcepoint's two-pronged zero trust access (ZTA) solution delivers much-needed competitive momentum, but it must do more to stand out against a growing field of ZTA competitors.
It's Time to Address Cybersecurity Complexity
Research  |  8/4/2020  | 
Overlapping layers of security controls and technologies have deluged enterprises with security complexity. There are four steps that organizations can take to help reduce the complexity.
Fortinet Fills its Zero Trust Access Gap with OPAQ Acquisition
Research  |  7/28/2020  | 
With newly acquired OPAQ Networks, Fortinet intends to create its own so-called Secure Access Service Edge (SASE) offering, which combines SD-WAN, network security, and zero trust access (ZTA) features and delivers them via the cloud.
Sophos Evolve 2020: Sophos Embraces Change to Pursue Growth
Research  |  7/24/2020  | 
Sophos in 2020 is taking the painful but necessary steps to reshape its business. With some key competitors struggling, the vendor believes the time is right to capitalize on a unique opportunity to accelerate its growth.
Fundamentals of Identity as a Service (IDaaS)
Research  |  7/23/2020  | 
With cloud-based identity's speed, scalability, and cost advantages, on-premises products now fall squarely in the category of legacy technology, regardless of enterprise IT infrastructure.
Fundamentals of Network Traffic Decryption and Risk Management
Research  |  7/22/2020  | 
Visibility into and inspection of inbound encrypted network traffic is essential for sound enterprise network security. Decryption approaches must soon change due to increasing cost and complexity, but alternative technologies are emerging.
Wake Up to Cyber-Espionage
Research  |  7/17/2020  | 
Cyber-espionage has hit the headlines, with APT29 accused of attempting to steal COVID-19 vaccine development information. Organizations in all sectors should not be surprised that cyber-espionage is real and must be addressed.
Integrating Risk Management with Cybersecurity to Govern Protection for Digital Assets
Research  |  7/15/2020  | 
Cybersecurity should be aligned with organizational governance. This drives the right type and level of information security governance, incorporating risk and compliance management, and can guide prioritization of resources and investments.
The DXC Xchanging Attack Shows Ransomware is Back with a Vengeance
Research  |  7/10/2020  | 
IT service provider DXC announced that its Xchanging subsidiary is facing a ransomware attack. Ransomware is again the industry's top threat vector, as the world grapples with COVID-19.
A New Opportunity to Break the 'Rule of Steve'
Research  |  7/1/2020  | 
To build the workforce, diversity must be encouraged: more women, more ethnic diversity, more neurodiversity. That requires more people from a range of groups who have the aptitude and attitude to work in cybersecurity.
On the Radar: Ermetic Provides Cloud Permissions Management
Research  |  6/30/2020  | 
Ermetic provides security for data stores, databases, and some compute instances in IaaS and PaaS.
Versa Enters the Zero-Trust Access market
Research  |  6/29/2020  | 
Software-defined wide area network (SD-WAN) vendor Versa Networks has entered an adjacent and complementary market, launching a zero-trust access (ZTA) product.
On the Radar: BotRx Offers Runtime Security for Web Applications
Research  |  6/25/2020  | 
BotRx provides a software service to protect web and mobile apps from bot attacks.
Palo Alto Networks Shifts Cloud-Based ML Features Into its NGFW Appliances
Research  |  6/24/2020  | 
Palo Alto Networks is effectively reversing a multiyear industry trend among network security vendors, itself included, by shifting functions out of the cloud and into the firewall itself to improve real-time threat detection.
DDoS Prevention Appliances Market Tracker - Update H1 2020
Research  |  6/23/2020  | 
The updated DDoS Prevention Appliances Market Tracker provides accurate data -- including market size, vendor market share, forecasts, and market trends -- to help clients make better business decisions in the DDoS appliances market.
Threat Mitigation Products Market Database - Q1 2020
Research  |  6/23/2020  | 
The latest data-only market tracker, providing a total view of the cybersecurity technology market by combining the data from three segments: Content Security Gateway Appliances, Network Security Appliances, and DDoS Prevention Appliances.
CipherCloud Remains a CASB, But Builds a SASE Ecosystem
Research  |  6/10/2020  | 
CipherCloud is a longstanding member of the cloud access security broker (CASB) sector.
On the Radar: OPAQ Offers Network- and Security-as-a-Service
Research  |  6/10/2020  | 
OPAQ offers networking and security delivered as services from its own IP backbone.
Network Security Appliances & Software Market Tracker - Q1 2020
Research  |  6/9/2020  | 
Get the latest data and analyses -- including market size, vendor market share, forecasts, and market trends -- to help clients make better business decisions in the network security appliances and software market.
VMware Pushes Toward XDR Play with Acquisition of NDR Vendor Lastline
Research  |  6/8/2020  | 
VMware has acquired Lastline, a network detection and response (NDR) vendor. It is pursuing an XDR offering to compete with Palo Alto Networks and Trend Micro.
Zscaler Acquires Edgewise Networks for Hybrid Cloud Data Center Security
Research  |  6/5/2020  | 
The move offers Zscaler a solution that can directly compete with hybrid cloud data center security and visibility solutions from Cisco and VMware.
On the Radar: IronNet Cybersecurity Applies Analytics, Threat Intelligence for Collective Defense
Research  |  6/5/2020  | 
IronNet discovers overlooked threats using a combination of analytics-powered network threat detection and real-time threat intelligence sharing and collaboration, which it calls collective defense.
Market Landscape: Industrial IoT Cybersecurity Operation and Management Solutions
Research  |  6/3/2020  | 
With exponential growth in the number of Internet of Things devices currently in use, there are few markets in greater need of cybersecurity protection than the industrial sector.
Fortinet Accelerate 2020: High-Performance Hardware and SD-WAN Deliver Strong Growth
Research  |  5/28/2020  | 
After earning the top position by revenue in the next-generation firewall market, Fortinet is pressing its advantages in performance and SD-WAN, but its strategy for cloud-delivered security is unclear.
Stellar Cyber Adds Cloud Detection and Response to its XDR offering
Research  |  5/28/2020  | 
Stellar Cyber has launched a capability for cloud environments to complement the endpoint and network dimensions already addressed by its Starlight platform.
On the Radar: PerimeterX Protects Web Apps Against Bots, Malicious Code, and API Abuse
Research  |  5/28/2020  | 
PerimeterX delivers application security across three distinct areas: bots, the application code itself, and application programming interfaces (APIs).
Verizon 2020 Data Breach Investigations Report: Phishing and Credential Theft Top List of Successful Tactics
Research  |  5/27/2020  | 
Adversaries successfully breach enterprises largely because of phishing and credential theft, the same techniques that have worked for years.
Cloud Email Challenges and Security Differentiators
Research  |  5/27/2020  | 
Cloud email has become the norm for many organizations, yet there are still challenges that can be difficult to overcome.
Thanks to COVID-19, Your Next Data Breach May Already be Underway
Research  |  5/26/2020  | 
As organizations adapt to the ongoing pandemic, changes in the technology they use, how they use it, and how they secure it (or, dont secure it) have created a perfect storm of opportunity for adversaries to strike.
ZIVVER Applies Rigorous Control to Secure the Overall Email Communication Process
Research  |  5/22/2020  | 
The communication demands of highly regulated sectors is one of the reasons why legacy technology is still being used to authenticate senders and recipients and protect the privacy of shared information.
The landgrab in CSPM Continues Apace
Research  |  5/20/2020  | 
The acquisition at the end of April of CSPM developer DivvyCloud by Rapid7 was the latest in a series of purchases of CSPM players, mostly by companies with broader portfolios.
Analyst Commentary: PAM Market Leader CyberArk Enters IDaaS with Idaptive Buy
Research  |  5/19/2020  | 
CyberArk, the market leader in privileged access management (PAM), has entered the identity-as-a-service (IDaaS) segment with the $70m acquisition of Idaptive.
On the Radar: Zettaset Delivers Encryption for Containers Orchestrated by K8s
Research  |  5/13/2020  | 
Zettaset delivers what it terms software-defined encryption technology for data at rest in physical on-premises, virtual, and cloud environments.
On the Radar: Micro Focus Offers Transparent Encryption for Unstructured Data
Research  |  5/13/2020  | 
Business software vendor Micro Focus has launched Voltage SmartCipher, which provides transparent encryption for unstructured data.
Do We Need to Accept a Lack of Privacy in Order to Fight COVID-19?
Research  |  5/12/2020  | 
Data privacy has been hard fought in many countries. Countries enacting either mandatory or voluntary approaches to track-and-trace must be abundantly clear about how data will be used.
On the Radar: Axis Security Takes a Different Approach to Zero-Trust Access
Research  |  5/6/2020  | 
Axis Security has developed a cloud-based platform to deliver secure remote access based on a zero-trust approach.
COVID-19: Extending Opportunities for Security Incidents and Breaches
Research  |  4/28/2020  | 
Prior to the pandemic, many organizations had enabled remote working for a portion of the workforce, where it was feasible. But the rapid acceleration has created new security challenges for the enterprise.
Page 1 / 2   >   >>


Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27605
PUBLISHED: 2020-10-21
BigBlueButton through 2.2.8 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox."
CVE-2020-27606
PUBLISHED: 2020-10-21
BigBlueButton before 2.2.8 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVE-2020-27607
PUBLISHED: 2020-10-21
In BigBlueButton before 2.2.8 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or tr...
CVE-2020-27608
PUBLISHED: 2020-10-21
In BigBlueButton before 2.2.8 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document.
CVE-2020-27609
PUBLISHED: 2020-10-21
BigBlueButton through 2.2.8 records a video meeting despite the deactivation of video recording in the user interface. This may result in data storage beyond what is authorized for a specific meeting topic or participant.