Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Research from Omdia

Latest Content
Page 1 / 2   >   >>
Exabeam Spotlight 2020 Recap: Standout Analytics Drives SecOps Vendor's Evolution
Research  |  11/30/2020  | 
With established behavioral analytics leadership and accelerating momentum in SIEM and SOAR, cybersecurity vendor Exabeam is one of the best-kept secrets in SecOps. Its next challenge will be transitioning to a cloud-native platform.
Palo Alto Networks adds Attack Surface Management with $800 Million Expanse Buy
Research  |  11/27/2020  | 
For Palo Alto Networks, the $800m acquisition of Expanse, a provider of services it describes as attack surface management, adds a proactive dimension beyond traditional threat detection and response capabilities.
Identity, Authentication, and Access Market Database: 1H20 Update
Research  |  11/27/2020  | 
The IAA Database is part of Omdia's new Identity, Authentication, and Access Intelligence Service. This database offers revenue figures for 2018 and 2019. It is segmented by the authentication and on-premises IAM/IDaaS categories, as well as by five global regions.
On the Radar: NetFoundry Offers Network-as-a-Service with Zero-Trust Access to Apps
Research  |  11/26/2020  | 
NetFoundry is a network-as-a-service (NaaS) provider. Its eponymous platform is cloud-native and API-driven, combining security based on the zero-trust principle with enhanced internet as a replacement for MPLS connectivity.
FireEye Buys its Way into XDR, But Questions Abound on its Portfolio and its Future
Research  |  11/25/2020  | 
FireEye's $186 million acquisition of analytics vendor Respond Software is buttressed by a new $400 million private equity cash infusion. However, a growing divergence in its product portfolio may indicate further disruption.
2021 Trends to Watch: IoT Cybersecurity
Research  |  11/19/2020  | 
The IoT cybersecurity ecosystem has evolved out of the critical necessity to successfully discover, manage, and secure a growing variety of internet connected devices. Now, the new challenge is the growing volume of data created, shared, and transmitted by these devices.
CyberArk Launches Cloud Permissions Management Service
Research  |  11/19/2020  | 
Privileged access management (PAM) market leader CyberArk has launched a service in the emerging cloud permissions management (CPM) space.
Omdia Market Radar: Outbound Email Security
Research  |  11/18/2020  | 
Omdia profiles four vendors of outbound email security, focusing on building in controls to offset risks from insider threats, i.e., scenarios in which sensitive, confidential, or the wrong information is sent to the wrong recipients.
Splunk .conf20 Recap: SIEM Vendor Advances Unified SecOps Platform, Offers Friendlier Pricing
Research  |  11/16/2020  | 
At its annual conference, Splunk detailed its SecOps product strategy. It is moving toward a unified security operations platform, integrating SIEM, SOAR and UEBA with a common interface and third-party integrations.
DDoS Prevention Appliances Market Tracker: 2H20 Analysis Update
Research  |  11/13/2020  | 
Our late 2020 update tracks market size and share for DDoS mitigation hardware and software vendors. Coverage includes Corero, F5, Huawei, NETSCOUT, Radware, and more.
DDoS Prevention Appliances Market Tracker: 2H20 Data Update
Research  |  11/13/2020  | 
Download tracker data covering market size and share for DDoS mitigation hardware and software. Vendor coverage includes Corero, F5, Huawei, NETSCOUT, Radware, and more.
On the Radar: PortSys Offers a Zero-Trust Access Platform
Research  |  11/12/2020  | 
This report examines PortSys's zero-trust access technology and considers how it can replace traditional VPNs for remote access or complement an existing VPN infrastructure to enable gradual migration to the new remote access paradigm.
Microsoft Ignite 2020: SIEM and XDR Improvements Highlight Advancing Enterprise SecOps Efforts
Research  |  11/3/2020  | 
With its Azure Sentinel SIEM and rebranded Defender XDR solutions, the Microsoft SecOps strategy centers on delivering best-of-breed capabilities in a unified, cloud-native platform.
Juniper Networks Sets its Sights on 'Connected Security' from Endpoint to Cloud
Research  |  11/2/2020  | 
Juniper Networks' security portfolio has long hinged on its SRX firewall, but with its expanding Connected Security strategy, Juniper is now integrating security into every point of connection, from the endpoint to the cloud.
IoT Security Strategies and Vendor Leadership Enterprise Survey: North America 2020
Research  |  10/30/2020  | 
Omdia's 2020 IoT security survey shows enterprises are tackling IoT risk head on, but IoT visibility and malware are top challenges. Meanwhile, IoT cybersecurity vendors can stand out by addressing the niche issues that enterprises face.
Security investments should be aligned with organizational objectives and obligations
Research  |  10/29/2020  | 
Omdia advises cybersecurity leaders, with evolved relationships and supporting governance processes in place, to consider making advancements in evidencing the value of cybersecurity investments via business-oriented risk metrics.
Fundamentals of Cybersecurity Operations Lifecycle Strategy
Research  |  10/29/2020  | 
A successful SecOps strategy emphasizes technology decisions that support policy, based on SecOps processes and the SOC staff managing them. Learn about the Omdia cybersecurity operations lifecycle.
Fundamentals of Data Security Strategy
Research  |  10/27/2020  | 
Because of the criticality of comprehensive data security, stakeholders must take concerted, ongoing action to build and support the critical business and technical functions that support sound data security.
Next-Gen Threat Prevention Strategies and Vendor Leadership NA Ent Survey: DDoS excerpt - 2020
Research  |  10/2/2020  | 
DDoS excerpts from the Next-Gen Threat Prevention Strategies & Vendor Leadership NA Ent. Survey - 2020.
Transforming Security by Adopting Sustainable Software Patching
Research  |  10/2/2020  | 
Organizations need to better understand the value of proactive management in the patching workload and lifecycle. Patching should be embedded in the organization's IT governance framework.
Cloud & CPE Managed Security Services Market Report: Regional (DDoS excerpt) - 2020
Research  |  10/2/2020  | 
DDoS excerpts from the Cloud & CPE Managed Security Services Market Report - Regional - 2020.
Ivanti Support the Future of Work with Acquisitions of MobileIron, Pulse Secure
Research  |  9/29/2020  | 
with Adam Holtby and Rik Turner
The move combines a trio of capabilities across enterprise IT service management, UEM, and zero-trust access that are all vital in supporting and securing a more mobile and remote workforce.
Arista Buys Awake Security for an XDR Play
Research  |  9/29/2020  | 
This acquisition positions networking vendor Arista to compete in the emerging XDR market, in which detection and response span multiple areas of corporate infrastructure.
Check Point Looks to Secure Application Access via Odo Security Acquisition
Research  |  9/28/2020  | 
Check Point has acquired zero-trust access specialist Odo Security, and will incorporate the OdoAccess clientless solution into the Check Point CloudGuard Connect platform.
Fundamentals of Outbound Email Security
Research  |  9/23/2020  | 
Outbound email security focuses on building in controls to offset identified risks from various insider threat scenarios, many of which have received little attention from defenders to date.
On the Radar: Nubeva Offers Innovative Approach for Encrypted Network Traffic Visibility
Research  |  9/9/2020  | 
Nubeva provides encrypted network traffic visibility to enterprises with a unique technology called Symmetric Key Intercept that rapidly harvests decryption keys.
On the Radar: Pulse Secure Delivers Zero-Trust Secure Access Service
Research  |  9/8/2020  | 
Pulse Secure is an information security vendor with a focus on secure remote access for people, devices, things, and services.
Fastly Pays $775 Million to Boost Security Services with its Signal Sciences Buy
Research  |  9/4/2020  | 
Fastly has announced the $775m acquisition of application security vendor Signal Sciences. Signal Sciences will bolster Fastlys portfolio: it will join the content delivery networks that lead with or feature AppSec capabilities.
Palo Alto Networks Adds Security Consulting and Forensics with Purchase of The Crypsis Group
Research  |  8/28/2020  | 
Palo Alto Networks intends to buy The Crypsis Group, a cybersecurity services and managed security services provider, for $265m to bolster sales opportunities and support for its Cortex XDR solutions.
On the Radar: CloudKnox Reins in Permissions to Tighten Cloud Security
Research  |  8/27/2020  | 
Enterprise cloud computing usage continues to grow and as a result so does the attack surface that adversaries can exploit.
Everything About Network Traffic Decryption is About to Change
Research  |  8/19/2020  | 
Understand encrypted traffic decryption change agents involving standards and technology, and the importance of emerging SSL/TLS decryption alternatives such as session key forwarding and encrypted traffic inference.
AWS Security Tools for Its IaaS and PaaS Environments
Research  |  8/19/2020  | 
AWS has been providing cloud computing services for over a decade and remains the clear leader in the IaaS market. Over that time, it has expanded and enhanced the security capabilities of its platform and services.
Forcepoint Hopes for Breakout Moment by Hopping on the ZTA Bandwagon
Research  |  8/13/2020  | 
The debut of Forcepoint's two-pronged zero trust access (ZTA) solution delivers much-needed competitive momentum, but it must do more to stand out against a growing field of ZTA competitors.
It's Time to Address Cybersecurity Complexity
Research  |  8/4/2020  | 
Overlapping layers of security controls and technologies have deluged enterprises with security complexity. There are four steps that organizations can take to help reduce the complexity.
Fortinet Fills its Zero Trust Access Gap with OPAQ Acquisition
Research  |  7/28/2020  | 
With newly acquired OPAQ Networks, Fortinet intends to create its own so-called Secure Access Service Edge (SASE) offering, which combines SD-WAN, network security, and zero trust access (ZTA) features and delivers them via the cloud.
Sophos Evolve 2020: Sophos Embraces Change to Pursue Growth
Research  |  7/24/2020  | 
Sophos in 2020 is taking the painful but necessary steps to reshape its business. With some key competitors struggling, the vendor believes the time is right to capitalize on a unique opportunity to accelerate its growth.
Fundamentals of Identity as a Service (IDaaS)
Research  |  7/23/2020  | 
With cloud-based identity's speed, scalability, and cost advantages, on-premises products now fall squarely in the category of legacy technology, regardless of enterprise IT infrastructure.
Fundamentals of Network Traffic Decryption and Risk Management
Research  |  7/22/2020  | 
Visibility into and inspection of inbound encrypted network traffic is essential for sound enterprise network security. Decryption approaches must soon change due to increasing cost and complexity, but alternative technologies are emerging.
Wake Up to Cyber-Espionage
Research  |  7/17/2020  | 
Cyber-espionage has hit the headlines, with APT29 accused of attempting to steal COVID-19 vaccine development information. Organizations in all sectors should not be surprised that cyber-espionage is real and must be addressed.
Integrating Risk Management with Cybersecurity to Govern Protection for Digital Assets
Research  |  7/15/2020  | 
Cybersecurity should be aligned with organizational governance. This drives the right type and level of information security governance, incorporating risk and compliance management, and can guide prioritization of resources and investments.
The DXC Xchanging Attack Shows Ransomware is Back with a Vengeance
Research  |  7/10/2020  | 
IT service provider DXC announced that its Xchanging subsidiary is facing a ransomware attack. Ransomware is again the industry's top threat vector, as the world grapples with COVID-19.
A New Opportunity to Break the 'Rule of Steve'
Research  |  7/1/2020  | 
To build the workforce, diversity must be encouraged: more women, more ethnic diversity, more neurodiversity. That requires more people from a range of groups who have the aptitude and attitude to work in cybersecurity.
On the Radar: Ermetic Provides Cloud Permissions Management
Research  |  6/30/2020  | 
Ermetic provides security for data stores, databases, and some compute instances in IaaS and PaaS.
Versa Enters the Zero-Trust Access market
Research  |  6/29/2020  | 
Software-defined wide area network (SD-WAN) vendor Versa Networks has entered an adjacent and complementary market, launching a zero-trust access (ZTA) product.
On the Radar: BotRx Offers Runtime Security for Web Applications
Research  |  6/25/2020  | 
BotRx provides a software service to protect web and mobile apps from bot attacks.
Palo Alto Networks Shifts Cloud-Based ML Features Into its NGFW Appliances
Research  |  6/24/2020  | 
Palo Alto Networks is effectively reversing a multiyear industry trend among network security vendors, itself included, by shifting functions out of the cloud and into the firewall itself to improve real-time threat detection.
DDoS Prevention Appliances Market Tracker - Update H1 2020
Research  |  6/23/2020  | 
The updated DDoS Prevention Appliances Market Tracker provides accurate data -- including market size, vendor market share, forecasts, and market trends -- to help clients make better business decisions in the DDoS appliances market.
Threat Mitigation Products Market Database - Q1 2020
Research  |  6/23/2020  | 
The latest data-only market tracker, providing a total view of the cybersecurity technology market by combining the data from three segments: Content Security Gateway Appliances, Network Security Appliances, and DDoS Prevention Appliances.
CipherCloud Remains a CASB, But Builds a SASE Ecosystem
Research  |  6/10/2020  | 
CipherCloud is a longstanding member of the cloud access security broker (CASB) sector.
On the Radar: OPAQ Offers Network- and Security-as-a-Service
Research  |  6/10/2020  | 
OPAQ offers networking and security delivered as services from its own IP backbone.
Page 1 / 2   >   >>


More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36192
PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193
PUBLISHED: 2021-01-18
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...