Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Raffael Marty

VP Security Analytics, Sophos

News & Commentary Posts: 2

Raffael Marty is vice president of security analytics at Sophos. He is one of the world's most recognized authorities on security data analytics, big data and visualization. Previously, Marty launched pixlcloud, a visual analytics platform, and Loggly, a cloud-based log management solution. With a track record at companies including IBM Research, ArcSight, and Splunk, he is thoroughly familiar with established practices and emerging trends in the big data and security analytics space. Marty is the author of Applied Security Visualization and a frequent speaker at academic and industry events. Zen meditation has become an important part of Raffy's life, sometimes leading to insights not in data but in life.

Articles by Raffael Marty

View Content By Month

AI in Cybersecurity: Where We Stand & Where We Need to Go

1/11/2018
How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.
Post a Comment

Creating Your Own Threat Intel Through ‘Hunting’ & Visualization

7/9/2015
How security analysts armed with a visual interface can use data science to find hidden attacks and the ‘unknown unknowns.’
Post a Comment

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 6/5/2020

How AI and Automation Can Help Bridge the Cybersecurity Talent Gap

Peter Barker, Chief Product Officer at ForgeRock, 6/1/2020

Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic

Kelly Jackson Higgins, Executive Editor at Dark Reading, 6/2/2020

Webinars

Enabling a Smooth DX Transformation in the Post-Pandemic New Tomorrow

[Free Virtual Event] Using Microsoft in 2020 & Beyond

Don't Miss this Dark Reading Virtual Event on Critical Data Breaches

Webinar Archives

White Papers

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

Today's Non-Employee Lifecycle Management Without SecZetta

Case Study: Validating Security & Reducing Risk

How to Select Rack-Mount Power Distribution Units (PDUs) and Power Strips

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: What? IT said I needed virus protection!

Cartoon Archive

Current Issue

How Cybersecurity Incident Response Programs Work (and Why Some Don't)

This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Endpoint Security: How Enterprises Are Managing Endpoint Security Threats

Download this report to find out what organizations are doing to secure their endpoints and to protect themselves against malware, hackers, and social engineering attacks.

Download Now!

State of Cybersecurity Incident Response

0 comments

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-13881
PUBLISHED: 2020-06-06

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

CVE-2020-13883
PUBLISHED: 2020-06-06

In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.

CVE-2020-13871
PUBLISHED: 2020-06-06

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

CVE-2020-13864
PUBLISHED: 2020-06-05

The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.

CVE-2020-13865
PUBLISHED: 2020-06-05

The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]