Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Ofer Amitai

CEO, Portnox

News & Commentary Posts: 2

Ofer Amitai is CEO and co-founder of Portnox, where he is responsible for day-to-day operations and setting the company's strategic direction. He has over 20 years' experience in network security, during which time he established the first IT security team in the Israeli Air Force, managed the security division at Xpert Integrated Systems, and served as Microsoft regional director of security, Ofer is a proven innovator and thought leader in network security. He holds a B.Sc. in Computer Science.

Articles by Ofer Amitai

View Content By Month

The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter

1/17/2019
The network no longer provides an air gap against external threats, but access devices can take up the slack.
Post a Comment

Kill Chain & the Internet of Things

4/20/2017
IoT “things” such as security cameras, smart thermostats and wearables are particularly easy targets for kill chain intruders, but a layered approach to security can help thwart an attack.
Post a Comment

Hot Topics

Editors' Choice

High Stress Levels Impacting CISOs Physically, Mentally

Jai Vijayan, Freelance writer, 2/14/2019

Valentine's Emails Laced with Gandcrab Ransomware

Kelly Sheridan, Staff Editor, Dark Reading, 2/14/2019

New Free Tool Scans for Chrome Extension Safety

Dark Reading Staff 2/21/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

Want to Stay In Front of Breaches? Train Like The Marines.

451 Research: Network Traffic Analysis Opens the Eyes of the SOC

7 Habits of Highly Effective Security Teams

Enhanced Data Protection Against Insider Threats

More White Papers

Video

All Videos

Cartoon

Latest Comment: We won't cut you loose as long as you don't slow us down!

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-1944
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-For...

CVE-2018-1945
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click act...

CVE-2018-1946
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the stronges...

CVE-2018-1947
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...

CVE-2018-1948
PUBLISHED: 2019-02-21

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]