7 Hot Security Terms (and Buzzwords) to Know

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

tcritchley07,
User Rank: Moderator
3/8/2017 | 3:30:56 PM

Re: Cyber Terms

No, just trying to get temrmnology straight in my mind in the context of security. Thanks.

Reply | Post Message | Messages List | Start a Board

50%

T Sweeney,
User Rank: Moderator
3/8/2017 | 1:29:02 PM

Re: Cyber Terms

Correct, @tcritchkley07... I used firewalls as just one example of compartmentalization. But the term could also apply to the bucketize slide or the micro-services slide as well, which both try to create similar boundaries in the name of better security.

Was there a specific application of compartmentalization you were thinking of?

Reply | Post Message | Messages List | Start a Board

100%

tcritchley07,
User Rank: Moderator
3/8/2017 | 12:16:25 PM

Cyber Terms

Isn't compartmentalization the same as the more modern 'segmentation' of various entities, not just firewall traffic?

Reply | Post Message | Messages List | Start a Board

100%

T Sweeney,
User Rank: Moderator
3/7/2017 | 1:55:44 PM

Re: To Buzzword #7 - Compartmentalization

Thanks, stormrunner2... what Fortinet's doing seems to track closely with this intelligent segmentation trend we're seeing from various vendors and startups.

Reply | Post Message | Messages List | Start a Board

100%

storrmrunner2,
User Rank: Apprentice
3/6/2017 | 7:13:32 PM

To Buzzword #7 - Compartmentalization

Have you looked at companies like Fortinet and ISFW (Internal Segmentation Firewall) solution? They have been running at 100Gb speeds for a couple of years now. And announced a 1Tb throughput firewall in Jan-2017 (https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2017/the-worlds-first-terabit-firewall-appliance-ngfw.html).

Does this not solve the usability issue of mantaining LAN speeds with Layer-7 inspection services?

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC

Jai Vijayan, Contributing Writer, 12/6/2019

SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit

Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC, 12/5/2019

Navigating Security in the Cloud

Diya Jolly, Chief Product Officer, Okta, 12/4/2019

Live Events

Webinars

[Video] Shaping the Future of IT CIO Lightning Series - Interop19

[Video] An (Ir)rational Approach to Interoperability - Interop19

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

In Today's Age of Digital Transformation, How Does Your Firewall Measure Up?

SANS Report: Cloud Security Survey

[Dark Reading Tech Digest] Navigating the Deluge of Security Data

Network Detection and Response: Cloud Security's Missing Link

Security Automation 101: Change Management and the Complexity Gap

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "This is the last time we hire Game of Thrones Security"

Cartoon Archive

Current Issue

Navigating the Deluge of Security Data

In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Rethinking Enterprise Data Defense

Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.

Download Now!

Assessing Cybersecurity Risk in Today's Enterprise

0 comments

2019 Online Malware and Threats

0 comments

The State of IT Operations and Cybersecurity Operations

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2014-0242
PUBLISHED: 2019-12-09

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

CVE-2015-3424
PUBLISHED: 2019-12-09

SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.

CVE-2015-3425
PUBLISHED: 2019-12-09

Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.

CVE-2015-7892
PUBLISHED: 2019-12-09

Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.

CVE-2015-0841
PUBLISHED: 2019-12-09

Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]