7 Hot Security Terms (and Buzzwords) to Know

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

tcritchley07,
User Rank: Moderator
3/8/2017 | 3:30:56 PM

Re: Cyber Terms

No, just trying to get temrmnology straight in my mind in the context of security. Thanks.

Reply | Post Message | Messages List | Start a Board

T Sweeney,
User Rank: Moderator
3/8/2017 | 1:29:02 PM

Re: Cyber Terms

Correct, @tcritchkley07... I used firewalls as just one example of compartmentalization. But the term could also apply to the bucketize slide or the micro-services slide as well, which both try to create similar boundaries in the name of better security.

Was there a specific application of compartmentalization you were thinking of?

Reply | Post Message | Messages List | Start a Board

tcritchley07,
User Rank: Moderator
3/8/2017 | 12:16:25 PM

Cyber Terms

Isn't compartmentalization the same as the more modern 'segmentation' of various entities, not just firewall traffic?

Reply | Post Message | Messages List | Start a Board

T Sweeney,
User Rank: Moderator
3/7/2017 | 1:55:44 PM

Re: To Buzzword #7 - Compartmentalization

Thanks, stormrunner2... what Fortinet's doing seems to track closely with this intelligent segmentation trend we're seeing from various vendors and startups.

Reply | Post Message | Messages List | Start a Board

storrmrunner2,
User Rank: Apprentice
3/6/2017 | 7:13:32 PM

To Buzzword #7 - Compartmentalization

Have you looked at companies like Fortinet and ISFW (Internal Segmentation Firewall) solution? They have been running at 100Gb speeds for a couple of years now. And announced a 1Tb throughput firewall in Jan-2017 (https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2017/the-worlds-first-terabit-firewall-appliance-ngfw.html).

Does this not solve the usability issue of mantaining LAN speeds with Layer-7 inspection services?

Reply | Post Message | Messages List | Start a Board

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Cybersecurity Outlook 2023 - December 13 Event

[FREE Virtual Event] The Identity Crisis

More Informa Tech Live Events

White Papers

How Machine Learning, AI & Deep Learning Improve Cybersecurity

State of Email Security

State of Ransomware Readiness: Facing the Reality Gap

How Hybrid Work Fuels Ransomware Attacks

Implementing Zero Trust In Your Enterprise: How to Get Started

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

Developing and Testing an Effective Breach Response Plan

Whether or not a data breach is a disaster for the organization depends on the security team's response and that is based on how the team developed a breach response plan beforehand and if it was thoroughly tested. Inside this report, experts share how to: -understand the technical environment, -determine what types of incidents would trigger the plan, -know which stakeholders need to be notified and how to do so, -develop steps to contain the breach, collect evidence, and initiate recovery.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Incident Readiness and Building Response Playbook

In this special report, learn the Xs and Os of any good security incident readiness and response playbook.

Download Now!

Battle for the Endpoint

0 comments

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2022-38336
PUBLISHED: 2022-12-06

An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.

CVE-2022-38337
PUBLISHED: 2022-12-06

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.

CVE-2022-40918
PUBLISHED: 2022-12-06

Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.b...

CVE-2022-4173
PUBLISHED: 2022-12-06

A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.

CVE-2022-44009
PUBLISHED: 2022-12-06

Improper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to access K/V pairs of other users, potentially leading to the exposure of sensitive Information.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]