ControlScan Enlarges Its Security, Compliance Mandate With Managed Services

Marc Punzirudu, VP of Security consulting services for ControlScan talks with Dark Reading and reveals research showing barely one-third of organizations can perform ad-hoc monitoring as needed, and why that number is so low.

Sophos Boosts Threat Hunting, Managed Detection and Response Capabilities:

JJ Thompson, senior director of managed threat response for Sophos digs deep into how organizations can start to make sense of the seemingly unlimited data that’s available from endpoints, cloud, and on-premises networks. And that's a critical capability as attacker behaviors start to change.   

eSentire: Why Managed Detection and Response Deserves a Fresh Look

Mark Sangster, VP and industry security strategist for eSentire, discusses how managed detection and response (MDR) is different from traditional managed security services, as well as how MDR is redefining the cybersecurity industry. Sangster also outlines what customers should look for in their endpoint security implementations.

CyCognito Takes on Elimination of 'Shadow Risk' to Improve Security

While current vulnerability and threat management techniques historically have performed well, they're less robust, given how networks and data operate now, according to Rob Gurzeev, CEO and co-founder of CyCognito. He proposes something called "shadow risk elimination," along with reconnaissance, automation, and other innovations for better protection.       

Tufin: How to Make Better Sense of the Cloud Security Equation

CEO Reuven Harrison examines how cloud services have changed how enterprises manage their apps and data, and also offers some tips for security pros tasked with managing either hybrid- or multi-cloud implementations. Harrison also takes on Kubernetes and container security in this News Desk interview.

Unisys Talks ID Management, Container Security, and C-Suite Disconnects

End-users struggle to improve their security posture and reduce their cyber risk and exposure, explains Vishal Gupta, senior VP of technology, and CTO, for Unisys. He also discusses identity management necessities, how to better protect Kubernetes deployments, and ways to foster more productive conversation among IT execs and rest of the C-suite.   

New 'Perimeter' Requires Fresh Security Approach, Onapsis Says

The advent of mobility, cloud, and different ways of securing business-critical apps has given rise to the idea that "The perimeter is where the data is," posits Jason Fruge, VP of business application cybersecurity for Onapsis. As a former CISO himself, he describes how this new reality impacts customers' security planning and execution.

Elastic Security Makes Case For Blending 'Human Element,' Election Security

Nate Fick, general manager of Elastic and former CEO of Endgame, talks about the impact of AI and machine learning on security professionals, and what technologies can be tapped to improve security in the runup to November's US presidential election.

Corelight: Threat Hunting Adds Proactive Element to Security Strategy

Wider use of encryption along with the rise of cloud services has prompted SOC personnel to consider threat hunting to get ahead of the security curve, according to Brian Dye, chief product officer for Corelight. He offers tips for organizations looking to create or refine a threat hunting program, as well as important metrics to include.

SafeBreach Touts 'Breach Attack and Simulation' to Improve Security Posture

Yotam Ben Ezra, VP of products for SafeBreach, deconstructs why penetration testing and vulnerability scanning aren't as robust as a new a technique his company calls breach attack and simulation. These comprehensive simulated attacks also generate granular reports that in turn help security managers make better decisions, Ben Ezra adds.

DivvyCloud: No Need to Choose Between Innovation and Security

CEO and Co-Founder Brian Johnson peels back the layers on cloud security. He rejects the notion that customers have to pick between better security or innovative technology, and explains why customers should reject the false dichotomy as well. Johnson also spells out what he believes are the three pillars of effective cloud security.

Splunk Seeks to Bolster Security Management with New Products

Haiyan Song and Oliver Friedrichs from Splunk detail why their new Data-to-Everything platform and Mission Control product help improve an organization's security. They also talk about original research that found nearly half of all business leaders still rely on their gut for decision-making, and why that's problematic for security management.

Gigamon: Zero-Trust the Result of Porous Networks, Relentless Attacks

Shehzad Merchant, CTO of Gigamon, explains the prominence of the Zero-Trust security strategy, including what it is – and isn't. He also discusses the role of analytics in a Zero-Trust implementation as well as what new adopters can expect over time after they deploy the technology.

Cisco's Security Rx: Reduce Complexity in the Security Operations Center

"Security's worst enemy is complexity," according to Jeff Reed, senior VP, Cisco Security Business Group, and along with ESG analyst Jon Oltsik, they discuss how security professionals can tap the power of analytics and automation to simplify their working lives. The goal, according to Reed and Oltsik, is to transform security management to a more proactive approach.

Cisco Survey: Top CISO Complaint Is Dealing with Complexity

Complexity in SOC isn't just creating headaches for security professionals – it's also fostering an epidemic of burnout, according to J. Wolfgang Goerlich, Cisco's advisory CISO. He also describes other findings of recent original research that uncovered which KPIs are most commonly used, as well as how effective spending gets measured.

Next-Gen SOC Is On Its Way and Here's What It Should Contain

The next-gen SOC starts with the next-gen SIEM, and Jason Mical of Devo Technology and Kevin Golas from OpenText talk about what capabilities are required, including threat hunting and greater automation, and how security professionals should exploit the tools.

LogMeIn Pioneers Security Beyond the Troublesome Password

John Bennett, senior VP and general manager of LogMeIn's identity and access management unit, discusses identity management, including Identity-as-a-Service (IaaS), as well as a new "passwordless" login experience for business users. He also suggests ways to better educate users on multi-factor versus second-factor authentication methods.

Synopsys Aims to Boost Security of Software Development Processes

It's no surprise that most software developers aren't security experts, but they still have plenty of incentive to bring better security practices to the code they write, says Patrick Carey, senior director of product marketing at Synopsys. He describes what developers are looking for and how application security testing is shifting "left.”

Altitude Looks to Improve Security of Cloud Services, Apps, and Data

Though companies have readily embraced cloud and software-as-a-service (SaaS), they're still struggling with cloud security, according to Michael Coates, CEO and co-Founder of Altitude Networks. Coates, a former CISO for Twitter, also explains how companies can avoid the challenge of balancing user productivity with securing sensitive company data.

Illumio Connects Zero-Trust and Human Element with Security Management

Andrew Rubin, CEO and co-founder of Illumio, examines the basics and essentials of Zero-Trust security, including its origins and whether it's appropriate for all type of organizations. Rubin also considers the role of the ongoing challenge of insider threats and how customers can strengthen their defenses.

Related Content: