informa

Vulnerability Management

Paving the Road to Zero Trust With Adaptive Authentication
A gradual transition to a world beyond passwords predisposes zero-trust projects to success.
November 29, 2021
A gradual transition to a world beyond passwords predisposes zero-trust projects to success.
by Eric Olden, CEO, Strata Identity
November 29, 2021
4 min read
Article
Zero Trust: An Answer to the Ransomware Menace?
Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.
November 19, 2021
Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.
by Steve Durbin, CEO of the Information Security Forum
November 19, 2021
5 min read
Article
Addressing the Low-Code Security Elephant in the Room
The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications.
November 18, 2021
The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications.
by Michael Bargury, CTO & Co-Founder, Zenity
November 18, 2021
8 min read
Article
Swarm Intelligence May Be Just the Ticket for Improved Network & Device Security
Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders.
November 18, 2021
Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders.
by Morey Haber, CTO and CISO, BeyondTrust
November 18, 2021
5 min read
Article
How to Navigate the Mitigation of Deepfakes
Deepfakes are already several steps ahead of the technology that can detect and warn us about them.
November 17, 2021
Deepfakes are already several steps ahead of the technology that can detect and warn us about them.
by Etay Maor, Sr. Director Security Strategy at Cato Networks
November 17, 2021
5 min read
Article
Navigating the Complexity of Today's Digital Supply Chain
An efficient way to monitor security is to model user behavior using time series data and watching for anomalies.
November 16, 2021
An efficient way to monitor security is to model user behavior using time series data and watching for anomalies.
by Peter Albert, CISO at InfluxData
November 16, 2021
5 min read
Article
The Troubling Rise of Initial Access Brokers
Criminal groups are ramping up use of IABs to get access to networks without having to deal with the initial reconnaissance and intrusion phases.
November 15, 2021
Criminal groups are ramping up use of IABs to get access to networks without having to deal with the initial reconnaissance and intrusion phases.
by Jai Vijayan, Contributing Writer
November 15, 2021
5 min read
Article
How Visibility Became the Lifeblood of SecOps and Business Success
The best way to succeed in long-term cybersecurity is to invest in visibility because you can't protect or defend against what you can't see.
November 15, 2021
The best way to succeed in long-term cybersecurity is to invest in visibility because you can't protect or defend against what you can't see.
by PJ Kirner, CTO & Founder, Illumio
November 15, 2021
4 min read
Article
Open Source Project Aims to Detect Living-Off-the-Land Attacks
The machine learning classifier from Adobe can determine whether system commands are malicious and classify them using a variety of tags useful for security analysts.
November 12, 2021
The machine learning classifier from Adobe can determine whether system commands are malicious and classify them using a variety of tags useful for security analysts.
by Robert Lemos, Contributing Writer
November 12, 2021
4 min read
Article
'Lyceum' Threat Group Broadens Focus to ISPs
New report suggests attacker is targeting trusted supply chain companies in order to compromise large numbers of downstream customers.
November 11, 2021
New report suggests attacker is targeting trusted supply chain companies in order to compromise large numbers of downstream customers.
by Jai Vijayan, Contributing Writer
November 11, 2021
4 min read
Article
Google Open Sources ClusterFuzzLite
ClusterFuzzLite is a stripped-down version of continuous fuzzing tool ClusterFuzz that integrates CI tools.
November 11, 2021
ClusterFuzzLite is a stripped-down version of continuous fuzzing tool ClusterFuzz that integrates CI tools.
by Dark Reading Staff, Dark Reading
November 11, 2021
2 min read
Article
Should Our Security Controls Be More Like North Korea or Norway?
When the drive for additional visibility and awareness is led by the business rather than just a SOC team, both the business and security can benefit.
November 11, 2021
When the drive for additional visibility and awareness is led by the business rather than just a SOC team, both the business and security can benefit.
by Sounil Yu, CISO and Head of Research of JupiterOne
November 11, 2021
5 min read
Article
Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months
Russian-speaking "Void Balaur" group's victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.
November 10, 2021
Russian-speaking "Void Balaur" group's victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.
by Jai Vijayan, Contributing Writer
November 10, 2021
6 min read
Article
Defining the Hierarchy of Value in Cyber Intelligence
One size won't fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.
November 10, 2021
One size won't fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.
by Adam Darrah, Director of Threat Intelligence Services, ZeroFox
November 10, 2021
5 min read
Article
Microsoft Fixes Exchange Server Zero-Day
November security update contains patches for 55 bugs — including six zero-days across various products.
November 09, 2021
November security update contains patches for 55 bugs — including six zero-days across various products.
by Jai Vijayan, Contributing Writer
November 09, 2021
4 min read
Article