Latest Posts

766e428d1e232bbdd58664b41346196c

Poisoning the Well: Why Malvertising is an Enterprise Security Problem

September 18, 2014 Added by:Elias Manousos

While customers won’t know or care which ad network delivered a malicious ad, they will blame the organization that owns the website or placed the ad that attacked them.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

How Many Auditors Does It Take …

September 18, 2014 Added by:PCI Guru

The title of this post sounds like the start of one of those bad jokes involving the changing of light bulbs. But this is a serious issue for all organizations because, in today’s regulatory environment, it can be a free for all of audit after audit after assessment after assessment.

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

A Fresh Approach to Building an Application Security Program

September 18, 2014 Added by:Rohit Sethi


All too often, we have seen organizations invest only in application security testing and education as the only two components of their application security programs. The net result is an expensive “patch and fix” approach that self optimizes only for the risks that scanners are able to catch.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

No Quick Fixes for Home Depot After Record Cyberattack

September 17, 2014 Added by:Patrick Oliver Graf

America’s largest home improvement retailer seems to have a repair for everything, but after news that its payment systems had been breached, Home Depot has a lot of work ahead to get its own house in order. It faces a long road as it repairs its reputation, its relationships with customers and its network security.

Comments  (5)

8b2a9c176d358811a479f771a5874c1b

3 Things To Consider When You Revisit Your Backup System

September 17, 2014 Added by:Sahba Kazerooni

When all is well, there is nothing to worry about. A poorly configured backup system, however, can make life more than a little tricky when you can’t restore your files effectively or efficiently.

Comments  (6)

Ffc4103a877b409fd8d6da8f854f617e

2014 ICS Cyber Security Conference: Register Today to Hold Your Spot

September 17, 2014 Added by:InfosecIsland News

Following a sold out event in 2013, the 2014 ICS Cyber Security Conference is expected to attract more than 250 professionals from around the world and again sell out. Attendees can register online and pay just $1895 for a full conference registration which includes 4 days AND workshops on Monday.

Comments  (4)

E313765e3bec84b2852c1c758f7244b6

The Big Three Part 3: Incident Response

September 16, 2014 Added by:Brent Huston

In this installment, we’ll discuss the importance of accompanying incident detection with an effective, well-practiced incident response plan.

Comments  (7)

457ad4752923de991424e3d0f5a6abb6

Shining a Light on Industrial Control Networks with Purpose Built Intrusion Detection Systems

September 16, 2014 Added by:Nate Kube

There are differences between industrial control systems and enterprise IT networks resulting in different security needs. To protect industrial networks, system operators must opt for an industrial next gen firewall with an IDS that fully understands industrial protocols and the specific context of each industrial command.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Cyber Security and the Electric Grid – It IS a Problem

September 15, 2014 Added by:Joe Weiss

The electric grid has been, and continues to be, susceptible to unintentional and malicious cyber incidents.

Comments  (8)

B42221fcb8abc51212416aab3b29468f

Using Network Intelligence to Turn the Table on Hackers

September 15, 2014 Added by:Greg Akers

Teams that use intelligence inherent in the network will gain insight into how cyber actors operate and how to quickly shut them down.

Comments  (0)