Clik here to view.
Containers, Virtualization, and Rugged DevOps
“When we’re looking at taking a containerized workload, one of the challenges with it is you lose a lot of the visibility when you’re running at scale in a virtualized environment,” said Robbie Jerrom...
View ArticleClik here to view.
Using Security Metrics to Drive Action
All CISOs should track metrics to support their security programs. Security metrics are crucial to decision making, budgets and executive reporting. But what should be tracked besides the total number...
View ArticleClik here to view.
Get Fit: Remove Security Weaknesses
Practicing preventive measures is just as important for security as it is for personal health. Identifying weaknesses and building strength should be your MO when building a security program for your...
View ArticleClik here to view.
Aligning Operations: IT – Business – Security
Most modern organizations support separate IT, security and business divisions, driven by their own departmental goals, objectives, and priorities. With so much at stake, how do you get IT, Development...
View ArticleClik here to view.
Four Trending Security Issues to Watch
At Black Hat 2015, one of the people I interviewed said the best way we can be smarter about security is to learn from the people who are already smart in security. It’s wise advice and that's why I...
View ArticleClik here to view.
The Good and Bad of Unlimited Policies for a Micro-Segmented Data Center
“Think about an M&M. Once you’re in that M&M, you kind of get wherever you want. With the data center it’s similar. Virtual desktop is in, and now you have free run of the place,” said Aaron...
View ArticleClik here to view.
Identifying Vulnerable Entry Points
Recent analyst predictions are anticipating significant increases in the amount of corporate data bypassing perimeter security and flowing between mobile devices and the cloud. In the new IT landscape,...
View ArticleClik here to view.
Why is Endpoint Security Failing?
With the proliferation of cloud, mobility and BYOD, endpoint protection is front and center in security departments these days. Focusing on threat detection is important, but eliminating weaknesses...
View ArticleClik here to view.
The Average CISO Tenure is 17 Months—Don’t be a Statistic!
CISOs are busier than ever answering questions from executives and senior management about the latest breaches and their own security programs. With the average tenure of a CISO trending around 17...
View ArticleClik here to view.
Buyer Beware: How to Avoid Getting Sucked into Shelfware
Buying expensive and sophisticated security technology is a real challenge. Vendors will advise you on technology that is best suited for a particular situation, but they are also just trying to sell...
View ArticleClik here to view.
Is Your Vulnerability Management Scalable?
Businesses are not stagnant, and expansion can create growing pains for IT infrastructures. More IT assets and more potential vulnerabilities can strain your vulnerability management program.Just how...
View ArticleClik here to view.
Three Steps to Knowing Your Network
Security teams often lack accurate knowledge of assets on their networks. In particular, ignorance about laptops, BYODs, services, and SaaS applications can pose significant security risks. Unmanaged...
View ArticleClik here to view.
Putting the Cloud to Work in Vulnerability Management
When shopping for a cloud-based vulnerability management (VM) solution, not all cloud environments are equal. While cost savings are a big draw, several significant features can help you achieve the...
View ArticleClik here to view.
Getting Started With Security Metrics
In Getting Started With Security Metrics, Marcus Ranum contends that metrics are the language of business, the primary means of communicating your security posture to executives. Metrics must tell a...
View ArticleClik here to view.
How XcodeGhost Broke our Trust in Whitelists
There has been a lot of press coverage concerning the discovery of the XcodeGhost malware that affects iOS 9 and other Apple systems. This infection has caused 400 apps to be pulled from the Apple App...
View ArticleClik here to view.
The Vulnerability Disclosure Debate
Here we go again, but this time it will be differentFor many of us in the information security industry, the vulnerability disclosure debate is old and tired. I’ve been dealing with this myself going...
View ArticleClik here to view.
System Misconfigurations Can Put Your Data at Risk
While many organizations focus on their vulnerability management programs to find critical vulnerabilities like the highly-publicized Shellshock, Poodle and Ghost, it’s equally important to validate...
View ArticleClik here to view.
What Distinguishes Vulnerability Management Solutions?
Selecting a good vulnerability management solution is a balancing act. You need to consider a whole history of vulnerabilities, emerging technologies, and evolving attack vectors. How can you best...
View ArticleClik here to view.
Cloud-based Security Solutions: Leveraging Expertise
In the past, many organizations avoided cloud-based applications simply because they felt that the cloud was less secure than their own facilities. But today, more and more companies are turning to the...
View ArticleClik here to view.
Cloud: An Opportunity to Redesign How You Do IT
Many IT professionals think that moving applications to the cloud is an opportunity to save money. While the cloud may or may not save you money and provide efficiencies, what the cloud really offers...
View Article