• What is the cyber kill chain?
    on December 12, 2017 at 10:33 pm

    Concerned about your network defense? Watch this short video to learn the 7 stages of the cyber kill chain, a framework created by Lockheed Martin to outline the phases of a targeted cyberattack. […]

  • Office 365 phishing examples | Salted Hash Ep 10
    on December 4, 2017 at 2:00 pm

    Salted Hash looks at recent Office 365 phishing examples, discussing why they work and what can be done about them. […]

  • What’s new in PHP 7.2: better security, code handling
    by Paul Krill on December 1, 2017 at 11:00 am

    PHP 7.2, the latest version of the popular server-side web development language, has numerous features and fixes.The November 30, 2017, release is the second feature update to the PHP 7 series. PHP 7.0 debuted in December 2015 to much fanfare, with the upgrade offering double the performance of […]

  • Tech Talk: Uber hack, Google tracks, AWS packs (in China) ... and Firefox is back
    on November 29, 2017 at 8:00 pm

    Our tech panel looks at how Uber (secretly) handled last year's hack and the controversy around Google's decision to track Android users' locations. Then it's time to discuss why AWS is selling off hardware in China and what Mozilla is up to with its new Firefox Quantum. […]

  • What keeps IT administrators up at night? Ransomware, for one | Salted Hash Ep 8
    on November 27, 2017 at 2:30 pm

    A solid backup policy and frequent awareness training can reduce the risk of ransomware, but unintentional breaches by insiders are still a worry for administrators. Watch as Steve Ragan and Michael Nadeau talk security strategy. […]

  • Matrix Banker malware spreads to multiple industries | Salted Hash Ep 7
    on November 20, 2017 at 2:00 pm

    The Matrix Banker malware, first found in Latin America, is now gaining a foothold in diversified targets. Steve Ragan breaks down the threat with Justin Fier, director for cyber intelligence and analysis at Darktrace. […]

  • 11% off August Smart Lock Pro With Connect Bundle - Deal Alert
    by DealPost Team on November 15, 2017 at 2:46 pm

    With August Smart Lock Pro, you can lock and unlock your door, control keyless access, and keep track of who comes and goes, all from your phone. The 24/7 activity log means you’re always in the know. With your phone in your pocket, simply open the door and you’re in your home. Heading […]

  • IDG Contributor Network: KPIs for managing and optimizing devsecops success
    by Amir Jerbi on November 13, 2017 at 8:10 pm

    Back in 2012, in a report called “DevOpsSec: Creating the Agile Triangle,” Gartner identified the need for information security professionals to become actively involved in devops initiatives. Five years and more than 24 billion Docker image pulls later, that need is now a full-blown […]

  • Ransomware marketplaces and the future of malware | Salted Hash Ep 6
    on November 13, 2017 at 12:00 pm

    Would you give up a customer's data or credentials if that was the demand in a ransomware attack? That's just one of the nightmare scenarios that Steve Ragan and Rick McElroy talk about on this week's episode. […]

  • 15% off APC 11-Outlet Surge Protector with USB Charging Ports and SurgeArrest - Deal Alert
    by DealPost Team on November 8, 2017 at 1:35 pm

    Be it a lightning strike that destroys a home entertainment center or consistently fluctuating power that degrades the performance and shortens the life of your electronics – surges, lightning, and other power disturbances can have a devastating impact on the valuable electronics you rely on […]

  • Google can read your corporate data. Are you OK with that?
    by David Linthicum on November 3, 2017 at 10:00 am

    On Halloween, Google told its Google G Suite users that “this morning, we made a code push that incorrectly flagged a small percentage of Google Docs as abusive, which caused those documents to be automatically blocked. A fix is in place and all users should have full access to their […]

  • 4 extra-strength container security tools for Docker and Kubernetes
    by Serdar Yegulalp on October 25, 2017 at 10:00 am

    Docker-style containers aren’t just a way to deploy software more quickly or flexibly. They can also be a way to make software more secure. Automatic analysis of the software components that go into containers, behavioral policies that span container clusters and multiple application […]

  • What is blockchain? Get up to speed with this video primer
    on October 19, 2017 at 5:00 am

    Get up to speed quickly on the potential use cases for blockchain technology, in industries such as healthcare, with Esmond Kane, deputy CISO at Partners Healthcare. […]

  • 48% off Kidde Carbon Monoxide Alarm with Display and 10 Year Battery - Deal Alert
    by DealPost Team on October 18, 2017 at 1:32 pm

    Carbon Monoxide is odorless, tasteless and invisible, and it accounts for over 72,000 cases of poisoning each year. Kidde calls their C3010D model "worry free" because its sensor and sealed battery provide 10 years of uninterrupted CO detection, and a digital display that updates every 15 […]

  • How containers and microservices change security
    by Wei Lien Dang on October 18, 2017 at 10:00 am

    Wei Lien Dang is VP of product at StackRox.Today organizations large and small are exploring the adoption of cloud-native software technologies. “Cloud-native” refers to an approach that packages software within standardized units called containers, arranges those units into […]

  • 4 old malware threats still haunting business today
    on October 18, 2017 at 4:00 am

    From Conficker to Zeus, these four malware threats continue to impact enterprises today. Watch this short video to learn where they're still lurking. […]

  • Devsecops: Add security to complete your devops process
    by David Linthicum on October 17, 2017 at 10:00 am

    As seen in a recent DigiCert report, an overwhelming majority of companies believe that an integrated security and devops team makes sense. In fact, 98 percent of survey 300 US respondents (a third from IT or security) are either planning to or have already launched such an effort.This is good, if […]

  • Learn the ins and outs of Europe's General Data Protection Regulation (GDPR)
    on October 16, 2017 at 5:00 am

    Look ahead to Europe's rollout of the the General Data Protection Regulation in May 2018, and its expected impact on data handling, with expert insights from Gary Southwell, vice president and general manager, products division, at CSPI. […]

  • What is Grafeas? Better auditing for containers
    by Serdar Yegulalp on October 13, 2017 at 10:00 am

    The software we run has never been more difficult to vouchsafe than it is today. It is scattered between local deployments and cloud services, built with open source components that aren’t always a known quantity, and delivered on a fast-moving schedule, making it a challenge to guarantee […]

  • Centralized security in the cloud is the best security model
    by David Linthicum on October 13, 2017 at 10:00 am

    It’s 6:00 a.m. on a Monday morning. You get an automated text from your security systems that a DDOS attack was attempted, but new security policies downloaded several hours earlier proactively protected the systems from the attacking IP address. All is well. The alternative is not […]

  • Bossie Awards 2017: The best networking and security software
    by Fahmida Y. Rashid, Victor R. Garza on September 27, 2017 at 10:00 am

    The best open source networking and security softwareImage by IDGWe seem to be witnessing a renaissance in open source security. Security projects swarmed the Bossies last year, and the hits kept coming in 2017. Along with the many cool tools for security pros, our winners include software that […]

  • Bossies 2017: The Best of Open Source Software Awards
    by Doug Dineley on September 27, 2017 at 10:00 am

    Open source software isn’t what it used to be. The term used to conjure images of the lone developer, working into the night and through weekends, banging out line after line of code to scratch a personal itch or realize a personal vision. But with each passing year—and every new survey […]

  • Manage access control using Redis Bitfields
    by Kyle J. Davis on September 20, 2017 at 10:00 am

    Kyle Davis is the technical marketing manager at Redis Labs.One of the hardest parts about writing a user-facing app or service is controlling access to resources. Decisions about access control are some of the earliest to be made and can make or break an entire platform. It’s usually a […]

  • Safer but not immune: Cloud lessons from the Equifax breach
    by David Linthicum on September 19, 2017 at 10:00 am

    I’ve stopped covering breaches. First, because clouds are nowhere to be found among them. (The focus of this blog is advice to enterprises that are moving, or have moved, to cloud computing.) Second, because it just seems like piling on a company that’s already in distress.However, […]

  • IDG Contributor Network: From equanimity to Equifax
    by Lev Lesokhin on September 18, 2017 at 3:15 pm

    Here we go again. Another terrifying breach of data, of trust, and more concretely, of a mission-critical application that manages sensitive data. Attorneys general, Congress, the FBI, the Associated Press, the intergalactic cyber task force, and everyone else are now investigating what went wrong […]

  • Ransomware: What you need to know now | Salted Hash Ep 1, Pt 4
    on September 6, 2017 at 5:00 am

    Reporters Fahmida Rashid and Steve Ragan talk about the latest ransomware threats, the holes in IT security and the burdens on enterprises. […]

  • What to do if your public cloud is hacked
    by David Linthicum on August 29, 2017 at 10:00 am

    It’s never good news when your workloads, data, or both get hacked in a public cloud. Fortunately, it’s something that rarely occurs. But as workloads and data sets on the public clouds become more numerous, such a hack could occur.The best way to recover from an attack, aka a hack, is […]

  • OpenJDK may tackle Java security gaps with secretive group
    by Paul Krill on August 25, 2017 at 5:12 pm

    To shore up Java’s security, a private group that operates outside the normal open source community process is under consideration.The proposed OpenJDK (Java Development Kit) Vulnerability Group would provide a secure, private forum in which trusted members of the community receive […]

  • IDG Contributor Network: Winter is coming. Protect your content kingdom
    by Isabelle Guis on August 22, 2017 at 8:12 pm

    Like many of my high-tech colleagues I am an avid Game of Thrones viewer. However, its appeal is much broader. The series is set in a historical fictional medieval world made of seven kingdoms, all struggling for power in a tense battle between good and evil. No character is safe, and this […]

  • 31% off WD 4TB My Passport Portable External USB 3.0 Hard Drive - Deal Alert
    by DealPost Team on August 16, 2017 at 1:26 pm

    Safely store massive amounts of photos, videos and music with this 4TB external drive from WD. It comes equipped with WD Backup software so you can automatically back up photos, videos, music and documents on your preferred schedule. And built-in 256-bit AES hardware encryption with WD […]