Networks
The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
-
Almost Half of All Third-Party Software Components Are Outdated, Insecure
A recent Synopsys study of 128,782 software applications found that almost 50 percent of the third-party software components of those applications are more than four years old, with a more secure version of the software component available in almost every case. “Over time, vulnerabilities in third-party components are discovered and disclosed, leaving a previously secure…
-
Why Akamai Supports Let’s Encrypt
The Let’s Encrypt project has re-shaped the market for SSL/TLS certificates, providing millions of free security certificate to organization around the world. Among the many backers of Let’s Encrypt is content delivery network platform provider Akamai. In a video interview with eSecurityPlanet, Andy Ellis, Chief Security Officer at Akamai, explains why Let’s Encrypt matters and…
-
Federal Agencies Pay Cyber Security Personnel $7,000 Less Than the Private Sector
U.S. government agencies would need to increase the annual salaries of information security personnel by approximately $7,000 to equal the annual salaries of their private sector counterparts, a recent survey of 2,620 U.S. Department of Defense, federal civilian and federal contractor employees found. The survey [PDF], sponsored by (ISC)2, Booz Allen Hamilton and Alta Associates,…
-
181 Third-Party Vendors Access the Average Company’s Network Each Week
On average, 181 vendors are granted access to a company’s network in a given week, a recent Bomgar survey of 608 IT professionals found. Eighty-one percent of respondents said they’ve seen an increase in third-party vendors over the last two years, and 67 percent have already experienced a data breach that was either definitely (35…
-
Over 80 Percent of Americans Are More Worried About Privacy, Security Than a Year Ago
More than 80 percent of Americans are more concerned about their online privacy and security today than they were a year ago, a recent AnchorFree survey [PDF] of more than 2,000 Americans found. Following the recent passage of a bill allowing ISPs to collect users’ personal data without their permission, the survey found that over…
-
Lacework Emerges from Stealth with Polygraph Cloud Security
Lacework, a technology startup from Mountain View, Calif., today emerged from stealth with its Polygraph cloud workload security platform. To date, the company attracted $8 million in venture capital from Palo Alto private equity firm, Sutter Hill Ventures. The cloud-based product acts as “polygraph for data center,” Jack Kudale, president and CEO of Lacework, told…
-
Web Application Firewall (WAF) Explained
The term firewall usually refers to an application or an appliance that is designed to prevent unauthorized network access through unused TCP or UDP ports. While these types of firewalls provide general-purpose protection, many organizations use application firewalls as a way to protect specific applications. Also Read: Top Web Application Firewall (WAF) Vendors What is…
-
Cybercriminals See 95 Percent Profit from DDoS Attacks
According to a recent Kaspersky Lab report, attackers who demand a ransom in return for not launching a DDoS attack (or to call off an attack in progress) can earn thousands of dollars in bitcoins, enabling the profitability of such attacks to exceed 95 percent. “And the fact that the owners of online sites are…
-
Threat Intelligence and Analytics: Staying Ahead of Cyber Criminals
The concept of cyber threat intelligence is really not much different from other areas of the intelligence field. In national security, intelligence gathering techniques seek to detect potential situations and draw conclusions that enable people to take action before anything serious occurs. Similarly, cyber threat intelligence is only one tool in a complete security arsenal.…
-
IaaS Security: Threats and Protection Methodologies
By Maxim Sovetkin, Itransition Cloud services are becoming the main part of the infrastructure for many companies. Enterprises should pay maximum attention to security issues, moving away from typical approaches used in physical infrastructures, which are often insufficient in an atmosphere of constantly changing business requirements. Although cloud providers do all they can to…
