• Fixing the broken windows of software security

    Education changes the culture and guides developers toward an understanding that security should be an inherent attribute of all software they produce. This cultural shift is significant because, within an organization and globally, developers set standards for other developers. They also educate newcomers, reducing the need for education over time.

  • Automation is the key to successful policy implementation

    Organizations today are facing increased pressure to collect and store massive amounts of data. Regulatory guidelines, storage costs, and the promise of Big Data have encouraged and allowed this growth. With this explosion of data collection and the influx of information flooding inboxes, enterprise collaboration systems, and interactive gateways, previously effective approaches to monitoring and regulation of electronic data are becoming impractical. With data everywhere, people, processes, education and automation become more critical to the successful implementation of a compliance program.

  • Explaining infosec magic to kids

    Magic! It’s the basis for countless children’s stories filled with adventure and excitement. It’s also how many kids think cyberspace works. There’s nothing like seeing our child’s reaction when the slight of a magician’s hand produces marvelous results. However, as cyber professionals we know the Internet is no illusion. A technical understanding of their digital lives is a crucial life lesson for today’s young generation.

  • Think before you share that file

    Various file-sync-and-share providers have made headlines for their inadvertent data leaks. These events shine a light on some of these file-sync-and-share services’ shortcomings and beg the question of whether enterprises should be allowing such services in their business operations at all.

  • What all major brands share in common with the Snappening

    By now we have all heard about “The Snappening”—hyped as a high-profile data breach involving the photo-sharing application Snapchat. Virtually every news outlet on the web is writing about it.

    The vague, inconsistent, and unconfirmable information surrounding the Snappening caught our interest. We decided to dig in and see if we could shed light on this confusing, media-hyped event. We discovered this is not much different from the threats that all major brand presences face online, today.

  • The Software Assurance Marketplace: A response to a challenging problem

    The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has recognized how critical the state of software security is to the DHS mission. The SoftWare Assurance MarketPlace (SWAMP) is DHS S&T’s response to build the solutions needed to better protect the nation and improve the quality of software that powers our critical infrastructure and Internet communities.

    The SWAMP is a free, online, open-source, collaborative research and development environment that provides a host of software analysis resources, assessment services and software assurance capabilities to software developers, tool developers and software researchers. These resources, services and capabilities were designed to assist software developers in vetting their software code for weaknesses.

  • How security-wary retailers can prepare for the holiday season

    Retailers are beside themselves with worry as the spate of data breaches among them continues. With Black Friday approaching, what can retailers still do to protect themselves from these cybercrooks?

    While it may be too late for retailers to do anything major with their IT platform, network and infrastructure to protect them substantially from this year’s anticipated denial of service (DoS) attacks, there are some actions IT teams can take.

  • Detecting cyber attacks in a mobile and BYOD organization

    Many organizations understand that traditional perimeter security defenses are not effective at identifying attacks on mobile devices. This application note sets out to explore the challenges, understand the needs, evaluate mobile device management as an approach to detecting attacks and offer a flexible and high efficacy solution for detecting any phase of an ongoing attack on mobile devices regardless of device type, operating system or applications installed.

  • Identifying deceptive behavior in user-generated content

    In this interview, JT Buser, Manager of Authenticity and Fraud at Bazaarvoice, talks about challenges involved in identifying deceptive behavior in user-generated content as well as interesting techniques he's seen scammers use.

    Bazaarvoice is a network that connects brands and retailers to the people. Each month, more than 500 million people view and share opinions, questions and experiences tens of millions of products in the Bazaarvoice network.

  • Twenty five years of firewall innovation

    When the internet was first launched on a mass scale back in the late 80s, it is understandable that the technology industry got more than a little excited – the way we communicate and thus the entire world around us was being changed for good. But there was one problem: the internet was not designed with security in mind.

    It was not long of course, before criminal minded people took advantage of this oversight and the first internet virus was circulated in 1988. Thankfully the security industry was hot on their tails, launching the first firewall in 1989. And thus began the ongoing battle between security experts and cyber hackers that has continued over the last 25 years.

Videos      Podcasts


Fighting malware, emerging threats and AI

Posted on 24 November 2014.  |  Liran Tancman is the CEO of CyActive, a predictive cyber security company. In this interview he talks about fighting malware, emerging threats, artificial intelligence and the cloud.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Nov 25th