Synopsys has agreed to buy WhiteHat Security from NTT Security for $330 million to defend web applications in production environments in an automated, scalable fashion. WhiteHat will provide continuous security testing for hundreds or thousands of apps on live websites in a production-safe manner.
Forrester analysts Allie Mellen and Jeff Pollard discuss their new research on the analyst experience, or AX. AX involves how security analysts perceive their interactions with security products, services and processes, and Mellen and Pollard say it can improve the SOC and security analyst workflow.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management, and the CyberEdBoard is posting draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is titled "Recognize Their Attacks."
Almost all ransomware-wielding attackers accept Bitcoin for ransom payments, but many prefer Monero, thanks to the privacy-preserving coin being tougher for law enforcement officials to track. But advanced intelligence efforts to try and unmask criminal users of both Bitcoin and Monero are ongoing.
SonarSource has raised $412 million on a $4.7 billion valuation to establish a physical presence in Asia and increase its wallet share with existing customers. The company wants to open an office in Singapore and pursue opportunities in China, South Korea, Taiwan, Singapore, Japan and Australia.
In light of research saying 41% of organizations had an API security incident in the last year and 63% of the incidents involved a data breach or loss, Filip Verloy of Noname Security discusses how tighter integration of API security testing and other "shift left" strategies can mitigate breaches.
Australian software firm Atlassian has issued fixes for a critically rated vulnerability in its Jira software that could allow an unauthenticated attacker to remotely bypass authentication protections in place. Both Jira and Jira Service Management are vulnerable to this bug.
Gartner heaped praise on Synopsys for having the most complete vision and strongest execution ability around application security testing, while Checkmarx took the silver. Veracode was awarded bronze for its execution ability, while HCL Software took the bronze for completeness of vision.
Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.
Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
Marco Túlio Moraes of OITI, who is a CyberEdBoard executive member, confronts the metaphor of the cyberthreat as a bear in the forest and discusses how an organization must actively assess its environment, understand what its main risks are, and define a strategy to deal with them.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Hours after global cryptocurrency exchange Currency.com announced it was halting operations in Russia, it faced - and thwarted - a distributed denial-of-service attack. The company's founder, Viktor Prokopenya, says the firm's "servers, systems and client data remained intact and uncompromised."
Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.