Microsoft Releases Patch for Zero Day Flaw
Microsoft released an out-of-band patch today for an Internet Explorer zero-day flaw, which was already being exploited in the wild. Surprisingly, Microsoft opted to release a patch for Windows XP,…
Archived Articles
Back to Vendor Listings4 Warning Signs Your Pentester Isn’t “Getting It”
When it comes to penetration testing, it’s a fact that many organizations will engage third party consultants to perform the service. The reasons why this is so aren’t hard to…
Browsing Security. Again. Major Vulnerability in IE.
Here we go again. A major zero day vulnerability in a widely deployed application, Internet Explorer, has been discovered. The usual cycle of discovery-disclosure-patch-announcement-exploitation has bee reversed this time. FireEye…
Putting Breaches in Perspective
Last year SafeNet sponsored my work on a project to develop the Breach Level Index (BLI). The BLI is designed to provide a simple way to input publicly disclosed information on…
White House Statement on Heartbleed Bug Misses the Mark
This week the White House felt the need to formalize statements the President has made on responsible disclosure. They did so through a blog post penned by Michael Daniel, Special Assistant…
Norse Exposes Dark Intelligence
This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors…
IT Forensics in Real Time
In an ideal world threat intelligence should prevent IT security incidents from occurring in the first place; however, in reality incidents are inevitable, often with associated data breaches. Post-event clear…
Active Threat Protection: The Future of Managed Security Services
This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors…
New RedSeal CEO Breathes New Life into Company
This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors…
Cisco Launches Managed Threat Defense Service
The very best security teams I have worked with engage in continuous network monitoring and analysis. They capture downloaded executables and detonate them in sandboxed environments to extract key indicators…