Security Management

Security Management news, information, and how-to advice

Frustrated man with head on computer
Anit Yoran

Surveys: Employees at fault in majority of breaches

Human error is a significant factor in the majority of data breaches

U.S. government wants HTTPS on its publicly accessible sites within two years

New sites set up by government agencies will be required to implement HTTPS

pci security compliance

Security testing compliance down from last year

Verizon report shows compliance rates between audits increased substantially across all PCI DSS requirements -- except for security testing

fish surprise shock cartoon

Lenovo: 'We were as surprised as you'

In an exclusive interview, Lenovo's Mark Cohen explains how the Superfish debacle went down. Is this the beginning of the end of shoddy software bundling practices?

Amazon offers troubleshooting tool to Web services users

For a couple of dollars per month, Amazon adds better tracking of configuration changes

What the cloud can learn from the data-breach epidemic

Anthem joins the likes of Sony and Home Depot in the data-center hack parade, but cloud fans shouldn't get too smug

software patch stock image

Gap between perception and reality of cyber threats widened in 2015

There is a widening gap between what security executives believe to be true and the reality of cyber threats,

free advice cyclists outdoors people

The best computer security advice you'll get

The world is awash in bad security advice that distracts from addressing the real threats. Here's what you really need to know

010515 utm 1

CheckPoint, Watchguard earn top spots in UTM shoot-out

UTM appliances for small-business security are getting smaller, more powerful, and richer in features

Binary bomb with a lit fuse code developer security programming

Developers must follow security rules, too

The role of the developer has risen in importance in many organizations, so it's high time to ensure developers take security seriously

Exploits for dangerous network time protocol vulnerabilities can compromise systems

Systems administrators are urged to install critical patches that address remote code execution flaws in NTP

User ID Password login

A world without passwords? Not so fast

FIDO Alliance's plan for a future without passwords is in its final form, but the makers of a password-free sign-on service are skeptical

Facebook gives away homebrewed OS monitoring tool

Osquery watches for operating system state changes that might indicate a security issue

Microsoft Security Essentials may be throwing false positives for Trojan:DOS/Alureon.J

The precise circumstances are unclear, but it's becoming obvious that MSE in some cases detects a DOS/Alureon.J infection where none exists

A look at the FBI’s big, bad identification system

Next Generation Identification uses a variety of high-tech tools and algorithms to deal with criminal behavior

data breach thinkstock

Data breaches rise as cyber criminals continue to outwit IT

Security breaches rise again this year, costing an average of $415,000, as security pros fail to keep pace with cyber crime innovation

security target

Create your own 'dirty dozen' threat list

Which security events should you worry about most? Everyone has different vulnerabilities, so here's how to prioritize

Enemies no more, McAfee and Symantec agree to share threat data

Pair join Fortinet and Palo Alto in the recently launched Cyber Threat Alliance aimed at tackling cyber security threats

Load More