How are CISOs of the Global 500 automating risk and compliance assessments by 90%, saving millions of dollars per year, and creating a unified strategy around cyber risk in the wake of Digital Transformation? Those on the cutting-edge of risk and compliance see a massive opportunity to ingest the telemetry coming from the security tech stack to bri...
The growth of application development, DevOps, containers, and cloud has fueled the growth of application security tools. We now have static analysis, software composition analysis, interactive analysis, dynamic analysis, container scanning, infrastructure as code scanning, and a number of runtime application security products. That’s a lot of testing data, but how do we integrate it […]
The terms machine learning (ML) and artificial intelligence (AI) are way overused terms in our industry. Every vendor seems to have the latest and greatest ML/AI solution to solve your security problem. But when you really dig into the math, there are mathematical models that can actually help us. So why don’t we focus on […]
There are a lot of endpoint security solutions on the market. How do you pick and choose which solution is right for you? The answer may depend on which endpoints you want to protect. Windows? MacOS? Linux? All of the above? What about containers and cloud infrastructure? When we think of traditional endpoints, we immediately […]
Secure Circle: For a true Zero-Trust environment, it isn’t enough to think about data in cloud services and SaaS applications, we also must protect, control and audit data that egresses form these services onto endpoints. How do you protect data that egresses from your cloud services (i.e. Github, Workday, SalesForce, Box, OneDrive)?, Do you contro...
All our networks are hybrid now. Some old security challenges were solved by cloud migration, but we've just swapped them for some new ways to get things wrong. What's the best way forward? This segment is sponsored by RedSeal. Visit https://securityweekly.com/redseal to learn more about them!
Paul and I have talked a lot about his enchanted quadrants on the podcasts, but for those who haven’t watched, here’s a quick summary… An effective security program requires the integration of four key data sources: Logs (firewall, network, application, etc.) Endpoint (files, processes, logs, etc.) Network (flow and packets) Threat Intelligence Most organizations build […]
The endpoint market has been hot for years. At one point, there were over 80 new endpoint vendors trying to displace the traditional anti-virus vendors. The endpoint security market was transitioning from endpoint protection to endpoint detection and response (EDR). EDR is all the rage, but do you really need one? While the endpoint market […]
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
