Expert analysis
Security or compliance? Stop choosing between them
The difference between security and compliance is more than just process. It’s philosophy and practice. Compliance can be one tactical execution of a great security strategy …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
How DNS firewalls can burn security teams
It’s easy to see how DNS firewalls could have thwarted 33% of data breaches. For most IT and security teams, DNS has been an afterthought. Or, worse, not even that. The …
The true potential of 5G for businesses
Technology is transforming our world beyond recognition and both public and private sector organizations are at a tipping point where they must embrace digital transformation …
The importance of hardening firmware security
It’s no secret that attackers traditionally go after low-hanging fruit when hacking a system. Historically, this has meant targeting user applications, and, for deeper …
Avoiding a biometric dystopia
In part one of our two-part series, we explored how biometric authentication methods are being defeated. In the second part, we’ll explore how manipulating biometrics can …
IIoT risks of relying heavily on edge computing
The sheer volume of data created by the Internet of Things (IoT) is increasing dramatically as the world is becoming progressively more connected. There is projected to be a …
The importance of IT asset management within digital transformation processes
In this Help Net Security podcast, Marco Rottigni, Chief Technical Security Officer for Qualys across EMEA, talks about the importance of IT asset management within digital …
How businesses can become more nimble and secure by moving to the cloud
Today’s business landscape is more dynamic than ever before. Organizations are being inundated with data, generated by an ever-increasing number of connected devices and …
Discovering and fingerprinting BACnet devices
BACnet is a communication protocol deployed for building automation and control networks. The most widely accepted networks include Internet Protocol (BACnet/IP) and the …
What can financial institutions do to improve email security?
Financial institutions are in a fully-fledged war against data breaches. And rightly so – the finance sector is a frequent target of ransomware, phishing, and other malicious …
July Patch Tuesday forecast: Rules are changing for companies with custom applications
Every month I discuss the regular patches released for operating system or applications, but today I want to focus on some of the development components that are often …
Featured news
Sponsored
Don't miss
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
- Fighting AI-powered synthetic ID fraud with AI
- Laying the groundwork for zero trust in the military
- Grype: Open-source vulnerability scanner for container images, filesystems
- Signatures should become cloud security history