When an organization suffers a data breach, how can it quantify the total of all the associated costs? The scope of costs goes way beyond a fixed dollar value per stolen record and extends to include legal fees, third-party forensic services, loss of reputation and defense improvement, as well as state and federal...
Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
With attackers getting more sophisticated every day, manual methods
of locating and testing web-based apps are no longer enough. The
right Web Application Scanning (WAS) solution can help you
systematically: discover web apps running in your network, determine
whether or not they are vulnerable to attack,...
When web applications are breached, enormous amounts
of sensitive business data can be lost.
These types of attacks can occur at organizations
of all sizes and levels of IT sophistication, and can
affect tremendous amounts of data.
Web applications are popular targets because they are accessible to almost...
The HHS Office for Civil Rights, which enforces HIPAA, is urging healthcare organizations and business associates to take steps to better address vulnerabilities in third-party software applications that pose a risk to patient data security.
Apple has removed from its App Store a $0.99 security tool developed by well-known researcher Stefan Esser that he says could quickly detect if an iPhone may have been hacked. What is the back-story behind this move?
Verizon's annual Data Breach Investigations Report has triggered an avalanche of criticism that researchers made critical errors when studying and reporting on the top 10 most frequently exploited software vulnerabilities.
The notion of API management in which enterprise architects, app developers and IT security experts work in harmony is great in theory. The reality, according to new research from Ovum, is much more scattered.
It's been a half-year now since Art Gilliland stepped into the role of CEO at startup security company Skyport Systems. What lessons has he learned from the marketplace, and where does he expect Skyport to make its mark? Find out in this video interview.
Security experts warn enterprises to patch the serious "glibc" domain name system flaw now, with one likening it to a "skeleton key" that could be used against all systems and Internet of Things devices that run Linux.
The Gartner Magic Quadrant is one of the most influential research tools that IT buyers use to evaluate vendors and keep pace with the accelerating shift from Mobile Device Management activity to Enterprise Mobility Management (EMM) strategy.
Ten years ago the smart phone, and a few years later the tablet, changed...
It's now widely recognized that antivirus software is insufficient to protect organizations, large or small, from advanced threats and targeted attacks. In response, organizations are increasingly looking to adopt proactive approaches to security, such as application control, to ensure the fidelity and security of...
Virtualization promises to boost efficiency and cut costs, making it an important element in your IT department's efforts to do more with less. Whether you're running applications on physical or virtual machines, you still need to stay vigilant to guard against the constant and growing hazard of malware and other...
Millions of Android devices - as well as desktops and servers - are at risk from a newly disclosed flaw in the Linux kernel that a malware-wielding attacker could exploit to seize full control of the device.
Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.