Analytics

News & Commentary
At RSAC, SOC 'Sees' User Behaviors
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Instruments at the RSA Security Operations Center give analysts insight into attendee behavior on an open network.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 4/20/2018
Comment0 comments  |  Read  |  Post a Comment
The Role of KPIs in Incident Response
John Moran, Senior Product Manager, DFLabsCommentary
Using KPIs can have a positive impact on the tactical and strategic functions of a security operations program.
By John Moran Senior Product Manager, DFLabs, 4/18/2018
Comment1 Comment  |  Read  |  Post a Comment
INsecurity Conference Seeks Security Pros to Speak on Best Practices
Tim Wilson, Editor in Chief, Dark Reading, News
Dark Reading's second annual data defense conference will be held Oct. 23-25 in Chicago; call for speakers is issued.
By Tim Wilson, Editor in Chief, Dark Reading , 4/16/2018
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Buys Secdo for Endpoint Detection
Dark Reading Staff, Quick Hits
The acquisition is intended to ramp up Palo Alto's endpoint detection capabilities with new tech and talent.
By Dark Reading Staff , 4/11/2018
Comment0 comments  |  Read  |  Post a Comment
How Measuring Security for Risk & ROI Can Empower CISOs
Vikram Phatak, Chief Executive Officer of NSS LabsCommentary
For the vast majority of business decisions, organizations seek metrics-driven proof. Why is cybersecurity the exception?
By Vikram Phatak Chief Executive Officer of NSS Labs, 3/28/2018
Comment1 Comment  |  Read  |  Post a Comment
A Look at Cybercrime's Banal Nature
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Cybercrime is becoming a more boring business, a new report shows, and that's a huge problem for victims and law enforcement.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 3/20/2018
Comment3 comments  |  Read  |  Post a Comment
The Containerization of Artificial Intelligence
Hamid Karimi, VP of Business Development at Beyond SecurityCommentary
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
By Hamid Karimi VP of Business Development at Beyond Security, 3/16/2018
Comment1 Comment  |  Read  |  Post a Comment
Critical Start to Buy Advanced Threat Analytics
Dark Reading Staff, Quick Hits
Firms previously had teamed up in SOC services.
By Dark Reading Staff , 3/15/2018
Comment1 Comment  |  Read  |  Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
By Kelly Sheridan Staff Editor, Dark Reading, 2/13/2018
Comment2 comments  |  Read  |  Post a Comment
Better Security Analytics? Clean Up the Data First!
Dan Koloski, Vice President, Oracle's Systems Management and Security  products groupCommentary
Even the best analytics algorithms using incomplete and unclean data won't yield useful results.
By Dan Koloski Vice President, Oracle's Systems Management and Security products group, 2/12/2018
Comment1 Comment  |  Read  |  Post a Comment
5 Questions to Ask about Machine Learning
Anup Ghosh, Chief Strategist, Next-Gen Endpoint, at SophosCommentary
Marketing hyperbole often exceeds reality. Here are questions you should ask before buying.
By Anup Ghosh Chief Strategist, Next-Gen Endpoint, at Sophos, 1/31/2018
Comment1 Comment  |  Read  |  Post a Comment
Endpoint and Mobile Top Security Spending at 57% of Businesses
Dark Reading Staff, Quick Hits
Businesses say data-at-rest security tools are most effective at preventing breaches, but spend most of their budgets securing endpoint and mobile devices.
By Dark Reading Staff , 1/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Meet Chronicle: Alphabet's New Cybersecurity Business
Kelly Sheridan, Staff Editor, Dark ReadingNews
Google parent company Alphabet introduces Chronicle, which will combine a security analytics platform and VirusTotal.
By Kelly Sheridan Staff Editor, Dark Reading, 1/24/2018
Comment1 Comment  |  Read  |  Post a Comment
One Identity Acquires Balabit
Dark Reading Staff, Quick Hits
Union expands One Identity's privileged access management and analytics offerings.
By Dark Reading Staff , 1/17/2018
Comment1 Comment  |  Read  |  Post a Comment
How AI Would Have Caught the Forever 21 Breach
Justin Fier, Director for Cyber Intelligence & Analytics at DarktraceCommentary
Companies must realize that the days of the desktop/server model are over and focus on "nontraditional" devices.
By Justin Fier Director for Cyber Intelligence & Analytics at Darktrace, 1/17/2018
Comment0 comments  |  Read  |  Post a Comment
Researchers Offer a 'VirusTotal for ICS'
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Free online sandbox, honeypot tool simulates a real-world industrial network environment.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 1/16/2018
Comment2 comments  |  Read  |  Post a Comment
France Might Vet Acquisitions of AI, Data Protection Firms
Dark Reading Staff, Quick Hits
Finance minister says country may add artificial intelligence and data security to list of nation's strategically important, regulated sectors
By Dark Reading Staff , 1/12/2018
Comment0 comments  |  Read  |  Post a Comment
Thales Acquires Gemalto, Integrates Digital Business
Dark Reading Staff, Quick Hits
Thales will combine its digital assets with Gemalto's as part of a new Global Business Unit.
By Dark Reading Staff , 1/2/2018
Comment0 comments  |  Read  |  Post a Comment
Security Worries? Let Policies Automate the Right Thing
John De Santis, CEO, HyTrustCommentary
By programming 'good' cybersecurity practices, organizations can override bad behavior, reduce risk, and improve the bottom line.
By John De Santis CEO, HyTrust, 12/20/2017
Comment7 comments  |  Read  |  Post a Comment
Comprehensive Endpoint Protection Requires the Right Cyber Threat Intelligence
Adam Meyers, VP of Intelligence, CrowdStrikeCommentary
CTI falls into three main categories -- tactical, operational, and strategic -- and answers questions related to the "who, what, and why" of a cyber attack.
By Adam Meyers VP of Intelligence, CrowdStrike, 12/19/2017
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by AnnaEverson
Current Conversations What is that for ?
In reply to: What is that for?
Post Your Own Reply
More Conversations
PR Newswire
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer,  4/17/2018
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.