Ask the experts: What’s the worst web application security issue?


We know. It’s an impossible question to answer. There’s no such thing as a “worst web application security issue,” because every app and every organization has its own unique set of issues. But if you’re a development organization with limited resources, how do you know where to start? Which issues appear over and over in data breaches, exploits, and top N lists such as the OWASP Top 10? We asked some experts—and Twitter—to give us their opinions.
Watch Now


This white paper presents an overview of the SPDM architecture, its goals, and a high-level summary of its use within a larger solution. The intended target audience for this white paper includes readers interested in understanding the use of SPDM to facilitate security of the communications among components of platform management subsystems.


Trends in Privacy and Data Security

Privacy and data security remains a central issue, capturing the attention of consumers, regulators, and boards of directors. In this complimentary webinar, Mel Gates, Senior Legal Editor of Privacy and Data Security at Thomson Reuters, will cover: Data privacy compliance issues, with a special focus on the GDPR, Brexit, and the
Watch Now

Managing the Insider Threat—Why Visibility Is Critical


Only with full visibility into employee or third-party activity across a company network can even the earliest indicators of an insider threat be detected. By monitoring both user and file activity, security and compliance professionals can be alerted to risky, out-of-policy activities and any unexplained changes in user behavior in real-time; successfully stopping and investigating any activity before it becomes a full-blown breach. Research from The Ponemon Institute shows that Financial Services organizations face the highest penalty costs of any other industry ($12.05 million annually) when they experience an insider-led incident, though they are closely followed by the Energy & Utilities and Retail sector. This cost alone is a very concrete reason to address what otherwise might seem to be an invisible problem.
Watch Now

The Future of Phishing: It’s all about your customers


While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools. Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.
Watch Now

Enterprise Phishing Attacks & the Need to Defend Mobile Endpoints


The new GigaOm “Phishing Prevention and Detection: A GigaOm Market Landscape Report,” designed to help C(x)Os and security practitioners evaluate phishing prevention solutions, recognizes that mobile endpoints are poised to be the next high-value target for phishing attacks. The majority of mobile endpoints lack protection beyond Mobile Device Management risk assessments; these endpoints are completely exposed to phishing and other attacks.
Watch Now