Privileged Password Management 101: Laying the Foundation for Success

BeyondTrust

InfoSec pros have their work cut out for them—with the need to secure an estimated 300 billion passwords by 2020. Privileged password management, in particular, is a pain point for almost every organization. Privileged credentials are often difficult to identify, challenging to tame and properly secure, and if done improperly, can be costly to manage. Without strong privileged password management processes and technology in place, your organization is ripe for all kinds of security breaches. In many industries, lack of the proper protections in place alone puts you at risk from legal and/or regulatory fallout.
Watch Now

Spotlight

In this paper, the authors introduce the first authenticated encryption scheme based on a hash function, called COFFE. This paper has been motivated by the challenge to fit se-cure cryptography into constrained devices - some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies the common security requirements regarding authenticated encryption, i.e., IND-CPA- and INT-CTXT-security. Beyond that, it provides the following additional security features: resistance against side-channel attacks and INT-CTXT security in the nonce-misuse scenario.

OTHER ON-DEMAND WEBINARS

Using AI/Machine Learning in Cybersecurity

Trend Micro

AI and machine learning have proven to be valuable technologies when it comes to detecting threats at time zero and across various vectors. But there is a time and place for its usage. Join me during my monthly threat webinar and live Q&A session to learn: How you can help improve your ability to detect zero-hour threats by implementing AI/machine learning techniques. Areas in which Trend Micro has been using these AI/machine learning techniques. Why the best threat detection comes from a cross-generational blend of technologies.
Watch Now

How memcached reflection threatens IT security

Link11

2018 is the year of high volume DDoS attacks. Since the emergence of the new attack vector memcached reflection in February, new bandwidth records have been set. Companies worldwide suddenly found themselves exposed to a new DDoS risk. In a webinar, the Link11 IT security experts Karsten Desler and Aatish Pattni explain how to assess the threats. Today's global IT infrastructures face a DDoS threat that has never existed before with such massive bandwidths. This issue relates to attack vectors, which can hit companies with a really destructive attack volume due to enormous amplification factors. The largest possible 'amplification reflection vector' to date has been detected in memcached reflection attacks. Cyber criminals can theoretically use the vector to increase their attacks by a factor of 50,000.
Watch Now

Understanding The Role Of Software Bill Of Materials In Cybersecurity Readiness

Cybersecurity issues are top of mind across the open source community, and beyond. In response to the ongoing threat of cyber attacks, Linux Foundation Research, in partnership with SPDX, OpenChain, and OpenSSF, has conducted the first in a series of research projects to understand the challenges and opportunities for securing software supply chains. This soon-to-be-published report, The State of Software Bill of Materials (SBOM) and Cybersecurity Readiness, will be released to coincide with this webinar.
Watch Now

Must-Have Enterprise Mobile Security RFP Section: Advanced, Purpose-Built Threat Detection

Zimperium

Mobile operating systems (OSs) are fundamentally different from other endpoint OSs. Simply porting a security solution developed for a different platform over to mobile is inadequate and can leave your enterprise vulnerable. Effective enterprise mobile security requires a purpose-built solution that: Can protect mobile devices against known and unknown threats. Operates effectively even when an attacker controls the network.
Watch Now

Spotlight

In this paper, the authors introduce the first authenticated encryption scheme based on a hash function, called COFFE. This paper has been motivated by the challenge to fit se-cure cryptography into constrained devices - some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies the common security requirements regarding authenticated encryption, i.e., IND-CPA- and INT-CTXT-security. Beyond that, it provides the following additional security features: resistance against side-channel attacks and INT-CTXT security in the nonce-misuse scenario.

resources