SecureAuth to Merge with Core Security

K1 Investment Management, which owns Core Security, plans to acquire the identity management and authentication company for more than $200 million.
Source: Vulnerabilitys & Threats

The 'Team of Teams' Model for Cybersecurity

Security leaders can learn some valuable lessons from a real-life military model.
Source: Vulnerabilitys & Threats

How to Use Purple Teaming for Smarter SOCs

Justin Harvey explains why the standard blue team vs. red team can be improved upon, and provides tips on doing purple teaming right.
Source: Vulnerabilitys & Threats

Is Your Organization Merely PCI-Compliant or Is It Actually Secure?

The Host Identity Protocol might be the answer to inadequate check-the-box security standards.
Source: Vulnerabilitys & Threats

Using Market Pressures to Improve Cybersecurity

Post-MedSec, Chris Wysopal discusses what impact the investor community — if not consumers — can have on squashing vulnerabilities and improving cybersecurity.
Source: Vulnerabilitys & Threats

St. Jude Pacemaker Gets Firmware Update 'Intended as a Recall'

The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.
Source: Vulnerabilitys & Threats

New York's Historic FinSec Regulation Covers DDoS, Not Just Data

Starting today, New York banks and insurers must report to authorities within 72 hours on any security event that has a ‘reasonable likelihood’ of causing material harm to normal operations.
Source: Vulnerabilitys & Threats

The Changing Face & Reach of Bug Bounties

HackerOne CEO Marten Mickos reflects on the impact of vulnerability disclosure on today’s security landscape and leadership.
Source: Vulnerabilitys & Threats

DoJ Launches Framework for Vulnerability Disclosure Programs

The Department of Justice releases a set of guidelines to help businesses create programs for releasing vulnerabilities.
Source: Vulnerabilitys & Threats

Facebook Offers $1 Million for New Security Defenses

The social media giant has increased the size of its Internet Defense Prize program in order to spur more research into ways to defend users against the more prevalent and common methods of attack.
Source: Vulnerabilitys & Threats