Mitigating Common Password Attacks

by Serge Truth on September 27, 2016 at 10:47 AM

Multiple options are available for mitigating automated password guessing attacks and choosing the most appropriate one(s) requires understanding the trade-offs between security and usability of each. Regardless, the goal...

The National Highway Traffic Safety Administration (NHTSA), part of the US Department of Transportation recently issued their much anticipated Federal Automated Vehicles Policy. This 116-page document is guidance, not...

Yahoo confirmed on Thursday that data associated with at least 500 million user accounts have been stolen from a 2014 data breach - what many are calling one of the largest cybersecurity breaches in history. What...

Why I was Asked to a White House Meeting

by William Whyte on September 7, 2016 at 2:29 PM

I was asked to meet with the some of the staff from the Office of Management and Budget (OMB) this week. To be clear, the OMB is a White House department but sadly the meeting wasn't in the White House itself -- it was a...

C'Mon Dad...You Should Know Better

by Jen McNeill on September 2, 2016 at 12:26 PM

Hey Dad: sorry for what I am about to share! …but please keep your plane tickets to visit next month and babysit!-Jen

Happy 25th birthday to the world wide web! It's difficult to imagine the first public website was launched just 25 years ago in 1991. For most people, it's hard to think about our lives without the internet.

Internet use...

As the name implies, QuadRooter is a collection of four exploits in Qualcomm's popular graphics and media chipset, which is in more than 900 million mobile devices globally. When used in combination with malware, the...

A CISO's Guide to Application Security

by Danny Harris on August 11, 2016 at 8:53 AM

CISO Executive Summary

Application security differs in a number of ways from IT security, Network Security, and Information Security, so standard solutions from those domains don’t necessarily address the challenges of...

With Apple's recent announcement about starting its first Bug Bounty Program this September, it raises the issue of why they waited so long and why they did finally did decide to create one. 

Bug Bounty Hunter (BBH)...

All organizations that process credit card data are required to be PCI compliant and abide by PCI DSS security standards. However, many organizations treat PCI compliance as an expensive, stressful, and time-consuming...