Mobile, Threat hunting, Threat modeling, Endpoint Security

Enterprise News – Enterprise Security Weekly #58

Diving deep into threat intelligence, GeoGuard and Skyhook team up, securing mobile devices, and more enterprise news!

Enterprise News

  1. Beyond Feeds: A Deep Dive Into Threat Intelligence Sources - Straight away, we saw something interesting. A very high proportion of organizations were already using threat intelligence to block malicious domains and IP addresses, with many also using it to add context to investigations or compromise assessments. - I'd argue this is not "threat intelligence". First, the domain and/or IP is not really a threat. Its the source of a threat, but does not speak to the threat itself. I'd also argue this is not really intelligence, but merely a reporting system based on scoring and observing behavior. Simply stating "this is bad" without some type of context as to why it is bad, is not intelligence.
  2. Oracle Wants to Give Java EE to the Open-Source Community - Kind of a big deal for many enterprises that still rely on Java, now there will not be a commercial entity in charge of the software development. What will this mean for security?
  3. How to Secure Personal Mobile Devices (Without Making Your Employees Hate You) - They may not hate you, but they will certainly hate having their devices managed, and user education is not enough, esp. on Android.
  4. Using Containers to Make Software Tests Faster and More Secure | Twistlock - Great article! And really just one reason why we will continue to see a shift to containers. Like it or not, they are here to stay and have security benefits.
  5. GeoGuard and Skyhook have announced a collaboration - Okay, this is creepy, and not really enterprise related: GeoGuard, the Vancouver-based geo-location piracy prevention experts and Skyhook, the world’s behavioural location intelligence company, have announced a collaboration to provide the content industry with the first solution that ensures viewers are verifiably watching films and TV at home.
  6. Studies Show Ways Organizations Struggle with Cybersecurity - yep: Second, a Gigamon study found that nearly two-thirds of the companies surveyed don’t have visibility into all aspects of their IT infrastructure and almost half of respondents who don’t have visibility into their network do not possess information on what is being encrypted.
  7. Cisco Moves to Secure Collaboration Across Cisco Spark Platform - I think anything is better than Skype for Business: The latest Cisco Spark update, among other capabilities, adds the ability to encrypt all communications occurring across the platform alongside a variety of new compliance controls, including support for assigning a personal identification number (PIN) to devices accessing the service regardless of who own the device being employed.
  8. Illumio Applies Policies to Advance Data Center Microsegmentation - Illumio today added a set of visualization and discovery tools to an Illumio Adaptive Security Platform for microsegmenting traffic in a data center that makes it possible to both identify dependencies in an IT environment and then generate the appropriate management or IT security policy. Dream big: The basic idea is that by controlling the flow of east-west traffic inside the data center, IT organizations can provide higher levels of security by potentially limiting the damage any malware infestation can cause, while also improving application performance.
  9. One Identity Debuts Identity Analytics and Risk Intelligence Service - Saying a lot without really saying anything: One Identity today announced the official debut of its new Starling Identity Analytics and Risk Intelligence (IARI) service, providing organizations with cloud-delivered security and risk analysis capabilities.
  10. Gartner sets fire to all the cyber things | ZDNet - Thanks for the new acronym: This year, Gartner wants us to go beyond "adaptive", and they've got a new word for it: CARTA, which stands for continuous adaptive risk and trust assessment.
  11. Respond Software Launches Analyst Platform to Help Security Staff - And yet another new category is created: Respond Software emerged from stealth on Aug. 16 to introduce general availability of its Respond Analyst platform along with $12 million in Series A funding. The promise of the Respond Analyst platform is to help solve the IT security staffing challenge with technology that can identify and escalate potential security threat alerts.
Full Show Notes Visit for all the latest episodes! [audio src=""]
prestitial ad