CISO Express | A Security Professional’s Home Page

NSS Labs

  • Once More Unto The Breach (Detection Test)
    It is difficult to go a week without reading about a major enterprise being breached. And it is because of this that the Breach Detection Systems (BDS) market is growing at an incredible pace that is expected to continue well into the future (32% CAG…
    - 4 Aug 15, 12:00am -
  • New tools for faster security incident responses
    How quickly could you solve a crime if you had at your fingertips a comprehensive index of all activities occurring at a crime scene before, during, and after the crime? Security professionals have spent considerable amounts of time determining the s…
    - 20 May 15, 12:00am -
  • NGIPS – HP TippingPoint Update
    In our recently completed Next Generation Intrusion Prevention Systems (NGIPS) test, NSS Labs and HP TippingPoint discovered an anomaly during testing. Fundamentally, the nature of the anomaly was related to a recent CVE, which was being heavily util…
    - 24 Apr 15, 12:00am -
  • Security Orchestration – Integration, Process, and Wise Investments Driven by a Security Conductor
    When I am asked by friends to discuss the security breaches that feature ever more frequently in the news, I use a music analogy. Why music? For one thing, I am a fan of traditional classical music; for another, this allows me to describe the roles o…
    - 14 Apr 15, 12:00am -
  • The Best Place for Yesware is Nowhere
    A talented security colleague came across a tweet from a company called Yesware and remarked to me that it could be construed as spear phishing with specific language for legal protection. I can see his point, but in pedantically technical language,…
    - 5 Mar 15, 12:00am -
  • Detecting the Invisible Part 3: "Retreat from the Breach"
    Our approach to securing the enterprise has changed, and breach detection technology has been largely instrumental in this process. This report from NSS Labs is the final in a three-part series on the impact of the breach detection system (BDS).As t…
    - 5 Mar 15, 12:00am -
  • Detecting the Invisible Part 2: "Once More Unto the Breach, Dear Friends"
    Our approach to securing the enterprise has changed, and breach detection technology has been largely instrumental in this process. This report from NSS Labs is the second in a three-part series on the impact of the breach detection system (BDS).
    - 4 Mar 15, 12:00am -
  • Breached? Continuous Forensic Analytics Speeds Incident Response
    Over the course of the last few years, the number of publicized breaches has risen dramatically, ultimately costing some CXOs their jobs. The irony is that in many cases, the breach itself is not the cause of their dismissal, but rather it is the han…
    - 3 Mar 15, 12:00am -
  • Detecting the Invisible
    Our approach to securing the enterprise has changed, and breach detection technology has been largely instrumental in this process. This report from NSS Labs is the first in a three-part series on the impact of the breach detection system (BDS).
    - 2 Mar 15, 12:00am -
  • How Does The Average Enterprise Stay On Top of The Latest Technology?
    You’ve probably heard the phrase “drinking from a fire hose,” and in the security world, it has never been more applicable than it is today.
    - 4 Feb 15, 12:00am -


  • Q4 2020 Advanced Threat Defense (ATD) Testing Results Posted
    Protect your enterprise against unknown malicious threats. Consider security products from these 6 that passed ICSA Labs Q4 2020 advanced threat defense (ATD) testing: Trend Micro (who also passed Q4 2020 ATD-Email testing), SonicWall, Sequretek, Jun…
    - 9 days ago 15 Jan 21, 8:36am -
  • Trend Micro Cloud Edge maintains ICSA Labs Firewall Certification
    Following successful security testing, the Cloud Edge 100 G2 met all of ICSA Labs' corporate firewall requirements. As a result, both it and the other models comprising the Trend Micro Cloud Edge family retained ICSA Labs Firewall Certification…
    - 12 days ago 12 Jan 21, 11:16pm -
  • Allied Telesis's AR4050S maintains ICSA Labs Firewall Certification
    After recent testing, the AR4050S from Allied Telesis met all of ICSA Labs' firewall security testing requirements. As a result, it retained ICSA Labs Firewall Certification
    - 31 days ago 24 Dec 20, 3:56pm -

Miercomm Research

Open DNS Security Lab

  • How to secure remote workers and branch offices with SASE
    These days it seems like the only constant is change, and the networking and security worlds are no exception. Industry predictions around consolidation, cloud adoption, and convergence that were previously considered aggressive now seem understated.…
    - 5 days ago 19 Jan 21, 4:00pm -
  • Cisco Umbrella – cloud security performance you can count on
    How innovation speeds performance, cuts latency When considering any IT security capability, you rigorously evaluate features and functions. Will it block threats? Will it protect my systems, my people, my data? How will it impact end-users’ experi…
    - 12 days ago 12 Jan 21, 4:00pm -
  • Keep these 10 things in mind as you start with SASE
    Every journey starts with one step. Whether that step is the first toward climbing a mountain or launching the campaign to keep your organization safe from cyberthreats, it’s important just to take that first step forward. You might not want to hea…
    - 19 days ago 5 Jan 21, 1:00pm -
  • Secure anywhere, protect everywhere with Cisco Umbrella and Advanced Malware Protection (AMP)
    It’s no secret that the world of work has changed dramatically. The “office” is now almost anywhere except the traditional campus you own and protect. Your workers and your data have scattered to bedroom alcoves, kitchen tables, outdoor coffee…
    - 40 days ago 15 Dec 20, 4:03pm -
  • How Texas A&M University System uses Cisco Umbrella to secure users and data
    The Texas A&M University System had a challenging set of problems to solve. They needed to ensure that its 180,000+ users across 11 campuses and nine state government agencies could connect to the internet safely wherever they worked, without becomin…
    - 47 days ago 8 Dec 20, 6:01pm -
  • What goes into the secure access service edge (SASE) solution
    One of the main reasons that the secure access service edge (SASE) is getting so much attention these days is that it combines several networking and security capabilities and functions normally carried in multiple, siloed point solutions into a sing…
    - 54 days ago 1 Dec 20, 5:46pm -
  • Why the Cisco Umbrella global network uses anycast routing
    Every day, the Cisco Umbrella global network processes over 250 billion recursive DNS requests. Simply processing these recursive DNS requests is a huge job, but we’re also tasked with ensuring that each of these queries is answered as quickly as p…
    - 61 days ago 24 Nov 20, 4:43pm -
  • Using entropy to spot the malware hiding in plain sight
    (Editor’s note: This proposed solution to identifying hidden malware was first presented at Black Hat USA 2020 and is featured in the newly published report, The Modern Cybersecurity Landscape: Scaling for Threats in Motion. Download your copy…
    - 68 days ago 17 Nov 20, 11:00am -
  • Cisco Umbrella named best cloud security solution by CRN Tech Innovator
    Cisco is excited to announce that Cisco Secure won three CRN’s Tech Innovator Awards in key categories including cloud security, SASE, and threat intelligence/incident response. The ability to empower solution providers with truly differentiated of…
    - 73 days ago 12 Nov 20, 4:00pm -
  • Healthcare industry under threat of trojan and ransomware attacks
    On October 28, 2020, a joint advisory was issued from the United States Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) about an imminent threat…
    - 75 days ago 10 Nov 20, 11:00am -

Forrestor Labs Reseach

  • Five Actions Every Portfolio Marketer Should Take To Drive Business Value In 2021
    As organizations prepare for 2021 and beyond, they need to focus on what matters most, which includes examining market trends and understanding buyer needs. Here are the five key actions portfolio marketers must take.
    - 3 days ago 21 Jan 21, 6:40pm -
  • Le CDO Prend Sa Place Autour de la Table
    De plus en plus, les CDOs rejoignent la table des comités exécutifs d’entreprise. Maintenant, il faut qu’ils comprennent ce qu’on attend d’eux. Le monde a changé, et les décideurs dans les sociétés l’ont bien compris. Ils cherchent de…
    - 3 days ago 21 Jan 21, 4:33pm -
  • It’s Time To Stop Paying For Commoditized Endpoint Security Features
    Today’s enterprise security buyers evaluating a new endpoint security suite often begin with a security RFP layered thick with many existing endpoint security features and capabilities, including antimalware, host firewall, anti-exploit, and applic…
    - 3 days ago 21 Jan 21, 3:44pm -
  • What I See Coming For The Channel: 2021
      Last year ended up being a tale of two cities for the channel. On one hand, customers and governments recognized partners as an essential service and central to their ability to rapidly respond to a worsening pandemic early in the year. With catli…
    - 3 days ago 21 Jan 21, 2:53pm -
  • Customer Service Technologies Are Variably Effective: Know Your Options
    The pandemic has elevated the importance of the customer service organization — and uncovered gaping holes in customer service processes and technologies. Read three key takeaways from our recent survey into customer service tech.
    - 5 days ago 20 Jan 21, 12:04am -
  • Four Key Takeaways For Brands From CES 2021
    Discover what this year's all-virtual event revealed about the future of brand experiences.
    - 5 days ago 19 Jan 21, 10:58pm -
  • Insights From Forrester’s US Retail Recovery Heat Map, January 2021
    Over the last 10 months, we have estimated how the retail economies of 30 major US metropolitan areas are recovering from COVID-19. By aggregating 11 metrics (across retail sales, local economic indicators, and virus spread), our model predicts that…
    - 5 days ago 19 Jan 21, 10:34pm -
  • Empowered Consumers Call For Sustainability Transformation
    While consumer conversations about the climate have ebbed and flowed for decades, 2020 marked a turning point that sparked unprecedented urgency around the climate crisis. Learn how this will impact consumer trends in 2021.
    - 5 days ago 19 Jan 21, 9:29pm -
  • What You Can’t See Will Hurt You: Leveraging Digital Insights To Drive Sales
    Translating intent data into sales rep action offers a level of information that surpasses what sales reps can determine on their own. In his latest blog post for Forrester, Seth Marrs shares that when this is done well, it also links the buying sign…
    - 5 days ago 19 Jan 21, 5:54pm -
  • Awareness Isn’t Enough — It’s Time To Change Behaviors
    I am thrilled to announce my latest research, “How To Manage The Human Risk In Cybersecurity.” It’s research I’ve been leading and evolving since 2010, changing my mind about the title with each refresh to reflect the times. In 2010, for exam…
    - 6 days ago 18 Jan 21, 10:31pm -

SANS Security Laboratory

  • Can you build a Defense in Depth architecture without an architect?
    We interviewed a number of GIAC AdvisoryBoard members who have been working as architects for majorenterprises as to what they look for an architecture position.
    - -
  • Will the Ph.D. become the Cybersecurity Terminal Degree?
    The percent of security job pastings asking for a Master's level degree is increasing. How much longer will it still be the terminal degree for the field.
    - -
  • Denial of Service
    As we say in cyber warfare, a denial-of-service attack is aneffort to make your opponents' information resources less valuable tothem. Of confidentiality, integrity, and availability, this isprimarily an availability attack. Stephen Northcutt disc…
    - -
  • Stephen Northcutt's Emerging Trends in IT and Security 2013 - 2015
    An emerging trends analysis and a stab at predictions for IT and security coming 2013-2015. Last updated May 2014.
    - -
  • Two factor authentication for online banking
    Eight or nine years ago, I was asking about banks that support twofactor authentication. At that time I found eTrade bank and CharlesSchwab and not much more. SANS NewsBites carried a story about HSBC and I as asked people if they knew of banks tha…
    - -
  • Daniel B. Cid, Sucuri
    Daniel Cid from Sucuri has agreed to a thought leadership interview. We hope that you will enjoy his thoughts and impressions and we certainly thank him for his time.
    - -
  • Dominique Karg, AlienVault
    Dominique Karg from AlienVault has agreed to a thought leadership interview. We hope that you will enjoy his thoughts and impressions and we certainly thank him for his time.
    - -
  • The 6 Categories of Critical Log Information
    This report is based on work done by Marcus Ranum, Tina Bird, Chris Brenton and Anton Chuvakin. Version 3 was created by Peter Czanik fromBalaBit. Version 3.01's technical review was done by members of the GIAC Advisory board: John Allison, Jake Eva…
    - -
  • Role Based Access Control to Achieve Defense in Depth
    Role-based access control (RBAC) is an access control method that organizations implement to ensure that access to data is performed by authorized users, and enterprise based RBAC is accomplished with Network Access Control (NAC).
    - -
  • Security Convergence and The Uniform Method of Protection to Achieve Defense in Depth
    Security convergence is an interesting trend that has been picking upspeed heading into 2008. We are running network information that wasformerly analog over our digital data networks, we are convergingformerly separate network devices, especi…
    - -
  • Hybrid Threats
    Though it is certainly true that malware has evolved a lot in thisdecade, the tools in use today are more similar than different fromthe attacker tools of ten years ago. The command and control is better,they are better able to evade detectio…
    - -
  • Lance Spitzner, Securing The Human, founder
    Lance Spitzner of Honeynet and Security The Human fame has agreed to a Thought Leadership interview and we certainly thank him for his time.
    - -
  • Security Predictions 2013-2014: Emerging Trends in IT and Security
    This is an effort to chronicle what a number of really smartpeople believe the state of the information security industry tobe, and where we are going. A lot of the emphasis is on securitythreats, but we also consider what is working and what g…
    - -
  • Separation of Duties in Information Technology
    Several authors join Stephen Northcutt to examine the special considerations for separation of duties in all organizations with regard to their information technology.
    - -
  • Stephen Northcutt's Security Predictions 2012 and 2013
    Stephen Northcutt identifies emerging trends in information security for the 2012, 2013 timeframe.
    - -
  • The Certificate Signing Trust Model Under Stress As An Industrial Security Model
    Acommon part of the security model for industrial IT applications is tonever accept or run a program or driver that has not been signed by theappropriate publisher. However, while it appears to be strongprotection against malicious code, in f…
    - -
  • Bill Pfeifer, Juniper Networks
    Bill Pfeifer is a Product Line Engineerat Juniper Networks supporting security software and data centerfirewalls. He has been in the IT field for 15 years, including stints atan Army tank base, atechnology reseller, and some time at a financi…
    - -
  • Security Predictions 2012 & 2013 - The Emerging Security Threat
    A look at some of the potential emerging trends and security threats for 2012 and 2013. File was started to help prepare for a panel on the same subject at SANS Security West, May 6 - 11 2011 San Diego and also for an upcoming Keynote. Love to hear y…
    - -
  • The Attack Surface Problem
    One of the most important things to understand about defense in depthis attack surface. We can define attack surface as our exposure, thereachable and exploitable vulnerabilities that we have.
    - -
  • Security Leadership Essentials Fairway Markers
    This document is known as the "fairway markers" for SANS Security Essentials. It reflects the newest version of the course which will be taught for the first time December 2010 in Washington DC ( SANS CDI ). We invite alumni of the course to review t…
    - -
  • Eric Cole Emerging Threats Summary 2010
    Here are Dr. Eric Cole's top eleven security issues for 2011 - 2012.
    - -
  • Stephen Northcutt's Security Predictions for 2011 and 2012
    In addition to the work that I have done roundingup other people's thoughts, I also work as a futurist for IT and ITSecurity, and this is my set of predictions for 2011 and 2012. I hope they are useful toyou.
    - -

Research Labs