DNS is a Unique (and Necessary) Security Control

Like many other security professionals, you have been reviewing your security stack, reading up on the latest security trends, and have perhaps recently attended Info-Sec, RSA, Black Hat or some other relevant conference. Along the way, you may have seen messaging for recursive DNS rDNS as a...

10 Endpoint Security Problems Solved by the Cloud – Managing Infrastructure

This week marks our final post in this series. Today we’re going to step away from last week’s topic, getting the help you need, and examine how the cloud eliminates the need to manage infrastructure. On-Prem is Complex and Costly On-premise solutions require a massive amount of resources and fun...

Excerpts from Modern Bank Heists – Data Gathering

Carbon Black recently published a report on how to gather data to improve the security posture of your enterprise. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo...

Excerpts from Modern Bank Heists – Nation State Threats

Carbon Black recently published a report on the latest non-malware attack methods, and how to counteract them. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo,...

10 Endpoint Security Problems Solved by the Cloud – Keeping Up To Date

Last week, we examined the state of endpoint security and discussed why most solutions on the market aren’t doing their job. The rest of this blog series will dig further into the topic and look at 10 specific problems with traditional AV software, and how cloud-based security solutions solve the...

10 Endpoint Security Problems Solved by the Cloud – An Introduction

Question: Where do 70% of successful breaches begin? Answer: The endpoint. The State of Endpoint Security Traditional defensive security solutions are fighting a losing battle against hackers and malware. With each day, new attacks and viruses appear and keeping systems safe is like bailing out a...

With the Predictive Security Cloud (PSC) Leading the Way, Carbon Black is Named One the “Coolest 20 Vendors in Endpoint Security” by CRN

Editor’s Note: Victor Baez, Carbon Black’s VP of WW Channel and this blog’s author, was recently named a 2018 CRN Channel Chief. As part of CRN's annual Security 100 list, 20 endpoint companies have been named “Coolest Endpoint Security Vendors of 2018.” Carbon Black is among them. We are honored...

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...

Implementing the CIS 20 Critical Security Controls: Slash Risk of Cyber Attacks by 85%

If a CISO needed to cut cyber attack risk by 85%, how would this security chief go about accomplishing that? Would the CISO even know where to begin? It’s safe to say that such a mandate would be considered daunting, and maybe even overwhelming. CISOs are scrambling to protect IT infrastructures...

Memory Corruption Vulnerability in 360 Antivirus

360 Antivirus is a free cloud-based security antivirus program. 360 Antivirus suffers from a memory corruption vulnerability. An attacker could exploit this vulnerability to cause the scanning engine to terminate, resulting in a denial of service...

An Established Solution for Mobile Threats

As much as smartphones and applications have evolved over the years, so has mobile malware. We’re seeing an increasing number of threats—from mobile ransomware and auto-clicking adware to dangerous backdoors that can compromise your privacy. And there are also legitimate personal applications tha...

Heap Overflow Vulnerability in 360 Antivirus

360 Antivirus is a free cloud-based security antivirus program. 360 Antivirus suffers from a heap overflow vulnerability that can be exploited by an attacker to cause the scanning engine to terminate, resulting in a denial of service, or execute a remote code attack...

A Leader for Four Consecutive Years in the Gartner Magic Quadrant for WAFs

Gartner has published their 2017 Magic Quadrant for Web Application Firewalls WAF and Imperva has again been named a WAF leader—now for four consecutive years. Attacks remain same, but infrastructure is changing According to 2017 Verizon Data Breach Investigations Report, web app attacks remain t...

Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. With the launch of its Windows 10 Creator Update also known as RedStone 3,...

What’s new in Windows Defender ATP Fall Creators Update

When we introduced Windows Defender Advanced Threat Protection Windows Defender ATP, our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in our product evolution as we offer ...

Cisco Acquires OpenDNS for $635 Million

Cisco continues to spend on security, today announcing its intent to acquire San Francisco-based OpenDNS for $635 million. OpenDNS’ domain name system and cloud-based security services bring threat data collected from those platforms to Cisco’s security offerings. “To build on Cisco’s advanced...

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Incapsula introduces 'Backdoor Protect' feature in Cloud-based Website Security

Incapsula announced this week that they’re offering an intriguing Backdoor Protection feature for sites using their cloud-based website security and performance services. What’s a Backdoor? A backdoor is a malicious function that enables hackers to remotely operate a site or server, even after...