Self-Adaptive Multi-Agent LLM-Based Security Pattern Selection for IoT Systems

The adoption of Internet of Things IoT systems at the network edge of smart architectures is increasing rapidly, intensifying the need for security mechanisms that are both adaptive and resource-efficient. In such environments, runtime defence mechanisms are no longer limited to detection alone b...

Incremental Federated Learning for Intrusion Detection in IoT Networks under Evolving Threat Landscape

The expansion of Internet of Things IoT devices has increased the attack surface of networks, necessitating a robust and adaptive intrusion detection systems. Machine learning based systems have been considered promising in enhancing the detection performance. Federated learning settings enabled ...

Explainability-Aware Evaluation of Transfer Learning Models for IoT DDoS Detection under Resource Constraints

Distributed denial-of-service DDoS attacks threaten the availability of Internet of Things IoT infrastructures, particularly under resource-constrained deployment conditions. Although transfer learning models have shown promising detection accuracy, their reliability, computational feasibility, a...

Managerial Insights on Investment Strategy in Cybersecurity: Findings from Multi-Country Research

This study examines the strategic role of cybersecurity based on survey data from 1,083 managers across Europe, the UK, and the United States. The findings indicate growing recognition of cybersecurity as a source of competitive advantage, although firms continue to face barriers such as limited...

The Persistence Problem: Why Exposed Credentials Remain Unfixed—and How to Change That

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from GitGuardian's State of Secrets Sprawl 2025 report reveals a disturbing trend: the vast majority of exposed company secrets...

The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses

We've all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses SMBs are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers CISO...

Enhancing Incident Response Readiness with Wazuh

Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and...

Scaling Security Operations with Automation

In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents...

3 benefits of ThreatDown bundles

Traditional approaches to endpoint security today have a three-fold complexity problem—with big consequences. First, complexity in deployment causes long delays in protection, directly impacting ROI and leaving organizations vulnerable to breaches. In fact, almost 10 percent of small security tea...

Top 10 challenges of building an in-house application security program

Building a successful application security program can be a daunting task, as it involves many different skill sets. Resource constraints, lack of expertise, and cultural resistance are among the many challenges preventing organizations from reaping the full benefits of an in-house AppSec program...

Top 10 challenges of building an in-house application security program

Building a successful application security program can be a daunting task, as it involves many different skill sets. Resource constraints, lack of expertise, and cultural resistance are among the many challenges preventing organizations from reaping the full benefits of an in-house AppSec program...

Top 10 challenges of building an in-house application security program

Building a successful application security program can be a daunting task, as it involves many different skill sets. Resource constraints, lack of expertise, and cultural resistance are among the many challenges preventing organizations from reaping the full benefits of an in-house AppSec program...

CISA releases advice on how to safeguard K–12 organizations

To help K-12 schools and school districts in their struggle against cybercrime the Cybersecurity & Infrastructure Security Agency CISA has released the report, Protecting Our Future: Partnering to Safeguard K-12 organizations from Cybersecurity Threats. A cybersecurity incident can significantly...

CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats

Today, CISA released Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats. The report provides recommendations and resources to help K-12 schools and school districts address systemic cybersecurity risk. It also provides insight into the current threat...

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR

Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact, 43% of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are...

Free "vCISO Clinic" offers Resource-Constrained InfoSec Leaders a Helping Hand

Leaders in the InfoSec field face a strange dilemma. On the one hand, there are hundreds of thousands of resources available to find online to read or watch if they have questions – that's a benefit of a digital-first field. On the other hand, most leaders face challenges that – while not entirel...

The “New” Easy Target:  State and Local Governments, Education

One of the “new” easy targets for cybercriminals are state governments, local governments and educational institutions. Over the past few months, we have seen several national news stories of cities, like Baltimore, that have been crippled by cybercrime, specifically ransomware attacks. However,...

CVE-2018-0094

A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate limiting protection for IPv...

CVE-2018-0094

A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate limiting protection for IPv...

Choose Your Own Infosec Adventure

I often reflect on how difficult choices in our industry can be. Do we invest more in prevention, detection or response? Do we automate or add more staff? Do we use a managed service or keep it in house? These represent some of the strategic decisions defenders are faced with on a yearly basis...