Tag Archive for: continuous

Center for Internet Security (CIS) Selects Qualys to Provide its Members with Continuous Monitoring of their Internet facing Digital Certificates and SSL/TLS Configurations – Yahoo Finance

/in

Center for Internet Security (CIS) Selects Qualys to Provide its Members with Continuous Monitoring of their Internet facing Digital Certificates and SSL/TLS Configurations  Yahoo Finance

Qualys CertView to be seamlessly integrated into CIS Multi-State Information Sharing and Analysis Center (MS-ISAC) FOSTER CITY, Calif. , April 25, 2019 …

“internet security news” – read more

Continuous Authentication: The future of Identity and Access Management (IAM)

/in

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.

Usernames and passwords act as a gateway. Insert another authentication step on top of these credentials and this gateway becomes harder to infiltrate. But once access is gained, how can the device or Web application be certain that the authenticated user is, in fact, the same person throughout the entire session?

For example, you may log in and walk away from your device, creating an opportunity for someone else to take over your session and thus, your identity. Or more commonly, you may hand the device to a colleague – a non-authenticated user – trusting they won’t do anything nonsensical or malicious. In fact, according to a survey by B2B International and Kaspersky Lab, 32% of respondents who share an Internet-enabled device with their relatives, colleagues or friends noted that they do not take any precautions in protecting their information. 

To read this article in full or to leave a comment, please click here

Network World Security

Security startup wages continuous war games against networks

/in

Startup SafeBreach automatically assesses corporate networks to find out whether they offer up enough security loopholes for real-world attacks to succeed.

Using software probes called simulators distributed throughout customers’ networks, SafeBreach attempts to establish connections among devices and network segments just as a hacker would do in trying to carry out malicious activity.

These automated attempts are driven by the Hacker’s Playbook, a SafeBreach library of known attack methods that the simulators try in order to discover weaknesses and reveal how these vulnerabilities might be exploited to carry out successful breaches.

So simulators might find individual weaknesses in a desktop Internet connection, a credit card database and a management platform that could be strung together to nab customer credit card data. This would be reported on a single screen.

To read this article in full or to leave a comment, please click here

Network World Tim Greene