“The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning”Zero trust network access (ZTNA) is an evolution of John Kindervag’s original work on a zero trust model.Zero trust is the term coined by Forrester’s Kindervag in 2010. Around 2017, Gartner analysts were toying with a related but different idea: continuous adaptive r
Artificial intelligence is more artificial than intelligent.In June 2022, Microsoft released the Microsoft Responsible AI Standard, v2 (PDF). Its stated purpose is to “define product development requirements for responsible AI”. Perhaps surprisingly, the document contains only one mention of bias in artificial intelligence (AI): algorithm developers need to
Post-Quantum company awarded SBIR III contract to combat ‘harvest now, decrypt later’ threat from quantum computingQuSecure, a provider of post-quantum, or quantum-proof, cryptography, has been awarded a small business innovation research (SBIR) Phase III contract by the federal government. If funding is like last year’s phase III awards, QuSecure will gain
Security must be built into the metaverse as it moves from science fiction to science realityThe terms ‘web3’ (Web 3.0) and ‘metaverse’ have been so heavily promoted by the cryptocurrency and gaming industries that it is easy to think it’s a niche terminology with little overall business value. That would be wrong. Each technology offers valuable business op
Offensive security startup Hadrian today announced that it has received €10.5 million ($11 million) in unsolicited seed funding that brings the total invested in the company to $13.7 million.The investment round was led by HV Capital, with participation from Picus Capital, previous investor Slimmer.AI, and various angel investors.Founded in 2021, the Amsterd
The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Cyber Security Centres in New Zealand (NZ NCSC) and the United Kingdom (NCSC-UK) have issued joint guidance on the proper configuration and monitoring of PowerShell to eliminate the risk of abuse.A scripting language and command line utility i
Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that the issues could lead to “devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.”The ETH Zurich team documented the security defects in a research paper
New attribute-based access controls (ABAC) protect sensitive data to power demanding analytics, data science, and AI use casesZero trust at the data level provides better security than zero trust at the application level; and attribute-based access control (ABAC) rather than role-based access control (RBAC) provides more efficient and granular acce
Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. The daily summaries will include new products and services, updates to existing offerin
Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. The daily summaries will include new products and services, updates to existing offerin
Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. The daily summaries will include new products and services, updates to existing offerin
Cloud security startup JupiterOne has raised $70 million in a new round of financing that values the company north of $1 billion.The Series C financing brings the total raised by JupiterOne to $119 million and the estimated ‘unicorn’ valuation is a signal that investors are willing to spend big on startups in the cyber asset attack surface management space.J
Palo Alto, Calif-based firm Xage has raised a $6 million top-up to the $30 million Series B funding it secured in January 2022. The new financing comes from SCF Partners, an investor in energy and critical infrastructure services, and Overture Venture Capital, which specializes in startups in government, energy and climate.Top-ups to existing funding rounds
News Analysis: As organizations struggle with staff shortages and a surge in dangerous malware attacks on Windows, Redmond is positioning itself as an end-to-end managed services security vendor. Can Microsoft overcome its own security problems?A little more than a year after raising eyebrows with a public boast that annual cybersecurity-related revenue
Everybody’s talking Zero Trust, but it’s not a pre-packaged solution you can buy off the shelf and each organization’s approach will be different. In fact, you may already have the basics in place. For most, it’s a multi-year journey that starts with secure access for all users, devices and workloads. Join this session on the four stages of Zero Trust maturi
Announce
Share high-quality web security related articles with you:)