Comments on trustworthiness of cryptographic keys developed with Dual_EC_DRBG causes the standards agency to recommend against its use.
Whether a website was built with new or legacy programming languages, the security risk is about the same, according to a new website security report.
The Snowden and Wikileaks affairs, as well as potential threats from other insiders, has ratcheted up the urgency for a near-real-time analytic approach to government insider workforce risks.
Point solutions to protect the perimeter of the enterprise are not obsolete, but a new generation of tools is arriving to complement them and provide the awareness needed to defend against new complex and targeted threats.
Big data systems can correlate structured and unstructured data to paint a complete picture about an agency’s overall IT health and offer insight into the sophisticated threats.
Entrust IdentityGuard cloud-based console simplifies management of SSL, PKI, certificate discovery, device certificates and credentialing.
Described as "one of the scariest bugs I've seen" by a DOD technical analyst, Heartbleed could leave agency systems from enterprise email to Web sites vulnerable to attack.
FICO's 50+ algorithms scour multiple data sources to help defeat criminal rings that perpetrate money laundering, insider fraud and other crimes.
The Federal Cloud Credential Exchange, hosted by the Postal Service, is expected to be in operation this spring, providing a cloud-based identity hub for agencies.
Michigan and Pennsylvania are testing identity proofing and enabling federated use of secure credentials for online access to government services.
Even without Microsoft support, agencies can mitigate (but not eliminate) security risks to lingering XP users.
Much of the focus at the Department of Homeland Security has been on improving data sharing among agencies, according to IDC Government Insights.