locks

One ID for many sites? How a federated credential exchange works.

SecureKey, selected by USPS for the FCCX pilot, already provides a similar bridge service for the Canadian government. FCCX is expected to work much the same way.

PSIM

Force multiplier: PSIM leverages video surveillance networks in Baltimore

With thousands of cameras providing round-the-clock surveillance of Baltimore, the CitiWatch surveillance program turned to a video analysis platform from VidSys to help make sense of all of the data.

key

USPS set to put federal ID system to the test

The Postal Service will set up a pilot of the Federal Cloud Credential Exchange this fall and begin testing in January, using SecureKey briidge.net Exchange, which already provides similar services for the Canadian government.

cloud

FedRAMP approval is fine, but it's just the beginning

The program's standardized security controls can cover basic services like email and backup storage, but after that it gets complicated.

cloud

What's in the future for FedRAMP?

The program could move to cover high security requirements or standardize service-level agreements for agencies and providers.

supply chain

What you don't know about the IT supply chain can hurt you

NIST gives supply-chain security its own publication, offering guidelines for incorporating it into an agency's overall risk management program.

Aegis

A portable drive with rock-solid security

Apricorn's software-free Aegis Padlock Fortress keeps all data encrypted and protected from tampering.

Cyber tools sniffs malware on network traffic

New cyber tool learns network behavior to sniff out malware

Researchers from Georgia Tech demonstrate a prototype tool, ExecScent, that learns a network's normal traffic patterns to spot the command and control traffic from infected hosts. In live tests it identified dozens of new C&C domains and discovered hundreds of infected computers.

Email leaking out of briefcase

Secure email services went dark because email is 'broken'

Silent Circle's decision to shut down its encrypted email service is the latest in a number of responses to the NSA's surveillance of sensitive communications.

IPv6 router in the crosshairs

Easy-to-use attack exploits IPv6 traffic on IPv4 networks

Setting up a rogue IPv6 router on an IPv4 network gives attackers access to the host's Internet traffic, one more reason to enable IPv6 rather than waiting for an attacker to do it for you.

privguard

Privilege Guard watches those who watch over the network

The product extends privilege management to admins, giving them enough control to do their jobs but restricting them to authorized tasks.

cracked phone

Phun with Phones: 3 ways to phreak Android, iOS

The convergence of computing and mobile telephony has made smartphones the new frontier of cybersecurity, with a host of new vulnerability research presented at this year’s Black Hat Briefings.

Topic Resources

  • GameChanger: Microsegmentation

    In less than a decade, more than 87 million records with sensitive or private information have been exposed due to cyber-incidents on federal networks alone. Increasingly, organizations are beginning to realize that perimeter-based security just isn’t enough anymore. Download to learn how for many data centers, the solution is microsegmentation.