InfoQ Homepage Information Security Content on InfoQ
-
Elastic Automates SIEM Investigations with Tines
Elastic's information security team recently detailed their workflow automation using Tines, aimed at improving their ability to identify and respond to cybersecurity threats. The system automatically triages alerts from its Security Information and Event Management (SIEM) system, enhancing the ability to identify and prioritize real threats.
-
NIST Launches Program to Discriminate How Far from "Human-Quality" are Gen AI Generated Summaries
NIST launched a public Gen AI evaluation program for systems developed by the international research community. The pilot program focuses on systems that can generate human-like summaries from multiple documents, or discriminators to identify whether a summary was AI-generated. For now, information about text-to-text modality is available. The registration closes in May.
-
Rachael Greaves at QCon London: Ethical AI Can Decrease the Impact of Data Breaches
At QCon London, Rachael Greaves, chief executive officer at Castlepoint Systems, presented both the obligations and benefits of data minimisation as a mechanism to decrease the impact of data breaches. AI autoclassification and automatic decision-making tools help with the ever-increasing data volumes as long as ethical principles are considered, allowing decisions to be challenged.
-
Apple Debuts Post-Quantum Cryptography Cipher PQ3 for iMessage Communication
Apple announced a new quantum-resistant encryption protocol that will be used to secure iMessage communications, PQ3 against attack scenarios known as "harvest now, decrypt later".
-
How LinkedIn Uses Machine Learning to Address Content-Related Threats and Abuse
To help detect and remove content that violates their standard policies, LinkedIn has been using its AutoML framework, which trains classifiers and experiments with multiple model architectures in parallel, explain LinkedIn engineers Shubham Agarwal and Rishi Gupta.
-
Google Distributed Cloud Hosted Now Generally Available
Google recently announced the general availability of Google Distributed Cloud (GDC) Hosted, an offering for customers with the most stringent requirements, including classified, restricted, and top-secret data. It complements Google Distributed Cloud Edge and Google Distributed Cloud Virtual, which became generally available in 2022.
-
Cloudflare Detects a Record 71 Million Request-Per-Second DDoS Attack
On the weekend of 11 and 12 February, the Super Bowl weekend, Cloudflare detected dozens of hyper-volumetrics DDoS attacks. These attacks peaked at 50-70 million requests per second (rps), with the highest at 71 million rps. This is the largest reported HTTP DDoS attack on record. This attack is 54% higher than the previous record registered in June 2022 with 46M rps.
-
Threat Operations and Research Team Cloudforce One Generally Available
Cloudflare recently announced that the threat operations and research team Cloudforce One began conducting briefings and is now generally available. Available as an add-on subscription, Cloudforce One includes threat data and briefings, security tools, and the ability to make requests for information (RFIs) to the team.
-
NCC Group Dissect Aims to Scale Incident Response to Thousands of Systems
Developed at Fox-IT, part of NCC Group, Dissect is a recently open-sourced toolset that aims to enable incident response on thousands of systems at a time by analyzing large volumes of forensic data at high speed, says Fox-IT.
-
Moving from Self-Doubt and Imposter Syndrome toward Seeing the Benefits of Diversity in Technology
As someone with a non technical background, Charu Bansal, has navigated the imposter syndrome in her career, often wondering what value she could bring to security. In her talk at The Diana Initiative 2021, she showed how having a diverse perspective helped her to solve challenging security problems as she pivoted from a non-technical career into information security.
-
How Quantifying Information Leakage Helps to Protect Systems
Information leakage happens when observable information can be correlated with a secret. Secrets such as passwords, medical diagnosis, locations, or financial data uphold a lot of our world, and there are many types of information, like error messages or electrical consumption patterns, that can give hints to these secrets.
-
Security as a Product - a Coordination Game between DevOps and InfoSec
Kelly Shortridge, a product and strategy expert in information security, has described how security should be treated as a product. Analyzing the "we mindset" and game theory she puts forth DevOps and InfoSec as a coordination game.
-
Facilitating Threat Modelling Remotely
ThoughtWorks' Jim Gumbley recently published a guide to Threat Modelling on Martinfowler.com with a template for facilitating remote and onsite sessions. He makes a case for continuous threat modelling within each iteration, alongside business stake-holders. Derek Handova has also written about removing friction from security through automation and a greater security focus in the SDLC.
-
Pandemic Shines Security Spotlight on Zoom Collaboration Risks
COVID-19 self-isolation has resulted in Zoom growing from 10m to 200m daily users. This has highlighted issues with Zoom's data privacy, security practices and meeting configurations. Bruce Schneier and other security commentators have provided insights into these issues. While governments and major companies have banned it, Zoom started a 90-day security hardening stint with former Facebook CSO.
-
Keeping Credentials Safe, Google Introduces Cloud Secret Manager
In a recent blog post, Google announced a new service, called Secret Manager, for managing credentials, API keys and certificates when using Google Cloud Platform. The service is currently in beta and the intent of this service is to reduce secret sprawl within an organization’s cloud deployment and ensure there is a single source of truth for managing credentials.