Healthcare is under fire and there’s no sign of the burn slowing. Look, it’s no secret that hackers have been targeting hospitals and other healthcare providers for several years — and probably no surprise that healthcare is one of the top target industries for cybercrime in 2018. In the US alone, in fact, more than 270 data breaches affecting nearly 12 million individuals were submitted to the U.S. HHS Office for Civil Rights breach portal (as of November 30, 2018).

It’s been a great year for Detectify and there’s a lot that’s happened for us as we continue to grow our teams and business. Join us for a proverbial toast to the year as we share a recap of our highlights.

Tripwire has demonstrated its ongoing commitment to meeting U.S. government and internationally recognized security standards by achieving the most current Common Criteria standards for its latest version of Tripwire IP360’s 9.0.1, specifying the certification as “Evaluation Assurance Level 2 augmented with Flaw Remediation” (EAL2+).

Malware Analysis is the process whereby security teams such as Incident Response Handlers perform a detailed analysis of a given malware sample and then determine its purpose, functionality, and potential impact. Conducting malware analysis manually is a cumbersome and time-consuming process as it involves a lot of security professionals, resources, and budget.

Although often used interchangeably, risk appetite and risk tolerance distinguish themselves from one another in a nuanced way. While most regulations and standards focus on the risk management process, few clearly define the differences between these terms in a meaningful way. However, to create an effective cybersecurity program, you need to be able to separate risk appetite from risk tolerance so that you can develop appropriate controls to protect data.

Penetration testing, often called “pen testing” is one of several techniques used to verify cybersecurity posture and provide a level of assurance to the organization that its cyber defenses are functional. It’s a way of testing defenses against an adversary who mimics a cyber-criminal actor.

The year started off with a bang as the research of Meltdown and Spectre rendered almost all computing devices to be vulnerable. As the year moved on Facebook, Magecart and 2FA alternatives also were also part of security discussions. Here are our top 9 picks for biggest web security news of 2018.

Following on from the round-up we released yesterday, today we look through the rest of what our regular contributors shared as their standout moments from 2018.

As 2018 draws to a close, it’s been a fascinating year in the IT security community. From record-breaking data breaches, new regulations and the Meltdown and Spectre debacle, we can certainly say it’s been eventful. To round the year off, we thought it would be interesting to ask some of our regular contributors (and followers on Twitter) what their standout moments were.

At AWS re:Invent recently, I spoke to several booth visitors who asked, “What’s new with AlienVault?” It was exciting to talk through some of the improvements we’ve made over the last year and see their eyes widen as the list went on. As our customers know, we regularly introduce new features to USM Anywhere and USM Central to help teams detect and respond to the latest threats.