network security | Page 3


Today, your customers’ IT teams have to be aware of the movement and storage of valuable data across multiple applications, networks, devices, and virtual environments. In order to ensure data security and achieve defense in depth, there are many processes they must carry out, such as: Monitoring the movement of data to ensure that only authorized users are accessing it. Watching out for unusual behavior that might indicate a breach. Staying aware of the latest vulnerabilities, malware strands, and other attack vectors to ensure... [Read More]
by RSS Lief Koepsel  |  Nov 08, 2017  |  Filed in: Business and Technology
Fortinet takes industry recognition and evaluations seriously, and we were very pleased when in their 4th Next Generation Intrusion Prevention System (NGIPS) Test Report and Security Value Map NSS Labs rated Fortinet FortiGate IPS as “Recommended,” their somewhat understated way of according a product their highest rating. [Read More]
by RSS Nat Smith  |  Nov 07, 2017  |  Filed in: Business and Technology
Digital transformation is rapidly reshaping industries, generating explosive productivity growth, and creating entirely new business models. The Internet of Things (IoT) is an important technology pillar in today’s digital transformation process, as connected devices are able to collect unprecedented volumes of information, enabling data-driven decision making for better business outcomes and improved quality of life. From consumer to corporate, local to global, we are an increasingly interconnected digital society. IoT networks... [Read More]
by RSS Jonathan Nguyen-Duy  |  Nov 07, 2017  |  Filed in: Business and Technology
The T2 2017 conference took place on October 26 and 27, 2017 at the Radisson Blu seaside hotel in Helsinki, Finland. As in every edition, a CTF (Capture The Flag) competition is organized prior the conference, with the winner receiving a free ticket. This year, a private bug bounty was held by LähiTapiola, a well-known insurance company in Finland, under the supervision of T2 organizers through the HackerOne platform. As there were zero submissions, it was decided to reward Harri Kuosmanen, who was the LähiTapiola HackDay CTF winner. The... [Read More]
by RSS Francois Ropert    |  Nov 06, 2017  |  Filed in: Security Research
With industry-specific compliance requirements driving security spending and deployment, it’s natural to assume that best practices for securing access to sensitive data are different from vertical to vertical. However, that assumption may be changing.  [Read More]
by RSS Bill Hogan  |  Nov 03, 2017  |  Filed in: Industry Trends
Fortinet recently hosted nine information security and healthcare IT leaders at its Healthcare Advisory Board Meeting in Miami. Over the course of the two-day event, leaders from Fortinet met and collaborated with these members of the healthcare information security community to get a full understanding of the cybersecurity challenges they face every day on the frontlines of protecting critical patient information and proprietary medical research. This is an exciting and challenging time in the healthcare technology industry. Technical innovations... [Read More]
by RSS Susan Biddle  |  Nov 02, 2017  |  Filed in: Business and Technology
Fortinet participated in the NSS Labs 2017 Breach Detection System (BDS) group test and was awarded a Recommended rating for its latest FortiSandbox 2000E appliance introduced in the second half of 2017. [Read More]
by RSS Damien Lim  |  Nov 01, 2017  |  Filed in: Business and Technology
On October 16th, the U.S. Department of Homeland Security (DHS) announced its intention to have all federal agencies revamp their email security protocol. The Binding Operational Directive (BOD-18-01) will require all federal agencies to deploy STARTTLS, Secure Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) within three months of the directive’s announcement. While having these email security features enabled is generally considered to be a cybersecurity... [Read More]
by RSS Felipe Fernandez  |  Oct 30, 2017  |  Filed in: Industry Trends
Today, the billions of online IoT devices present an even more daunting challenge because they generally don't receive the level of control, visibility, and protection that traditional systems receive. Coupled with widespread automation-based attacks, the potential for damage is even greater. Recent developments, outlined below, reveal why it's time to take IoT security seriously. [Read More]
by RSS Derek Manky  |  Oct 30, 2017  |  Filed in: Industry Trends
Apache Struts 1 ValidatorForm is a commonly used component in the JAVA EE Web Application that requires validated form fields input by a user, such as a login form, registration form, or other information form. By configuring the validation rules, Apache Struts can validate many different kinds of fields - username, email, credit card number, etc. However, a bug in Apache Struts 1 can be used to manipulate the property of ValidatorForm so as to modify the validation rules, or even worse, cause a denial of service or execute arbitrary code in the... [Read More]
by RSS Dehui Yin  |  Oct 25, 2017  |  Filed in: Security Research