InfoQ Homepage Threats Content on InfoQ
News
RSS Feed-
Microsoft Open Sources AzDetectSuite Library for Detection Engineering in Azure
The Microsoft security team recently released AzDetectSuite, a collection of KQL queries and detection alerts against security threads on Azure and AzureAD. The open-source project provides basic detection capabilities at a low cost, targeting small environments within the Microsoft cloud platform.
-
Threat-Detection Tool Falco Now Supports Multiple Event Sources, Syscall Selection, and More
The latest release of Falco adds the ability to handle multiple simultaneous event sources within the same instance, support for selecting which syscalls to capture, a new Kernel Crawler to collect the most recent supported kernel versions, and more.
-
Open-Source Threat Detection Tool Falco Adds Support for Google gVisor
The latest version of Falco introduces support for gVisor, Google's application kernel providing an additional isolation layer between applications and the host OS. Using Falco 0.32.1 users can monitor security events from gVisor to detect threats and audit containers.
-
What Machine Learning Can Do for Security
Machine learning can be applied in various ways in security, for instance, in malware analysis, to make predictions, and for clustering security events. It can also be used to detect previously unknown attacks with no established signature.
-
Department of Homeland Security Weighs in on Threats to Mobile Devices
Especially branded as malicious in the unclassified document is an application known as Carrier IQ. The DHS specifically advises the various branches of the government to install a mobile app dedicated to removing the perceived security threat posed by any instance of Carrier IQ existing on their device.
-
U.S. Government Program Seeks Alternatives to Passwords
In an effort to find viable alternatives to the false security offered by passwords, a new U.S. government program is trying to find consensus on standards with leaders of private industry. The new National Strategy for Trusted Identities in Cyberspace (NSTIC) program was formed early in 2011 with limited funding but ambitious objectives.
-
Microsoft Released a Threat Modeling Tool
Microsoft has released SDL Threat Modeling Tool 3, a tool used to model, analyze, track and mitigate security vulnerabilities early in the application’s design process.