Predict Which Security Flaws Will be Exploited, Patch Those Bugs
How do enterprises figure out which security flaws to fix first? Research shows common vulnerability management and remediation...
SEARCH
Fahmida Y. Rashid
Senior Managing EditorFahmida brings over a decade of IT security news reporting along with ten years of network administration and software development to Decipher.
Every security story has a human face, and her goal is to bring those stories to light. As the senior managing editor of Decipher, she will focus on ways security can impact how people live, work, and play. She enjoys working on stories that speak to those outside the security industry, highlighting the intersection of security and other technology areas. Over the years, she has seen enough to make her overzealous about her personal threat-model, but she doesn’t hold it against anyone for having a more relaxed worldview.
- fahmida@decipher.sc
- @FYRashid
- 3DF6 3FDA FACC 7BC6
Featured Articles
Understanding the Virtual CSO
Organizations don't have to decide between hiring a CSO/CISO or not having a security leader at all. They can tap the CISO's...
Mapping the Internet, One Device at a Time (Part One)
Just as people use search engines such as Google, Bing, and DuckDuckGo to find specific information on the Internet, there are...
Predict Which Security Flaws Will be Exploited, Patch Those Bugs
How do enterprises figure out which security flaws to fix first? Research shows common vulnerability management and remediation strategies are no better than random guesses. Trying to predict which flaws will be exploited and fixing those is a better use of the security teams's time.
Google's Android P Confirms Humans Still at the Helm
The new Android Protected Confirmation API in Android P ensures that a human, not malware, is engaging with the app.
Users Need More Than Minimal Breach Disclosure
Companies get away with disclosing just the bare minimum, or dribble out the bad news to the point where no one is paying attention. We need to hold companies to a higher set of expectations.
Google Asylo Lets Devs Build Confidential Computing Apps
Protect the data at rest and in transit. How about while in use? Google’s open source framework Asylo helps developers use secure enclaves with their applications without having to know the specifics of how TEEs work or learning how to use specialized tools.
Find Phishing Sites in Certificate Transparency Logs
Mining Certificate Transparency logs can help uncover phishing sites using spoofed domain names, but it’s hard to do. Facebook has updated its Certificate Transparency Monitoring tool to notify website owners when their sites are being spoofed for malicious use.