Security News

Chris Hass, director of information security and research at Automox, discusses how the future looks. While the trend of automation will continue to grow, there still remain many challenges to its adoption, and new innovations or threats could change how the future looks for this technology.

A team of UTSA researchers is exploring how a new automated approach could prevent software security vulnerabilities. The team sought to develop a deep learning model that could teach software how to extract security policies automatically.

The proven approach in the market today is with digital certificates, which leverage PKI. In fact, some of the best authentication mechanisms leverage digital certificates at their core. In this case, when leveraging digital certificates as a baseline for human and machine identities, digital certificates must be provisioned to users and devices, and ultimately, orchestrated and automated.

The challenge faced by already strained IT teams is how to deliver strong certificate management across increasingly complex IT environments, at a time when workforces are massively distributed and entering the corporate network via the consumer-grade technologies in their homes. While third-party certificate authorities are a trusted option for many enterprises across the globe, many choose instead to issue them in-house, operating their own "Private CAs" to fulfill at least a portion of their PKI needs.

The research finds that investments in automation are directly linked to increased business revenues, job growth, and long-term productivity. Automation investments boost revenue and economic resilience.

To select a suitable policy automation solution for your business, you need to think about a variety of factors. The policy automation solution should easily expand as new network and cloud security controls are added.

What does system hardening encompass? Let's take server hardening as an example. While the former focus on pointing out configuration drift from specific compliance frameworks, and the latter can do that as well as enforcing hardening policies/configuration changes, they don't provide a solution for the entire hardening process like their CalCom Hardening Suite does.

On the surface, it might seem like configuration errors should be an easily solvable problem: organizations should simply pay more attention to any changes and manually make sure all settings are correct every time a change is made. To successfully control how every update, change and addition is implemented - and to understand how each change affects the environment and other changes that are already "In flight" - the only solution is to embrace automation.

ThreatQuotient released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses and their CISOs when it comes to IT security systems automation. Recognised importance of IT security automation 77% of survey respondents stated IT security automation is important to senior security professionals.

Nearly two-thirds of enterprises are concerned about how much time is spent managing certificates. The typical enterprise says as many as 1,200 of the certificates are actually unmanaged, and 47% say they frequently discover so-called "Rogue" certificates.