Expert Coverage of Black Hat USA 2018


Event Recap: Insights from Black Hat USA 2018

...machine learning and AI in general was a theme throughout Black Hat but I thought some of the comments from customers about going through the vendor hype around ML and specifically in how they're using machine learning in their own environment was really interesting."

author-icon


Doug Cahill
Sr. Analyst and Group Director


I think what we're seeing is the business leaders are putting the pressure on the security team. They're saying, "We're willing to spend more money, but we want to understand what we're spending money on and what does that buy us? In other words, what risks are we mitigating?"...We're doing some research around that ourselves and it was refreshing to hear that at Black Hat."

author-icon


Jon Oltsik
Sr. Principal Analyst and ESG Fellow

DevSecOps-Brief

ESG Blog: Takeaways from Black Hat USA 2018

Find out what Jon Oltsik observed during a busy week in Las Vegas that started with his participation in a panel at the CISO Summit and ended with a Thursday dinner brainstorming session on cybersecurity operations, with dozens of formal and informal meetings in between.


READ MORE

DevSecOps-Brief

ESG Brief

The Role of DevSecOps in Automating Application Container Security

The rapid adoption of application containers is creating a new set of cybersecurity challenges and, as a result, an expanded set of requirements for server workload security solutions. Research conducted by ESG shows that containers are moving quickly into production with a side effect of sprawl, as previously experienced by IT departments with the advent of virtual machines. Exploit attacks experienced by many organizations have created concerns about how application container environments—including registry-resident images and orchestration platforms—expose a new set of software, configuration, and access vulnerabilities. ESG research also reveals a strong interest in automating security via DevOps (“DevSecOps”) and shows how these practices allow cybersecurity and operations teams to integrate security in each stage of the continuous integration and continuous delivery (CI/CD) pipeline that governs the build-ship-run phases of the container lifecycle.

READ MORE

ESG Featured

SOAPA: Security Operations Analytics Platform Architecture

Understand SOAPA, its future, and the benefits to cybersecurity professionals.

LEARN MORE

MOST RECENT ESG CYBERSECURITY RESEARCH