×
Close
J.M. Porup

J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

The Latest from J.M.
Bug bounties offer legal safe harbor. Right? Right?
News Analysis

Bug bounties offer legal safe harbor. Right? Right?

Do you need a vulnerability disclosure program? The feds say yes
News Analysis

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

What are deepfakes? How and why they work
Feature

What are deepfakes? How and why they work

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

Can cyber insurance cover acts of cyber terrorism?
News Analysis

Can cyber insurance cover acts of cyber terrorism?

Cyber insurance policies do not typically cover physical destruction or loss of life, but the UK government-backed reinsurer, Pool Re, announced this year it will cover acts of cyber officially deemed "terrorism" by Her Majesty's...

What is the Tor Browser? How it works and how it can help you protect your identity online
Feature

What is the Tor Browser? How it works and how it can help you protect your identity online

The Tor Browser is a web broswer that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

Duty of care: Why (and how) law firms should up their security game
News Analysis

Duty of care: Why (and how) law firms should up their security game

Lawyers have been slow to adopt modern technology — and even slower to respond to security threats. That may be changing.

What is a zero-day exploit? A powerful but fragile weapon
Feature

What is a zero-day exploit? A powerful but fragile weapon

A zero-day is a security flaw that has not yet been patched by the vendor and can be exploited. These vulnerabilities fetch high prices on the black market

Does cyber insurance make us more (or less) secure?
Feature

Does cyber insurance make us more (or less) secure?

Underwriting cyber risk remains more art than science, but in the absence of regulation, cyber insurance might still be the best hope for improving cybersecurity practices across the board — at least for now.

Information security in a war zone: How the Red Cross protects its data
News Analysis

Information security in a war zone: How the Red Cross protects its data

The International Committee of the Red Cross faces unique and extreme security threats across the globe. Technology is not always the best defense.

What is Shodan? The search engine for everything on the internet
Feature

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.

Scapegoating security researchers harms society
Opinion

Scapegoating security researchers harms society

Want your government to stop punishing the security community for its own lapses? Become a better teacher and advocate for what you do.

GreyNoise: Knowing the difference between benign and malicious internet scans
News Analysis

GreyNoise: Knowing the difference between benign and malicious internet scans

Used with Shodan, this "search engine that looks at people scanning the internet" can help you pick bad actors out of the noise.

Load More
Popular Resources
See All