SearchSecurity
New & Notable
News
Ransomware hacked CCTV cameras in DC
The Washington D.C. police department spotted hacked CCTV cameras before the inauguration and has remediated the ransomware, but questions still surround the attack.
News
Innovation Sandbox highlights startups at RSAC 2017
RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in bid to win top honors as most innovative.
Problem Solve
Replacing point-to-point tunneling protocol in iOS
Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.
Problem Solve
How do command injections work on wireless routers?
A Netgear vulnerability exposed a number of wireless router models to command injection attacks. Expert Judith Myerson explains how the attack works and how to stop it.
Download: IoT Security Best Practices
For many, security tops the list of IoT challenges. Our new handbook is filled with best practices for IoT security, looking at raising awareness of potential security threats wrought by IoT, how to test your defenses in the IoT era, and more.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
Trending Topics
-
Emerging threats News
MongoDB misconfiguration at fault in ransom attacks
Poor authentication in MongoDB configurations has led to a sharp increase in ransom attacks, and experts say tens of thousands of databases could be at risk.
-
Windows Security: Alerts, Updates and Best Practices News
Podcast: Windows 10 security up, Windows SMB down
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the Shadow Brokers' alleged exploit for Windows SMB and what it means for both enterprises and Microsoft.
-
PCI Data Security Standard Evaluate
What does a PCI Internal Security Assessor do?
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security Assessor helps with security.
-
Disk Encryption and File Encryption Problem Solve
What are the best technologies for IoT encryption?
Protecting the data that moves through the internet of things can be a challenge for enterprises. Expert Judith Myerson offers several encryption tools for the task.
-
Market trends and predictions Evaluate
Podcast: McAfee returns as Intel spins off security business
In this Risk & Repeat podcast, SearchSecurity editors discuss the $3.1 billion Intel Security sale and what it means for the infosec industry, the McAfee brand and Intel.
-
CISSP Certification Get Started
CISSP training: Software Development Security
Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.
Topics Covered
-
Application and Platform Security (13) +
- Application Attacks (Buffer Overflows, Cross-Site Scripting)
- Application Firewall Security
- Database Security Management
- Email Protection
- Enterprise Vulnerability Management
- Open Source Security Tools and Applications
- Operating System Security
- Secure SaaS: Cloud services and systems
- Securing Productivity Applications
- Social media security risks and real-time communication security
- Software Development Methodology
- Virtualization Security Issues and Threats
- Web Security Tools and Best Practices
-
Enterprise Data Protection (7) +
-
Enterprise Identity and Access Management (3) +
-
Enterprise Network Security (6) +
Government IT Security Management
-
Information Security Careers, Training and Certifications (3) +
-
Information Security Management (12) +
- Business Management: Security Support and Executive Communications
- Disaster Recovery and Business Continuity Planning
- Enterprise Compliance Management Strategy
- Enterprise Compliance Tools
- Enterprise Risk Management: Metrics and Assessments
- Information Security Incident Response-Information
- Information Security Laws, Investigations and Ethics
- Information Security Policies, Procedures and Guidelines
- News and analysis from IT security conferences
- Security Awareness Training and Internal Threats-Information
- Security Industry Market Trends, Predictions and Forecasts
- Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
Information Security Threats (13) +
- Application Attacks -Information Security Threats
- Denial of Service (DoS) Attack Prevention
- Email and Messaging Threats-Information Security Threats
- Emerging Information Security Threats
- Enterprise Vulnerability Management
- Hacker Tools and Techniques: Underground Sites and Hacking Groups
- Identity Theft and Data Security Breaches
- Information Security Incident Response
- Malware, Viruses, Trojans and Spyware
- Security Awareness Training and Internal Threats
- Smartphone and PDA Viruses and Threats
- Web Application and Web 2.0 Threats-Information Security Threats
- Web Server Threats and Countermeasures
-
Security Audit, Compliance and Standards (10) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Judith Myerson asks:
Have you ever used a free, ad-supported VPN client, and, if so, what was your assessment of it?
-
Judith Myerson asks:
Does your organization use any IoT encryption technologies, and, if so, which ones?
Find Solutions For Your Project
-
Evaluate
How a sandbox differs from a software container
Understanding the difference between software containers and sandboxing can help enterprises make the right decision about which to use. Expert Matthew Pascucci explains them.
-
The challenges of securing big data systems
-
How to choose a web application firewall
-
Sniff out insider threats with these tools
-
-
Problem Solve
Free VPNs: A secure option or a bad choice?
There are many free VPN clients on the market, but are they secure enough for enterprise users? Expert Judith Myerson looks at the pros and cons of ad-supported VPNs.
-
Replacing point-to-point tunneling protocol in iOS
-
What are the best technologies for IoT encryption?
-
Strategies for mitigating a denial-of-service attack
-
-
Manage
Tackling the threats that come from within
IT threats are tough to tackle when they originate from within your business. This technical guide considers that issue and offers ways to deal with insider security threats.
-
Insider Edition: Attaining security for IoT, through discovery, identity and testing
-
Privileged access management and security in the enterprise
-
Why breach investigations are critical to security
-
-
E-Zine | January 2017
Insider Edition: Attaining security for IoT, through discovery, identity and testing
Download -
E-Handbook | December 2016
Combatting the top cybersecurity threats with intelligence
Download -
E-Handbook | December 2016
Managed security services market: What you need to know now
Download -
E-Zine | December 2016
Dedicated CISO job still open to debate
Download -
E-Zine | November 2016
Insider Edition: Improved threat detection and incident response
Download
Information Security Basics
-
Get Started
email spam
Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.
-
Get Started
distributed denial of service (DDoS) attack
A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks.
-
Get Started
How to approach strategic security planning
Developing a strategic security plan for an enterprise can be a complicated task. Expert Ernie Hayden provides an overview to help CISOs make an effective plan.
Multimedia
-
-
Problem Solve
Podcast: Doxware puts a new spin on ransomware
-
Vendor Resources
- How to Get More Signal, Less Noise for Your SIEM –White Paper
- Confronting Enterprise Security Risk –White Paper
- Respond to Threats Faster and More Effectively Than Ever –Webcast
Blog: Security Bytes
-
How cloud file sharing is creating new headaches for security teams
A sharp rise in cloud file sharing and collaboration activity is creating big problems for security teams – even when the number of security incidents is miniscule.Continue Reading
-
Android malware delivery is harder than you might think
Headlines about Android malware often gloss over just how difficult the process is for a user to install a malicious app on a device. Let's talk about that.Continue Reading
-
More Security Bytes Posts
Patent race picks up speed in the cloud access security broker market
Windows 10 Anniversary update adds headaches for antivirus vendors
Netskope nabs another patent for CASB technology
-
News
View All -
Denial of Service (DoS) Attack Prevention-Detection and Analysis
Q&A: Rapid7 experts talk pen testing, Mirai botnet
Rapid7's Beardsley and Brown offer insight on Mirai botnet attacks, while also sharing some of their craziest penetration testing and incident response experiences.
-
PKI and Digital Certificates
Certificate transparency catches bad Symantec CA certs
One week after certificate transparency revealed a Symantec CA improperly issued over 100 digital certificates, Symantec offers more details on the incident.
-
PKI and Digital Certificates
Google launches its own root CA
Google is expanding its certificate authority capabilities by creating its own root certificate authority, but experts are unsure of Google's plans moving forward.