New & Notable
News
Critical bug discovered in open source utility Fluent Bit
Tenable researchers discovered a critical vulnerability, dubbed 'Linguistic Lumberjack,' in Fluent Bit, an open source logging utility widely used by major cloud providers.
Evaluate
CISSP or CISM: Which should you pursue?
For hopeful practitioners, the question of whether to pursue CISSP or CISM depends on their career goals and interests. For some, the question should be, 'Why not both?'
News
Rapid7 warns of alarming zero-day vulnerability trends
The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days.
News
CyberArk to acquire Venafi from Thoma Bravo for $1.5B
CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1.
Trending Topics
-
Data Security & Privacy Evaluate
Lessons learned from high-profile data breaches
Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack.
-
Threats & Vulnerabilities News
Critical bug discovered in open-source utility Fluent Bit
Tenable researchers discovered a critical vulnerability, dubbed "Linguistic Lumberjack," in Fluent Bit, which is an open source logging utility widely used by major cloud providers.
-
IAM News
CyberArk to acquire Venafi from Thoma Bravo for $1.5B
CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1.
-
Analytics & Automation News
IBM sells QRadar SaaS assets to Palo Alto Networks
The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products.
-
Network Security News
AI-driven attacks seen as chief cloud security threat
Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned.
-
Operations & Management News
SonicWall CEO talks transformation, security transparency
SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
CISSP or CISM: Which should you pursue?
For hopeful practitioners, the question of whether to pursue CISSP or CISM depends on their career goals and interests. For some, the question should be, 'Why not both?'
-
10 risk-related security updates you may have missed at RSA
-
How AI-driven patching could transform cybersecurity
-
3 reasons Synopsys is selling its app security business
-
-
Problem Solve
How to detect deepfakes manually and using AI
Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images.
-
SSPM vs. CSPM: What's the difference?
-
Top 11 cloud security challenges and how to combat them
-
How to conduct security patch validation and verification
-
-
Manage
VM security in cloud computing explained
Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up.
-
How to configure sudo privilege and access control settings
-
What is a cloud security engineer, and how do I become one?
-
How remote work is changing patch management
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
cloud workload protection platform (CWPP)
A cloud workload protection platform (CWPP) is a security tool designed to protect workloads that run on premises, in the cloud or in a hybrid arrangement.
-
Get Started
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password.
-
Get Started
Common Vulnerability Scoring System (CVSS)
The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems.
Multimedia
-
News
View All -
Threats and vulnerabilities
Critical bug discovered in open-source utility Fluent Bit
Tenable researchers discovered a critical vulnerability, dubbed "Linguistic Lumberjack," in Fluent Bit, which is an open source logging utility widely used by major cloud providers.
-
Threat detection and response
Rapid7 warns of alarming zero-day vulnerability trends
The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days.
-
Identity and access management
CyberArk to acquire Venafi from Thoma Bravo for $1.5B
CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1.
Security Definitions
- cloud workload protection platform (CWPP)
- out-of-band authentication
- Common Vulnerability Scoring System (CVSS)
- cloud-native application protection platform (CNAPP)
- Patch Tuesday
- Pegasus malware
- risk-based patch management (RBPM)
- risk-based vulnerability management (RBVM)