Network threat detection
Get news, tips and expert advice on network threat detection. This resource will cover the latest trends and technology around network threats and threat detection systems and services. Learn how to uncover, analyze and address network vulnerabilities to mitigate the risk of cyberattacks.
Top Stories
-
Answer
19 Apr 2023
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
-
Feature
09 Nov 2021
API security strategies must evolve to include API protection
An API security strategy must include the ability to protect APIs post-deployment, but questions abound about ownership, which tools to use and how to get started. Continue Reading
-
Guest Post
21 Sep 2021
3 components to consider when selecting an MDR service
In the market for an MDR service? Read up on three considerations to keep in mind and questions to ask potential providers before making a decision. Continue Reading
-
News
08 Sep 2021
Microsoft zero-day flaw exploited in the wild
Microsoft and the Cybersecurity and Infrastructure Security Agency have issued advisories warning users to mitigate against a zero-day flaw, as no patch has been released. Continue Reading
-
Feature
30 Aug 2021
Malware analysis for beginners: Getting started
With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst. Continue Reading
-
Feature
30 Aug 2021
Top static malware analysis techniques for beginners
Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage. Continue Reading
-
Guest Post
02 Aug 2021
Network security in the return-to-work era
IT teams are dealing with the challenge of reconnecting devices to office networks as employees return to work. Here's how your organization can overcome that challenge. Continue Reading
-
Definition
21 Jul 2021
port
A port in computing has three main uses, each as a type of receptacle in networking, computer hardware and software. Continue Reading
-
Definition
15 Jul 2021
anti-replay protocol
The anti-replay protocol provides Internet Protocol (IP) packet-level security by making it impossible for a hacker to intercept message packets and insert changed packets into the data stream between a source computer and a destination computer. Continue Reading
-
Feature
15 Jun 2021
How to get started with security chaos engineering
Introducing security chaos engineering: the latest methodology security teams can implement to proactively discover vulnerabilities or weaknesses in a company's system. Continue Reading
-
Definition
14 Jun 2021
threat modeling
Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system. Continue Reading
-
Definition
08 Jun 2021
threat intelligence (cyber threat intelligence)
Threat intelligence, also known as cyber threat intelligence (CTI), is information collected from various sources about current or potential attacks that threaten an organization. Continue Reading
-
Guest Post
27 May 2021
3 steps to zero-day threat protection
Don't let a zero-day threat bring down your networks. Follow these three steps to prepare for the unknown and minimize potential damage. Continue Reading
-
Feature
10 May 2021
From EDR to XDR: Inside extended detection and response
As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading
-
Tip
30 Apr 2021
Types of MDR security services: MEDR vs. MNDR vs. MXDR
Organizations considering MDR security services should look into more tightly focused options hitting the market to find the best one for their security program's needs. Continue Reading
-
Definition
13 Apr 2021
unified threat management (UTM)
Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks. Continue Reading
-
Tip
07 Apr 2021
MDR vs. MSSP: Why it's vital to know the difference
When assessing MDR vs. MSSP, the key is understanding why the two aren't interchangeable and how each handles response. Continue Reading
-
Feature
22 Mar 2021
How to set up Palo Alto security profiles
Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading
-
Feature
22 Mar 2021
Author's advice on Palo Alto firewall, getting started
Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice. Continue Reading
-
Tip
09 Feb 2021
Using content disarm and reconstruction for malware protection
Content disarm and reconstruction is a modern approach to removing malicious code from files, key to detecting and thwarting successful phishing and malware attacks. Continue Reading
-
Tip
29 Jan 2021
How the SolarWinds vulnerability affects networking
The SolarWinds attack resulted in a bevy of network vulnerabilities, like masked traffic and backdoor access. Network teams should take the time to review their security strategies. Continue Reading
-
Guest Post
22 Jan 2021
Standardize cybersecurity terms to get everyone correct service
Some cybersecurity terms can refer to multiple service offerings, which can be confusing for companies looking to implement them as well as the companies providing them. Continue Reading
-
Tip
14 Jan 2021
Extended detection and response tools take EDR to next level
Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading
-
Quiz
09 Nov 2020
Try this cybersecurity quiz, test your cyberdefense smarts
Based on the November 2020 issue of Information Security magazine, this 10-question quiz lets you check your comprehensive knowledge of current security issues and earn CPE credit too. Continue Reading
-
Feature
02 Nov 2020
AI in security analytics is the enhancement you need
AI-powered analytics is critical to an effective, proactive security strategy. Learn how AI-enabled tools work and what your organization needs to do to reap their benefits. Continue Reading
-
Opinion
02 Nov 2020
AI in cybersecurity ups your odds against persistent threats
AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
- E-Zine 02 Nov 2020
-
Tip
19 Oct 2020
Planning a zero-trust strategy in 6 steps
Launch a zero-trust strategy in six steps. Learn how to form a dedicated team, ask questions about existing security controls and evaluate the priority of zero-trust initiatives. Continue Reading
-
Quiz
28 Jul 2020
IDS/IPS quiz: Intrusion detection and prevention systems
Want a baseline of your intrusion detection and prevention system knowledge? Test your insights with this IDS/IPS quiz. Continue Reading
-
News
15 Jul 2020
Attackers find new way to exploit Docker APIs
Aqua Security released research detailing a new tactic where the attacker exploits a misconfigured Docker API port in order to build and run a malicious container image on the host. Continue Reading
-
Tip
26 May 2020
AI threat intelligence is the future, and the future is now
Threat intelligence services and tools get a boost from advanced technology like AI and, specifically, machine learning. Learn how that works. Continue Reading
-
Tip
26 May 2020
Uncover and overcome cloud threat hunting obstacles
You can be an effective cyberthreat hunter even if your organization's assets are in the cloud. Know the likely obstacles you'll face, then learn how to surmount them. Continue Reading
-
Opinion
01 May 2020
Plan now for the future of network security
How to battle well-funded, technologically sophisticated threats and ensure high-quality network performance? CISOs need a plan to meet network challenges now and in the future. Continue Reading
-
News
24 Mar 2020
Cisco security GM discusses plan for infosec domination
At RSA Conference 2020, Gee Rittenhouse, senior vice president and general manager of Cisco's security group, talks about the company's strategy to reshape the infosec industry. Continue Reading
-
Opinion
03 Feb 2020
2 components of detection and threat intelligence platforms
Deploying threat detection and intelligence platforms is one of the smartest ways to protect your organization's valuable assets. Make sure you know how to choose the best tool. Continue Reading
-
Feature
03 Feb 2020
Threat intelligence offers promise, but limitations remain
Do you know how to use threat intelligence feeds to best effect in your company? Learn what this valuable yet often confusing resource can and can't do for cybersecurity. Continue Reading
-
Opinion
03 Feb 2020
Fresh thinking on cybersecurity threats for 2020
It's a good time to take a clear-eyed view of the likely security threats facing your organization. But then what? Experts suggest getting creative with your threat responses. Continue Reading
- E-Zine 03 Feb 2020
-
Answer
26 Nov 2019
What is the role of CISO in network security?
The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees. Continue Reading
-
Answer
25 Nov 2019
The network security tools to combat modern threats
Incorporating new network security tools and methods into your enterprise's infosec program may mean the difference between staying safe or falling victim to an attack. Continue Reading
-
News
01 Oct 2019
Sophos launches Managed Threat Response service
The new offering is built on Sophos' endpoint security platform Intercept X Advanced, with capabilities supported by the company's recent acquisition of Rook Security and DarkBytes. Continue Reading
-
News
26 Aug 2019
Puppet launches its first vulnerability remediation product
Puppet Remediate is a vulnerability remediation product that shares data between security and IT ops, provides risk-based prioritization and offers agentless remediation. Continue Reading
-
Tip
20 Aug 2019
Network traffic analysis tools secure a new, crucial role
Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security. Continue Reading
-
Answer
19 Aug 2019
How to build an enterprise penetration testing plan
Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe. Continue Reading
-
News
06 Aug 2019
LogicHub introduces automation updates to its SOAR platform
Security vendor LogicHub introduced new features to its SOAR platform that intend to automate tedious threat detection and response processes and save security teams time. Continue Reading
-
Feature
24 Jul 2019
Network teams spend more time than ever on network security issues
The workloads of network teams have evolved from their original objectives because of network security threats. Yet teams are still expected to maintain their initial goals. Continue Reading
-
News
17 Jul 2019
Claroty extends platform to include IoT device security
Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. Continue Reading
-
Opinion
08 Jul 2019
Who's to blame for ransomware attacks -- beyond the attackers?
Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading
-
Guide
28 Jun 2019
How to improve network visibility and regain control
Gaining visibility into the network has never been easy; technology like cloud and IoT makes it even tougher. Learn how to meet such challenges and keep network traffic flowing. Continue Reading
-
Answer
31 May 2019
How can SIEM and SOAR software work together?
Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together. Continue Reading
-
Answer
30 May 2019
The future of SIEM: What needs to change for it to stay relevant?
Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up. Continue Reading
-
News
15 Apr 2019
Blue Hexagon bets on deep learning AI in cybersecurity
Cybersecurity startup Blue Hexagon uses deep learning to detect network threats. Security experts weigh in on the limitations of AI technologies in cybersecurity. Continue Reading
-
Tip
20 Mar 2019
How automated patch management using SOAR can slash risk
Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management. Continue Reading
-
Tip
20 Mar 2019
Automating incident response with security orchestration
Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading
-
Tip
20 Mar 2019
Plugging the cybersecurity skills gap with security automation
Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder. Continue Reading
-
Feature
14 Mar 2019
AI security tech is making waves in incident response
Experts weigh in on the latest smart cybersecurity tools -- how they work, the implications for your IT security team and whether the investment is worth the expense. Continue Reading
-
Tip
25 Feb 2019
How to improve network security in 5 steps
The basics of network security start with a proactive and comprehensive audit of connectivity points. Also, be sure to get end users involved with network security policies. Continue Reading
-
Answer
22 Jan 2019
How can attacks bypass Windows Driver Signature Enforcement?
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works. Continue Reading
-
Tip
10 Dec 2018
5 actionable deception-tech steps to take to fight hackers
Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture. Continue Reading
-
Tip
10 Oct 2018
Give your SIEM system a power boost with machine learning
The enterprise SIEM is still essential to IT defenses, but the addition of AI, in the form of machine learning capabilities, gives it even more potential power. Continue Reading
-
Tip
10 Oct 2018
The time to consider SIEM as a service has arrived
Now even your SIEM comes in the as-a-service model. Assess whether it's time to consider outsourcing this fundamental tool in your defense lineup. Continue Reading
-
Tip
10 Oct 2018
Prepping your SIEM architecture for the future
Is your SIEM ready to face the future? Or is it time for a major tune-up or at least some tweaks around the edges? Learn how to approach your SIEM assessment and updates. Continue Reading
-
Feature
08 Aug 2018
SIEM benefits include efficient incident response, compliance
SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting. Continue Reading
-
Feature
01 Aug 2018
Overwhelmed by security data? Science to the rescue
Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives. Continue Reading
-
Tip
07 Jun 2018
Where machine learning for cybersecurity works best now
Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more. Continue Reading
-
Tip
07 Jun 2018
AI and machine learning in network security advance detection
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals. Continue Reading
-
Feature
10 May 2018
SOC services: How to find the right provider for your company
SOCs are the latest services you can now outsource rather than build in-house. But should you entrust them to a third party? Yes—but make sure you know how to pick the best. Continue Reading
-
Tip
05 Mar 2018
Continuous security monitoring advances automated scanning
Battling threats in today's fast-paced cyberworld means shutting down vulnerabilities fast, which requires round-the-clock monitoring. Learn how to make it happen in your company. Continue Reading
-
News
16 Feb 2018
SonicWall spots Meltdown exploits with machine learning tech
SonicWall says its new deep memory inspection technology, which powers the vendor's Capture Cloud sandbox service, can block Meltdown threats and other zero-day attacks. Continue Reading
-
Security School
15 Jan 2018
Behavioral analytics, security go hand in hand
This Security School explores behavioral analytics as a tool for enhancing the security of enterprise systems and data. Continue Reading
-
Feature
21 Dec 2017
Get the best botnet protection with the right array of tools
Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can. Continue Reading
-
Opinion
01 Dec 2017
The future of networking technology is playing out right now
To prepare for the future of networking technology, IT managers must understand evolving concepts like hyper-convergence, SD-WAN and intent-based networking. Continue Reading
-
Tip
09 Oct 2017
Make your incident response policy a living document
Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members. Continue Reading
-
Feature
28 Sep 2017
What SIEM features are essential for your company?
On the hunt for the best SIEM tool for your company? Learn how to evaluate the capabilties of the newest security information and event management products. Continue Reading
-
Tip
11 Jul 2017
Tactics for security threat analysis tools and better protection
Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool. Continue Reading
-
Security School
06 Jun 2017
How threat intelligence feeds aid organizations' security posture
This Security School explores how threat intelligence feeds works and discusses the types of vendor services that exist now. Continue Reading
-
Feature
23 May 2017
Learn what breach detection system is best for your network
Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs. Continue Reading
-
Feature
12 Nov 2015
Comparing the best intrusion prevention systems
Expert contributor Karen Scarfone examines the best intrusion prevention systems to help you determine which IPS products may be best for your organization. Continue Reading
-
Feature
20 Oct 2015
Enterprise benefits of network intrusion prevention systems
Expert Karen Scarfone explains how most organizations can benefit from intrusion prevention systems (IPSes), specifically dedicated hardware and software IPS technologies. Continue Reading
-
Feature
13 Oct 2015
The basics of network intrusion prevention systems
Expert Karen Scarfone explores intrusion prevention systems and their acquisition, deployment and management within the enterprise. Continue Reading
-
Answer
25 Mar 2015
What are the secrets to SIEM deployment success?
Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation. Continue Reading