Tips

  • Three benefits of a next-gen firewall

    Security expert Diana Kelley outlines three major benefits of next-generation firewalls: their ability to thwart unknown attacks, to make decisions using identity awareness and to ensure secure acc...

  • Ready to buy a next-gen firewall?

    View expert advice on seven final factors to take into account before making a next-gen firewall purchase, from vendor support options and ongoing costs to integration capabilities and community su...

  • Does your organization need a next-generation firewall?

    Marketing hype calls next-generation firewalls a must-have enterprise security tool, but the truth is, not every organization needs one. Get help evaluating your enterprise NGFW needs.

  • Top questions to ask potential firewall vendors

    Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior...

  • How to avoid HIPAA violation penalties

    HIPAA violation fines are larger than ever, costing companies millions. Expert Mike Chapple provides three key ways for organizations to remain HIPAA compliant.

  • Safe assembly: Component reuse in the age of open source

    Developers love reusing code, whether it’s an open source library or a code snippet copied from the Internet. This expert tip looks at the best ways to secure and monitor component-driven software.

  • Reducing distributed denial-of-service attacks

    Distributed denial-of-service attacks are increasingly a menace for enterprises. Expert Michael Cobb discusses industry initiatives that can help enterprises reduce the occurrence and power of DDoS...

  • The Target data breach proves to be a game-changer

    The massive security breach at Target in 2013 is changing the way enterprises approach security strategies. Expert Joseph Granneman explains how the Target data breach is an industry turning point.

  • Next-generation firewall benefits and compromises

    A next-generation firewall won't meet the security needs of every single organization. Before making the move to next generation, be sure your enterprise understands these key decision criteria.

  • A more visible network is a more secure network

    Bigger, more diverse networks mean a larger attack surface for hackers. Today's networking pros must update security strategies to account for new vulnerabilities and respond to inevitable attacks....

  • Get the most out of an authenticated vulnerability scan

    Running an authenticated vulnerability scan can help detect flaws in your system, yet many organizations don't invest in this methodology. Security expert Kevin Beaver discusses five ways to get th...

  • IPS + traditional firewall = Next-generation firewall

    Learn more about one of the greatest assets of a next-generation firewall: Its ability to consolidate firewall and intrusion prevention features into a single device.

  • Amazon Fire Phone security: Avoiding a meltdown

    The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security fea...

  • The three must-have security fundamentals for every organization

    In his debut 'Security that Works' column for SearchSecurity, Eric Cole of the SANS Institute challenges infosec pros to grade themselves on the three fundamental aspects of any successful enterpri...

  • The importance of next-generation network security

    The next-generation network -- one that must encompass the cloud, mobility and Internet of Things devices -- requires a different standard of network monitoring tools. Learn about new and improved ...

  • The GICSP certification explained

    A new SANS Institute certification, GICSP, could prove useful to industrial control system (ICS) security professionals. Expert Ernie Hayden explains the certification and how to prepare for the exam.

  • Life after TrueCrypt: Enterprise disk encryption options

    The recent news that TrueCrypt is insecure and has been retired has left many enterprises struggling to decide which encryption technologies to trust. Expert Michael Cobb offers other enterprise en...

  • Is Kerberos the key to big data authentication?

    Many Hadoop variants offer fully integrated Kerberos, with facilities to improve setup and link to your existing identity repository.

  • How to train employees in compliance awareness

    Developing a compliance awareness training program is key to preventing accidental internal compliance breaches. Expert Mike Chapple explains the steps to follow when starting such a program.

  • How Heartbleed can improve incident response

    Perhaps the biggest security bug of this generation, Heartbleed offers a number of lessons for improving incident response. Threat expert Nick Lewis highlights his key takeaways.