SearchSecurity
New & Notable
Manage
How to craft an account lockout policy
Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to prevent credential-based attacks.
News
Disinformation, mail-in ballots top election security concerns
While there have been no major cyberattacks this election season, threat actors are waging disinformation campaigns around hot-button issues like mail-in ballots.
Get Started
Best practices for ethically teaching cybersecurity skills
Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry.
News
Intel patches critical flaw in Active Management Technology
Intel's Patch Tuesday featured four security advisories, including a critical flaw in Active Management Technology that could allow an attacker privilege escalation.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
CISA and FBI say there have been no hacks on voter databases
After a false Russian news report circulated on the internet, CISA and the FBI released a joint statement that denied any hacks to election security.
-
Windows security News
'SigRed' alert: Experts urge action on Windows DNS vulnerability
Experts are urging organizations to take immediate action on SigRed, a 17-year-old Windows DNS server vulnerability discovered by Check Point Research and patched by Microsoft.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
How symmetric and asymmetric encryption algorithms differ
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.
-
Security industry trends Problem Solve
Top AI security concerns for IT leaders
Conversations about 'AI as a solution' may overlook potentially grave AI security issues. Explore the potential infosec implications of the emerging technology in this video.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
How secure is a site-to-site VPN tunnel?
Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk.
-
The enterprise case for zero trust
-
Security's new normal focuses on remote work
-
How security champions can help, despite working remotely
-
-
Problem Solve
Top AI security concerns for IT leaders
Conversations about 'AI as a solution' may overlook potentially grave AI security issues. Explore the potential infosec implications of the emerging technology in this video.
-
Making cybersecurity hygiene a shared responsibility
-
Being secure by design requires proper principles
-
How to handle software exceptions securely
-
-
Manage
The tech, strategies that are driving WFH cybersecurity
The massive shift to home-based workforces left IT vulnerable to unexpected threats, but organizations are combining old and new strategies to maintain remote access security.
-
How to craft an account lockout policy
-
It's time for action, not just talking about diversity
-
Why your enterprise needs a culture of cybersecurity
-
-
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download -
E-Handbook | May 2020
How to get actionable threat intelligence from tech tools
Download -
E-Zine | May 2020
Why CISOs need advanced network security strategies now
Download -
E-Handbook | April 2020
Employ AI for cybersecurity, reap strong defenses faster
Download -
E-Handbook | March 2020
How to implement a strong COVID-19 cybersecurity plan
Download
Information Security Basics
-
Get Started
Best practices for ethically teaching cybersecurity skills
Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry.
-
Get Started
CISO as a service (vCISO, virtual CISO, fractional CISO)
A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.
-
Get Started
access control
Access control is a security technique that regulates who or what can view or use resources in a computing environment.
Multimedia
-
Problem Solve
Top AI security concerns for IT leaders
-
-
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Government information security management
Disinformation, mail-in ballots top election security concerns
While there have been no major cyberattacks this election season, threat actors are waging disinformation campaigns around hot-button issues like mail-in ballots.
-
Penetration testing, ethical hacking and vulnerability assessments
Intel patches critical flaw in Active Management Technology
Intel's Patch Tuesday featured four security advisories, including a critical flaw in Active Management Technology that could allow an attacker privilege escalation.
-
Penetration testing, ethical hacking and vulnerability assessments
CISA issues vulnerability disclosure order for federal agencies
The U.S. Cybersecurity and Infrastructure Security Agency gives a directive for federal agencies to establish vulnerability disclosure policies in the next 180 calendar days.
SearchSecurity Definitions
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- access control
- advanced persistent threat (APT)
- biometrics
- zero-day (computer)
- PCI DSS 12 requirements
- Federal Information Security Management Act (FISMA)
- vulnerability assessment (vulnerability analysis)