SearchSecurity
New & Notable
Get Started
Assessing security risks at industrial facilities
An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.
Problem Solve
How the return of an Apple vulnerability affects users
An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices.
News
Why enterprises need a game plan for automating security
Security experts sound off on the importance and benefits of automating security, and highlight factors to be considered before implementing SOAR tools.
News
Risk & Repeat: Expired certificates loom amid government shutdown
This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown.
Instant Download: Free Guide to Password Security
Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.
Trending Topics
-
Emerging threats News
Global DNS hijacking attacks attributed to Iran
FireEye researchers investigating a DNS hijacking campaign against governments and telecom companies said those who are potential targets of Iran should take precautions.
-
Windows security Manage
Microsoft vulnerability too difficult to detect
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology News
Microsoft BitLocker misplaces trust in SSDs for encryption
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
-
Security industry trends News
RSAC keynote lineup reflects diversity push
RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
How do you think the government has handled cybersecurity services during the shutdown?
Find Solutions For Your Project
-
Evaluate
How to evaluate and integrate CIAM security products
Evaluating customer identity access management products is complicated but necessary. Learn what’s new and what you need most right now.
-
Learn the core ways customer IAM is different
-
How quantum computing affects cryptographic algorithms
-
A guide to SIEM platforms, benefits and features
-
-
Problem Solve
How the return of an Apple vulnerability affects users
An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices.
-
How good backups aid SamSam ransomware recovery
-
Learn how to guard hardware with enterprise protections
-
How users can protect themselves against Brrr ransomware
-
-
Manage
How BGPsec is involved with internet traffic control
The use of BGPsec protocols was found after looking into threat actors in China that controlled U.S. internet traffic. Discover how this technique works and how it can be mitigated.
-
Supporting TLS 1.3 means adding enough key entropy
-
Malicious JavaScript code used to steal credit card data
-
How a vulnerability was found in a My Cloud NAS device
-
-
E-Handbook | January 2019
Customer identity and access management: Why now and how?
Download -
E-Handbook | December 2018
Can deception security tactics turn the tables on attackers?
Download -
E-Zine | December 2018
Allure of the threat hunter draws companies large and small
Download -
E-Handbook | October 2018
SIEM tools, future tech and how to prepare for what's ahead
Download -
E-Zine | October 2018
User behavior analytics tackles cloud, hybrid environments
Download
Information Security Basics
-
Get Started
Assessing security risks at industrial facilities
An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.
-
Get Started
Customer identity and access management: Why now and how?
There's an important distinction between consumers and customers; just as crucial is understanding the difference between customer IAM and traditional IAM.
-
Get Started
brute force attack
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than ...
Multimedia
Vendor Resources
Blog: Security Bytes
-
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...Continue Reading
-
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.Continue Reading
-
More Security Bytes Posts
Breaking down Dell's "potential cybersecurity incident" announcement
Will cybersecurity safety ever equal air travel safety?
Android Ecosystem Security Transparency Report is a wary first step
-
News
View All -
Government information security management
Private sector affected by government shutdown
In addition to putting government agencies at risk, the shutdown has impacted federal security services and resources that the private sector relies on to keep enterprises safe.
-
Government information security management
Attacks on the government easier during shutdown
As the shutdown continues, experts believe government cybersecurity will become more vulnerable, and government IT staff could leave for the private sector.
-
Security automation systems, tools and tactics
Why enterprises need a game plan for automating security
Security experts sound off on the importance and benefits of automating security, and highlight factors to be considered before implementing SOAR tools.