SearchSecurity
New & Notable
News
OURSA Conference highlights surveillance woes
The ACLU's Jennifer Granick took government hacking to task at the OURSA Conference this week, calling out mass surveillance techniques and the limited scope of search warrants.
News
Keeper teams with Bugcrowd after bug report flap
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program.
News
Private analytics firm exposed scraped consumer data
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more.
News
Hack back for good approved by RSAC panel
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
Trending Topics
-
Emerging threats News
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.
-
Windows security News
Windows 7 Meltdown patches introduce new flaw
A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.
-
PCI DSS News
Risk & Repeat: Does PCI DSS compliance matter?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
-
Encryption technology News
IBM researchers pump up blockchain, crypto
At IBM's Think conference, Big Blue researchers discussed new security-centric projects around blockchain databases, crypto anchors and quantum-resilient encryption.
-
Security industry trends News
Risk & Repeat: What's in the Verizon DBIR this year?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Madelyn Bacon asks:
Are you concerned about the amount of scraped consumer data that's being collected?
-
Rob Wright asks:
How have regulations like GDPR and PSD2 changed your organization's identity management practices?
-
Michael Heller asks:
Are there offensive cyberattacks that should be considered by the public and private sectors? If so, what are they?
Find Solutions For Your Project
-
Evaluate
How biometric authentication can replace passwords
Biometric authentication systems have gained traction on mobile devices, but when will they become dominant within the enterprise? Expert Bianca Lopes weighs in on the topic.
-
Creative ways to earn CISSP CPEs
-
The time is ripe to implement cybersecurity automation
-
How swatting threats abuse telecommunications
-
-
Problem Solve
What does it take to deliver on the 'zero trust' promise?
The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust.
-
How many revisions make for a good code review?
-
House IT staff investigation raises security concerns
-
Are new VPN vulnerabilities a concern for enterprises?
-
-
Manage
How a DNS rebinding attack could have pwned Blizzard
A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it.
-
Cloud security threats in 2018: Get ahead of the storm
-
The many hats of hardware hacker Joe Grand
-
Technology checkup with Premise Health CISO Joey Johnson
-
-
E-Handbook | April 2018
Cyber-risk strategies and models for a post-perimeter age
Download -
E-Zine | April 2018
Cloud security threats in 2018: Get ahead of the storm
Download -
E-Handbook | March 2018
The time is ripe to implement cybersecurity automation
Download -
E-Handbook | February 2018
Mobile security trends point to unifying policy and tools
Download -
E-Zine | February 2018
Cybersecurity roadmap: What's driving CISOs' agendas for 2018
Download
Information Security Basics
-
Get Started
How will PSD2 and GDPR affect identity management?
Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain.
-
Get Started
Good cybersecurity requires defense in depth
F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks.
-
Get Started
ERM strategies provide a guide for dealing with threats
In security, perfection is impossible, but risk management frameworks plus a range of strategies can significantly reduce your organization’s risk.
Multimedia
Vendor Resources
Blog: Security Bytes
-
CrowdStrike unveils Meltdown exploit in unusual fashion
At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.Continue Reading
-
FedRAMP security requirements put a premium on automation
Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.Continue Reading
-
More Security Bytes Posts
Privacy protections are needed for government overreach, too
Apple GDPR privacy protection will float everyone's privacy boat
RSA Conference keynotes miss the point of diversity
-
News
View All -
Data security breaches
Private analytics firm exposed scraped consumer data
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more.
-
Information security laws, investigations and ethics
Hack back for good approved by RSAC panel
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage.
-
Penetration testing, ethical hacking and vulnerability assessments
Bug bounties are not a panacea for removing bugs
Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.