SearchSecurity
New & Notable
News
Mobile apps using Google Firebase leaking sensitive data
Android and iOS mobile apps that use unprotected Firebase databases leaked over 100 million records that include PHI, financial records and authentication information.
News
Experts question carrier promises about location data
Sen. Ron Wyden got all major U.S. wireless carriers to promise not to sell mobile location data to third parties, but experts question the basic security practices in place.
News
Chinese cyberespionage group hacked U.S. telecoms
News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.
News
Alleged Vault 7 leaker charged by the DOJ
The DOJ has officially charged the accused CIA leaker, Joshua Schulte, with theft of government property and gathering national defense information in the Vault 7 case.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
Chinese cyberespionage group hacked U.S. telecoms
News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.
-
Windows security News
Windows 7 Meltdown patches introduce new flaw
A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Google unveils principles for AI
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Madelyn Bacon asks:
Do you think Google should change the settings in Firebase databases? Why or why not?
-
Madelyn Bacon asks:
What do you think about the Chinese cyberespionage efforts to use "living off the land" hacking techniques?
Find Solutions For Your Project
-
Evaluate
Machine learning security, a real advance in tech protection
Some pioneers of AI in cybersecurity find progress thus far limited, but machine learning still offers an advancement in protecting enterprise networks and data.
-
The potential fallout from the iBoot firmware code leak
-
Are Meltdown and Spectre vulnerabilities?
-
How to hire the security operations center services you need
-
-
Problem Solve
Add machine learning to your endpoint protection
Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more.
-
How a Telegram vulnerability was used for cryptomining
-
Big data, big leaks: We ask a data scientist
-
How KRACK endangers encrypted connections
-
-
Manage
How traditional threat intelligence can fall short
White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help.
-
How command and control systems limit attackers
-
Applying the OODA cycle for cyber deception
-
How CyberArk researchers crafted a new attack
-
-
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download -
E-Zine | June 2018
CISOs face the IoT security risks of stranger things
Download -
Buyer's Handbook | May 2018
A security operations center for hire? Something to consider
Download -
E-Handbook | May 2018
How to best secure DNS? There's more than one approach
Download -
E-Handbook | April 2018
Cyber-risk strategies and models for a post-perimeter age
Download
Information Security Basics
-
Get Started
An introduction to insider threats and mitigations
Insider attacks are a significant threat to enterprises. Expert Ernie Hayden provides an introduction to insider threats and how organizations can protect themselves.
-
Get Started
Machine learning picks up where legacy detection fails
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.
-
Get Started
Report: Costs that result from insider threats
The Ponemon Institute study "2018 Cost of Insider Threats" examines the cost to companies victimized by material insider threat incidents during the past 12 months.
Multimedia
Vendor Resources
Blog: Security Bytes
-
It's GDPR Day. Let the privacy regulation games begin!
GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation.Continue Reading
-
Google I/O's security and privacy focus missing on day one
It's fairly easy to find stories sparking security and privacy concerns regarding a Google product or service — Search, Chrome, Android, AdSense and more — but if you watched or attended Google ...Continue Reading
-
More Security Bytes Posts
Cybersecurity pervasiveness subsumes all security concerns
Algorithmic discrimination: A coming storm for security?
GDPR deadline: Keep calm and GDPR on
-
News
View All -
BYOD and mobile device security best practices
Mobile apps using Google Firebase leaking sensitive data
Android and iOS mobile apps that use unprotected Firebase databases leaked over 100 million records that include PHI, financial records, and authentication information.
-
Wireless network security
Experts question carrier promises about location data
Senator Ron Wyden got all major U.S. wireless carriers to promise not to sell mobile location data to third parties, but experts question the basic security practices in place.
-
Emerging cyberattacks and threats
Chinese cyberespionage group hacked U.S. telecoms
News roundup: China-based Thrip hacking group used legitimate tools to attack companies in the U.S. and Southeast Asia. Plus, election officials didn't know about hacks, and more.