SearchSecurity
New & Notable
News
SolarWinds breach news center
The massive SolarWinds supply-chain attack continues to invade networks. Here's the latest news on the breach, how the malware infiltrates systems and the IT industry response.
Manage
Proactive threat hunting process gets ahead of breaches
Adopt threat hunting techniques that analyze the right data, detect anomalies, use frameworks and compare success metrics, combining manual techniques with AI and machine learning.
News
FireEye releases new tool to fight SolarWinds hackers
The new tool, dubbed Azure AD Investigator, will help audit Microsoft 365 environments for techniques used by the nation-state actors behind the SolarWinds supply chain attack.
Get Started
How to develop a cybersecurity strategy: Step-by-step guide
A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there.
Trending Topics
-
Emerging threats News
SolarWinds confirms supply chain attack began in 2019
SolarWinds and CrowdStrike published updates Monday that added new information for the timeline of the supply chain attack and how threat actors first gained access.
-
Windows security News
Microsoft detects Netlogon vulnerability exploitation in the wild
While Microsoft released a patch last month for the Netlogon flaw, the company said it detected threat actors using exploits for the critical vulnerability.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Evaluate
Double key encryption yields data protection benefits
Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges?
-
Security industry trends Evaluate
What is the future of cybersecurity?
Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the trends shaping the future of cybersecurity.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
What is the future of cybersecurity?
Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the trends shaping the future of cybersecurity.
-
Compare the 2 types of customer IAM architectures
-
XDR simplifies proactive security for enterprises
-
Biometric security technology could see growth in 2021
-
-
Problem Solve
Cybersecurity challenges in 2021 and how to address them
Security teams faced unprecedented challenges in 2020. The year ahead appears no less daunting. Here are the cybersecurity trends -- and safeguards -- to take into account in 2021.
-
What's the best way to detect bloatware?
-
How to address the skills gap of security and IT personnel
-
How to ensure cybersecurity when employees work remotely
-
-
Manage
Standardize cybersecurity terms to get everyone correct service
Some cybersecurity terms can refer to multiple service offerings, which can be confusing for companies looking to implement them as well as the companies providing them.
-
Proactive threat hunting process gets ahead of breaches
-
Combine ML with human intelligence for your security strategy
-
2021 IT priorities: What security teams need to know
-
-
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download -
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download -
E-Handbook | May 2020
How to get actionable threat intelligence from tech tools
Download
Information Security Basics
-
Get Started
How to develop a cybersecurity strategy: Step-by-step guide
A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there.
-
Get Started
SolarWinds supply chain attack explained: Need-to-know info
The SolarWinds supply chain breach is the talk of the town -- and will be for months and years to come. Get informed and be part of the conversation with our guide.
-
Get Started
Enterprise firewalls exist in 5 basic categories
Read up on the five different firewalls' similarities and differences, the three firewall deployment models and tips for choosing the firewall that best meets your company's needs.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Active Directory security
FireEye releases new tool to fight SolarWinds hackers
The new tool, dubbed Azure AD Investigator, will help audit Microsoft 365 environments for techniques used by the nation-state actors behind the SolarWinds supply chain attack.
-
Data security breaches
Malwarebytes breached by SolarWinds hackers
Malwarebytes, which is not a SolarWinds customer, confirmed that nation-state actors used an entirely different vector to breach the antimalware vendor and access internal emails.
-
Hacker tools and techniques: Underground hacking sites
FBI warns against vishing attacks targeting enterprises
Though the FBI vishing warning references attacks that began in December 2019, the alert is reminiscent of the Twitter social engineering attacks that took place last July.
SearchSecurity Definitions
- cyber attack
- backdoor (computing)
- post-quantum cryptography
- What is SecOps? Everything you need to know
- cybercrime
- CVSS (Common Vulnerability Scoring System)
- Dridex malware
- identity management (ID management)