SearchSecurity
New & Notable
News
Another BlueKeep warning issued, but will it work?
DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet.
Problem Solve
How to avoid a web security risk with Git repositories
Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks.
News
Fortinet launches Secure SD-Branch platform
Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges.
News
How infosec titles, roles will change amid skills gap
At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.
3 Ways SOAR Can Combat the Cybersecurity Skills Shortage
What are some of the strategies that your organization has implemented to help combat the cybersecurity skills gap? Mike Chapple, senior director of IT at University of Notre Dame explains how log processing, threat intelligence and account lifecycle management can help alleviate the shortage of qualified pros and have teams work smarter, not harder.
Trending Topics
-
Emerging threats News
ICS threats loom over U.S. electrical utilities
Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Problem Solve
How will cryptography adapt to the post-quantum world?
Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains.
-
Security industry trends Problem Solve
Tenable CEO on why enterprises feel helpless against hacks
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Rob Wright asks:
Why haven't some vulnerable systems been patch for the Remote Desktop protocol flaw?
Find Solutions For Your Project
-
Evaluate
Learn about new SANS security awareness certification
The SANS Security Awareness Professional credential gives enterprises a new method to recognize and promote cybersecurity awareness in the organization.
-
What to consider with zero-trust security
-
4 reasons SMS two-factor authentication is challenging
-
Explore the next-generation firewall marketplace
-
-
Problem Solve
Tenable CEO on why enterprises feel helpless against hacks
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises.
-
Choosing the right IT security framework
-
Dark data is more pervasive than you think
-
10 ways to prevent insider threats
-
-
Manage
Train executives to spot whaling attacks
Security awareness training for executives teaches an enterprise's biggest fish to recognize potential whaling attacks -- before they take the bait.
-
How should SIEM log management change to stay relevant?
-
Performance jumps when using VAs for encryption offload
-
Best practices for employee email security
-
-
Buyer's Handbook | May 2019
How to select and implement a next-gen firewall
Download -
E-Handbook | May 2019
Why EDR technologies are essential for endpoint protection
Download -
E-Zine | May 2019
Conquering cloud security threats with awareness and tools
Download -
360 Guide | April 2019
Inside the 'Master134' malvertising campaign
Download -
E-Handbook | April 2019
How to put AI security to work in your organization
Download
Information Security Basics
-
Get Started
BlueKeep
BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.
-
Get Started
How subdomain takeover attacks work
Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.
-
Get Started
How MTA Strict Transport Security will aid email protection
Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.
Multimedia
Vendor Resources
- Guardicore Centra Security Platform –Data Sheet
- How to Protect Your VDI Environment from Ransomware –eGuide
- Micro-Segmentation in Hybrid Clouds with Guardicore Centra –Product Overview
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Microsoft Patch Tuesday and patch management
Another BlueKeep warning issued, but will it work?
DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet.
-
Network Access Control technologies
Fortinet launches Secure SD-Branch platform
Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges.
-
Information security certifications, training and jobs
How infosec titles, roles will change amid skills gap
At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.