SearchSecurity
New & Notable
News
Researchers argue action bias hinders incident response
A Black Hat 2021 session focused on the human instinct to act immediately after a cyber attack, and how that can negatively impact incident response.
News
CISA director announces 'Joint Cyber Defense Collaborative'
The Joint Cyber Defense Collaborative, or JCDC, is a partnership between the public and private sectors to create and implement comprehensive national cybersecurity plans.
Manage
3 steps to create a low-friction authentication experience
Passwords are no longer sufficient, but more secure authentication methods frustrate users. Explore how to create a low-friction authentication process for improved UX and trust.
News
Hackers build a better timing attack to crack encryption keys
A new technique for cracking encryption keys can overcome the limitations of popular timing attacks by analyzing network packets, according to researchers at Black Hat 2021.
Trending Topics
-
Emerging threats News
Supply chain attacks, IoT threats on tap for Black Hat 2021
Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference.
-
Windows security News
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
Cryptography quiz questions and answers: Test your smarts
Put your encryption knowledge to the test, and perhaps even learn a new word or concept in the process with these cryptography quiz questions.
-
Security industry trends News
Cybersecurity investments surge in 2021 as VCs go all in
Venture capital firms have flooded the cybersecurity market this year with investment dollars for young startups and established vendors alike. What's behind this surge?
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
10 ways blockchain can improve IAM
DLT has the potential to revolutionize the identity management space. From boosting privacy to improving visibility, here are 10 use cases of blockchain in IAM.
-
Federate and secure identities with enterprise BYOI
-
Network security in the return-to-work era
-
Risk-based vulnerability management tools in the cloud
-
-
Problem Solve
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place.
-
Use a decentralized identity framework to reduce enterprise risk
-
How to conduct security patch validation and verification
-
Key security patch testing best practices
-
-
Manage
Best practices to conduct a user access review
User entitlement reviews ensure only authorized users have access to essential systems and data. Uncover the steps of a user access review and helpful best practices.
-
The benefits of using AI in risk management
-
4 healthcare risk management tips for secure cloud migration
-
How to implement machine identity management for security
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
Sample CompTIA CySA+ test questions with answers
Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output.
-
Get Started
How to prepare for the CompTIA CySA+ exam
The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more.
-
Get Started
What is cybersecurity?
Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.
Multimedia
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
IPv6 security and network protocols security
Researchers crack new Let's Encrypt validation feature
Multi-perspective validation can be thwarted with a traffic-throttling technique that could lead to attackers to obtain digital certificates for domains they don't actually own.
-
Cyberespionage and nation-state cyberattacks
Matt Tait warns of 'stolen' zero-day vulnerabilities
During Black Hat 2021, the COO of Corellium discussed three main threats that have ramped up: stolen zero days, zero days being exploited in the wild and supply chain attacks.
-
Emerging cyberattacks and threats
Supply chain attacks, IoT threats on tap for Black Hat 2021
Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference.