SearchSecurity
New & Notable
Get Started
CISOs: Test your know-how with CCISO exam questions
This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions.
Evaluate
Inside look at EC-Council's Certified CISO
Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape.
News
NSA finds new Exchange Server vulnerabilities
Microsoft said it has not seen the new Exchange Server vulnerabilities being used in attacks against customers, but customers are still advised to patch immediately.
News
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections.
Trending Topics
-
Emerging threats News
Risk & Repeat: Recapping the Exchange Server attacks
This week's Risk & Repeat episode looks back at the Microsoft Exchange Server attacks, plus the questions and mysteries surrounding the ongoing threat.
-
Windows security News
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Evaluate
Double key encryption yields data protection benefits
Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges?
-
Security industry trends Evaluate
What is the future of cybersecurity?
Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the trends shaping the future of cybersecurity.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
Essential cyber threat intelligence feeds
Organizations have many threat intelligence frameworks to work with, each with its own advantages. From for-profit to nonprofit, here's help to figure out which ones you need.
-
Can a new DHS cybersecurity strategy help the private sector?
-
The best-ever guide to incident response
-
Ransomware attack case study: Recovery can be painful
-
-
Problem Solve
How to prevent insider threats in 6 steps
Too often, organizations focus exclusively on external risks to security. Infosec expert Nabil Hannan explains what CISOs can do to effectively assess and prevent insider threats.
-
Stopping security's top 5 vulnerabilities
-
3 steps to align cybersecurity to business goals
-
What to do after a data breach
-
-
Manage
12 steps to bolster MS Exchange Server security
Exchange security has come under increased scrutiny since the recent exploitation of critical vulnerabilities. Review this list of activities to best protect your enterprise.
-
Utilizing existing tech to achieve zero-trust security
-
Consider these 5 endpoint security best practices
-
challenge-response authentication
-
-
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download -
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download
Information Security Basics
-
Get Started
unified threat management (UTM)
Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.
-
Get Started
physical security
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.
-
Get Started
attack vector
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Microsoft Patch Tuesday and patch management
NSA finds new Exchange Server vulnerabilities
Microsoft said it has not seen the new Exchange Server vulnerabilities being used in attacks against customers, but customers are still advised to patch immediately.
-
Microsoft Windows security
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections.
-
VPN security
Cring ransomware attacking vulnerable Fortigate VPNs
A vulnerability impacting Fortinet's Fortigate VPN, first disclosed and patched in 2019, is being exploited by Cring ransomware operators to extort bitcoin from enterprises.