SearchSecurity
New & Notable
One third of ransomware victims opting to pay ransoms
According to Proofpoint's 2020 'State of the Phish' report, 51% of U.S. organizations surveyed opted to pay threat actors after being hit with a successful ransomware attack.
Get Started
How are authentication and digital identity different?
Andrew Froehlich breaks down how authentication and digital identity differ and how each of them are intrinsic to identity and access management.
News
UpGuard finds AWS credentials exposed on GitHub
UpGuard discovered a public GitHub repository that contained sensitive AWS customer data, including passwords, authentication tokens and private encryption keys.
Get Started
How to write an effective pen test report
Writing a penetration testing report might not be the most fun part of the job, but it's a critical component. These tips will help you write a good one.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
Maze adds Busch's Fresh Food Markets to its victim list
Another confirmed ransomware attack, this time against Busch's Fresh Food Markets, was added to the Maze gang's ransomware shaming list after the company refused to pay the ransom.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
Diffie-Hellman vs. RSA: What are the differences?
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown.
-
Security industry trends News
McAfee appoints new CEO as Chris Young steps down
Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Andrew Froehlich asks:
Have you incorporated zero trust in your organization's identity and access management program?
-
Rob Wright asks:
What protections or policies does your organization have to prevent data leaks on GitHub?
Find Solutions For Your Project
-
Evaluate
Compare container security vendors at a glance
Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic.
-
Look out for these 10 cybersecurity trends in 2020
-
Navigating the future of AI and cybersecurity automation
-
Top cybersecurity trends of 2019
-
-
Problem Solve
What are common problems with traditional authentication methods?
Are you up to date on the most popular digital authentication methods and their potential cybersecurity risks? Learn how the right technology can improve and secure access management.
-
Mitigate the most common app security threats
-
Key elements of a HIPAA compliance checklist
-
Top ways to prevent software piracy
-
-
Manage
Data security considerations as volume and velocity increase
From growing attack surfaces to new regulations, these data security considerations must be on every company's radar.
-
Key tips to building a rock-solid SOC framework
-
Put application security testing at the top of your do-now list
-
Craft an effective application security testing process
-
-
E-Handbook | January 2020
Put application security testing at the top of your do-now list
Download -
E-Handbook | November 2019
Raise enterprise network visibility, and security rises too
Download -
E-Zine | November 2019
AI threats, understaffed defenses and other cyber nightmares
Download -
E-Handbook | September 2019
IT/OT convergence is necessary, desirable, but not so simple
Download -
E-Handbook | August 2019
New network traffic analysis tools focus on security
Download
Information Security Basics
-
Get Started
How are authentication and digital identity different?
Andrew Froehlich breaks down how authentication and digital identity differ and how each of them are intrinsic to identity and access management.
-
Get Started
How to write an effective pen test report
Writing a penetration testing report might not be the most fun part of the job, but it's a critical component. These tips will help you write a good one.
-
Get Started
Understanding the most common authentication methods
In order to build and maintain a comprehensive access management program, enterprise leaders must get to know the various forms of digital authentication at their disposal.
Multimedia
Vendor Resources
- Securing Open Source Libraries: 2019 Update –Analyst Report
- Making MITRE ATT&CK Actionable –Webcast
- Asurion developers choose Snyk for developer-focused approach and for its ... –Case Study
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Password management and policy
UpGuard finds AWS credentials exposed on GitHub
UpGuard discovered a public GitHub repository that contained sensitive AWS customer data, including passwords, authentication tokens and private encryption keys.
-
Wireless network security
Netgear vulnerability raises router security concerns
Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor.
-
Data security breaches
2019 data breach disclosures: 10 more of the biggest
Here is a list of 10 of the largest data breaches (mostly) from the second half of 2019, including DoorDash, T-Mobile, Capital One and more.