SearchSecurity
New & Notable
News
Bobbie Stempfley on cybersecurity AI hype vs. reality
Many cybersecurity vendors have embraced AI and machine learning, but CERT Division's Bobbie Stempfley says more work is needed around testing algorithms and validating results.
News
Targeted attacks exploit 19-year-old WinRAR flaw
A critical WinRAR bug that was exposed after 19 years is already being exploited in targeted attacks in the Middle East and United States, despite the availability of patch.
Problem Solve
These 5 web app vulnerabilities are still a problem
Common web application vulnerabilities continue to confound enterprises. Here's how to defend against them and stop enabling exploits.
Problem Solve
How can I guard against screaming channel attacks?
A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks?
Instant Download: Free Guide to Password Security
Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.
Trending Topics
-
Emerging threats News
5 popular attack techniques and how to defend against them
At RSA Conference 2019, experts from the SANS Institute discuss the most dangerous attack techniques they've seen, including DNS manipulation and domain fronting.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Problem Solve
What are the biggest issues with self-encrypting drives?
Dutch researchers discovered flaws in ATA security and TCG Opal affecting self-encrypting drives. What steps can you take to guard data stored on vulnerable solid-state drives?
-
Security industry trends News
AI hype may finally be waning at RSAC 2019
Following years of AI climbing the hype wheel at RSA Conference, the topic is no longer one of the most prevalent as supply chain and infrastructure fears take focus at RSAC 2019.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
Find Solutions For Your Project
-
Evaluate
Cybersecurity tools of the successful enterprise
Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why.
-
Application security: Developers' often-overlooked role
-
Endpoint security in your organization
-
Multifactor authentication methods, use cases and products
-
-
Problem Solve
How can I guard against screaming channel attacks?
A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks?
-
What's the truth behind the fall spike in DDoS attacks?
-
Nine email security features to keep phishing at bay
-
Is my IoT network open to DDoS attacks?
-
-
Manage
Enterprises race to keep up with evolving C&C servers
Command-and-control servers are now using public cloud services, social media and other resources to evade detection. What should enterprises do to combat these threats?
-
5 email security challenges need enterprise attention
-
Is the Spectre variant 2 mitigation worth it?
-
How Mirai and Gafgyt variant botnets target IoT devices
-
-
Buyer's Handbook | February 2019
Multifactor authentication methods, use cases and products
Download -
Buyer's Handbook | February 2019
A guide to SIEM platforms, benefits and features
Download -
E-Handbook | February 2019
Can a zero-trust approach fill the security perimeter void?
Download -
E-Zine | February 2019
CISOs build cybersecurity business case amid attack onslaught
Download -
E-Handbook | January 2019
Customer identity and access management: Why now and how?
Download
Information Security Basics
-
Get Started
payload (computing)
In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the military and is often associated with the capacity of executable malicious code to do damage. Technically, the payload of a ...
-
Get Started
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a ...
-
Get Started
Using Mimikatz to dump Windows credentials
In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords.
Multimedia
Vendor Resources
- NIST Cybersecurity Framework –White Paper
- Endpoint Zero Trust Protection in a Connected World –Resource
- Log Management Essentials –White Paper
Blog: Security Bytes
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...Continue Reading
-
More Security Bytes Posts
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
Will cybersecurity safety ever equal air travel safety?
-
News
View All -
Open source security tools and software
Ghidra reverse-engineering release meets praise and concern
The NSA's reverse-engineering tool, Ghidra, was released to the public and despite some initial concerns experts are generally bullish on the prospects for the free software.
-
Information security threats
U.S. election security remains at risk
Fragile electronic voting systems and the weaponization of social media continue to menace U.S. election systems as presidential candidates ramp up their 2020 campaigns.
-
Emerging cyberattacks and threats
5 popular attack techniques and how to defend against them
At RSA Conference 2019, experts from the SANS Institute discuss the most dangerous attack techniques they've seen, including DNS manipulation and domain fronting.