SearchSecurity
New & Notable
News
ReliaQuest's security platform improves visibility, control
ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis.
News
One more decryptor released after GandCrab shutdown
The No More Ransom initiative released one last GandCrab decryption tool to help victims recover data after the ransomware was allegedly shut down by its authors.
News
Netskope announces application security service
Netskope for Private Access is a cloud-based platform that secures private enterprise applications on public clouds and in on-premises data centers using zero-trust access.
News
YubiKey fixes randomness issue in FIPS keys
Yubico recalled YubiKey FIPS series devices after discovering an issue leading to reduced randomness in values generated by the keys, which are used by federal agencies.
3 Ways SOAR Can Combat the Cybersecurity Skills Shortage
What are some of the strategies that your organization has implemented to help combat the cybersecurity skills gap? Mike Chapple, senior director of IT at University of Notre Dame explains how log processing, threat intelligence and account lifecycle management can help alleviate the shortage of qualified pros and have teams work smarter, not harder.
Trending Topics
-
Emerging threats News
ICS threats loom over U.S. electrical utilities
Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Problem Solve
How will cryptography adapt to the post-quantum world?
Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains.
-
Security industry trends Problem Solve
Tenable CEO on why enterprises feel helpless against hacks
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
Find Solutions For Your Project
-
Evaluate
Learn about new SANS security awareness certification
The SANS Security Awareness Professional credential gives enterprises a new method to recognize and promote cybersecurity awareness in the organization.
-
What to consider with zero-trust security
-
4 reasons SMS two-factor authentication is challenging
-
Explore the next-generation firewall marketplace
-
-
Problem Solve
Tenable CEO on why enterprises feel helpless against hacks
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises.
-
Choosing the right IT security framework
-
Dark data is more pervasive than you think
-
10 ways to prevent insider threats
-
-
Manage
Train executives to spot whaling attacks
Security awareness training for executives teaches an enterprise's biggest fish to recognize potential whaling attacks -- before they take the bait.
-
How should SIEM log management change to stay relevant?
-
Performance jumps when using VAs for encryption offload
-
Best practices for employee email security
-
-
Buyer's Handbook | May 2019
How to select and implement a next-gen firewall
Download -
E-Handbook | May 2019
Why EDR technologies are essential for endpoint protection
Download -
E-Zine | May 2019
Conquering cloud security threats with awareness and tools
Download -
360 Guide | April 2019
Inside the 'Master134' malvertising campaign
Download -
E-Handbook | April 2019
How to put AI security to work in your organization
Download
Information Security Basics
-
Get Started
BlueKeep (CVE-2019-0708)
BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.
-
Get Started
How subdomain takeover attacks work
Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.
-
Get Started
How MTA Strict Transport Security will aid email protection
Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.
Multimedia
Vendor Resources
- Guardicore Centra Security Platform –Data Sheet
- How to Protect Your VDI Environment from Ransomware –eGuide
- Micro-Segmentation in Hybrid Clouds with Guardicore Centra –Product Overview
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Information security certifications, training and jobs
How infosec titles, roles will change amid skills gap
At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.
-
SIEM, log management and big data security analytics
ReliaQuest's security platform improves visibility, control
ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis.
-
Malware, virus, Trojan and spyware protection and removal
One more decryptor released after GandCrab shutdown
The No More Ransom initiative released one last GandCrab decryption tool to help victims recover data after the ransomware was allegedly shut down by its authors.