SearchSecurity
New & Notable
Citrix flaw fixed by attacker setting up a backdoor
Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability.
Get Started
Put application security testing at the top of your do-now list
It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified.
Get Started
Craft an effective application security testing process
For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data.
News
Windows patch fixes critical cryptography bug
Microsoft patched a critical vulnerability in how Windows validates cryptographic certificates that could lead to dangerous attacks, according to experts, and was originally reported by the NSA.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
Maze adds Busch's Fresh Food Markets to its victim list
Another confirmed ransomware attack, this time against Busch's Fresh Food Markets, was added to the Maze gang's ransomware shaming list after the company refused to pay the ransom.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
Diffie-Hellman vs. RSA: What are the differences?
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown.
-
Security industry trends News
McAfee appoints new CEO as Chris Young steps down
Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What is your process for implementing and testing mitigation strategies while awaiting a software patch?
-
Michael Heller asks:
What do you think of the NSA's disclosure and reported willingness to be more open about vulnerabilities?
-
Katie Donegan asks:
Why do you think the most common app security risks haven't changed in years despite a more sophisticated threat landscape?
Find Solutions For Your Project
-
Evaluate
Look out for these 10 cybersecurity trends in 2020
When it comes to cybersecurity predictions, in many ways, 2020 is a continuation of the present. Emerging trends include nation-state activity, IoT infrastructure attacks and more.
-
Navigating the future of AI and cybersecurity automation
-
Top cybersecurity trends of 2019
-
Compare host IDS vs. network IDS with these pros and cons
-
-
Problem Solve
Mitigate the most common app security threats
The most widely known application security threats are sometimes the most common exploits. Here is a list of the top app threats and their appropriate security responses.
-
Key elements of a HIPAA compliance checklist
-
Top ways to prevent software piracy
-
7 TCP/IP vulnerabilities explained
-
-
Manage
Put application security testing at the top of your do-now list
It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified.
-
Craft an effective application security testing process
-
Using NIST CSF to guide risk-based cybersecurity
-
Get IT and OT to coexist, securely
-
-
E-Handbook | January 2020
Put application security testing at the top of your do-now list
Download -
E-Handbook | November 2019
Raise enterprise network visibility, and security rises too
Download -
E-Zine | November 2019
AI threats, understaffed defenses and other cyber nightmares
Download -
E-Handbook | September 2019
IT/OT convergence is necessary, desirable, but not so simple
Download -
E-Handbook | August 2019
New network traffic analysis tools focus on security
Download
Information Security Basics
-
Get Started
Put application security testing at the top of your do-now list
It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified.
-
Get Started
Craft an effective application security testing process
For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data.
-
Get Started
CISM certification: From soft skills to risk management
Think you're ready for the CISM certification exam? Peter Gregory, author of CISM: Certified Information Security Manager Practice Exams, has some pointers for you.
Multimedia
-
Get Started
Security staff shortages plague IT organizations
-
-
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Security industry market trends, predictions and forecasts
McAfee appoints new CEO as Chris Young steps down
Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.
-
Network device security: Appliances, firewalls and switches
Citrix flaw fixed by attacker setting up a backdoor
Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability.
-
Microsoft Patch Tuesday and patch management
Windows patch fixes critical cryptography bug
Microsoft patched a critical vulnerability in how Windows validates cryptographic certificates that could lead to dangerous attacks, according to experts, and was originally reported by the NSA.