SearchSecurity
New & Notable
Manage
A look at the ICS threat landscape
ICS threats have become more prevalent, so the need for organizations to understand the risks has grown. Expert Ernie Hayden explains what enterprises need to know.
Manage
How malicious files can infect Microsoft Office
Spider ransomware has been found spreading malicious files via a phishing campaign that gives victims a 96-hour deadline. Learn how this attack is similar to past attacks with Nick Lewis.
Problem Solve
How users can mitigate the Janus vulnerability
The Janus vulnerability was found injecting malicious code into reputable Android apps. Once injected, users' endpoints become infected. Learn how to prevent this with expert Nick Lewis.
News
Special counsel indicts 12 Russian GRU officers
A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
RiskIQ: Ticketmaster breach was 'tip of the iceberg'
News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.
-
Windows security Manage
How malicious files can infect Microsoft Office
Spider ransomware has been found spreading malicious files via a phishing campaign that gives victims a 96-hour deadline. Learn how this attack is similar to past attacks with Nick Lewis.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Accenture's Moskites talks infosec career paths, diversity
Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the gender gap in the infosec industry and what can be done to close it.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
Find Solutions For Your Project
-
Evaluate
Incident response playbook in flux as services, tools arrive
IR is shifting, with new technology, automation, machine learning and third-party services changing how IR is performed. But in-house security will remain central.
-
Putting incident response as a service in the tool set
-
Machine learning security, a real advance in tech protection
-
The potential fallout from the iBoot firmware code leak
-
-
Problem Solve
How users can mitigate the Janus vulnerability
The Janus vulnerability was found injecting malicious code into reputable Android apps. Once injected, users' endpoints become infected. Learn how to prevent this with expert Nick Lewis.
-
How did an old Firefox password bug go undetected?
-
How white hats penetrate and study the dark web
-
How Cisco PCP software can be exploited by attackers
-
-
Manage
A look at the ICS threat landscape
ICS threats have become more prevalent, so the need for organizations to understand the risks has grown. Expert Ernie Hayden explains what enterprises need to know.
-
How malicious files can infect Microsoft Office
-
How a highly critical Drupal vulnerability affects users
-
How a cryptomining extension ban affects cryptojacking
-
-
E-Handbook | July 2018
Incident response playbook in flux as services, tools arrive
Download -
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download -
E-Zine | June 2018
CISOs face the IoT security risks of stranger things
Download -
Buyer's Handbook | May 2018
A security operations center for hire? Something to consider
Download -
E-Handbook | May 2018
How to best secure DNS? There's more than one approach
Download
Information Security Basics
-
Get Started
Achieve results with focused IR automation efforts
Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more.
-
Get Started
Certified Cloud Security Professional (CCSP)
The Certified Cloud Security Professional (CCSP) certification is intended for experience IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of ...
-
Get Started
federated identity management
Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.
Multimedia
Vendor Resources
- The Secret to Creating a Cyber Risk-Aware Organization –White Paper
- Automate Security Incident Response with Okta –Resource
- Definitive Guide to Data Classification –Resource
Blog: Security Bytes
-
Is the new California privacy law a domestic GDPR?
The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ...Continue Reading
-
Cyber attribution: Why it won't be easy to stop the blame game
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.Continue Reading
-
More Security Bytes Posts
It's GDPR Day. Let the privacy regulation games begin!
Google I/O's security and privacy focus missing on day one
Cybersecurity pervasiveness subsumes all security concerns
-
News
View All -
Cyberespionage and nation-state cyberattacks
Indictment shows X-Agent backdoor remained on DNC systems
The indictment of Russian intelligence officers accused of hacking the DNC revealed a troubling timeline, including the X-Agent malware lurking on DNC systems for months.
-
Web browser security
Google Chrome adds protections against Spectre attacks
In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.
-
Cyberespionage and nation-state cyberattacks
Special counsel indicts 12 Russian GRU officers
A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.