SearchSecurity
New & Notable
Evaluate
Is a cybersecurity insurance policy a worthy investment?
Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk.
News
Docker worm spreads cryptojacker on exposed hosts
Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers.
Evaluate
How to choose a cybersecurity insurance provider
To vet potential cybersecurity insurance providers, there are a few questions every customer should ask. Learn more about the questions to ask and how to get the answers you need.
Evaluate
Building a penetration testing toolkit
Does your penetration testing toolkit have the proper contents? Learn the must-have tool for any pen tester, as well as specific tools for wireless, network and web app pen testing.
Instant Download: Building an Incident Response Action Plan
77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.
Trending Topics
-
Emerging threats News
Docker worm spreads cryptojacker on exposed hosts
Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Evaluate
How symmetric and asymmetric encryption algorithms differ
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.
-
Security industry trends Manage
CISOs need street cred -- or else
No matter what comes at them in terms of cybersecurity issues, the main CISO challenge comes down to building credibility as a trustworthy person.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Andrew Froehlich asks:
What types of businesses would most benefit from acquiring cybersecurity insurance policies?
-
Margaret Rouse asks:
Do you feel safe logging into a third-party application through an identity provider?
Find Solutions For Your Project
-
Evaluate
Is a cybersecurity insurance policy a worthy investment?
Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk.
-
How to choose a cybersecurity insurance provider
-
Building a penetration testing toolkit
-
Comparing SSL/TLS VPNs vs. IPsec VPNs
-
-
Problem Solve
Understanding privacy implications of DNS
Learn two techniques for improving end-user DNS privacy protection that prevent DNS from exposing information about websites users visit and the people users communicate with.
-
3 steps to a more secure enterprise 5G deployment
-
How symmetric and asymmetric encryption algorithms differ
-
Using HTTPS: How to encrypt and secure a website
-
-
Manage
How security can support a meaningful DevSecOps shift
Shifting from DevOps to DevSecOps isn't always easy, with the transition requiring changes to culture, processes and people. Here's how security can help lead the charge.
-
DevSecOps success requires changes from dev, sec and ops
-
Keep your virtual network secure with these 3 measures
-
How to update vendor risk management best practices
-
-
E-Handbook | September 2019
IT/OT convergence is necessary, desirable, but not so simple
Download -
E-Handbook | August 2019
New network traffic analysis tools focus on security
Download -
E-Zine | August 2019
Managing identity and access well unlocks strong security
Download -
Buyer's Guide | July 2019
What secure email gateways can do for your enterprise
Download -
E-Handbook | June 2019
Why user identity management is a security essential
Download
Information Security Basics
-
Get Started
identity provider
An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and ...
-
Get Started
firewall
A firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or leave a computer network.
-
Get Started
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning. The science of encrypting and decrypting information is called cryptography.
Multimedia
Vendor Resources
- Network Security – A Patchwork Quilt Bursting at the Seams –Resource
- Introduction to DevSecOps –White Paper
- Cloud Security Gaps –White Paper
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Emerging cyberattacks and threats
Docker worm spreads cryptojacker on exposed hosts
Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers.
-
Network device security: Appliances, firewalls and switches
Imperva takes the blame for WAF breach
Imperva CTO Kunal Anand posted updated information regarding the recent breach affecting Cloud WAF customers and admitted poor security controls led to the compromise.
-
Enterprise network security
Cybersecurity threats on the rise, prey on human nature
Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice.