SearchSecurity
New & Notable
News
Special counsel indicts 12 Russian GRU officers
A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.
News
Google Chrome adds protections against Spectre attacks
In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.
News
Intel pays $100,000 bounty on new Spectre attacks
Researchers discovered two new Spectre variants that can be used to bypass protections and attack systems and earned $100,000 in bug bounties from Intel.
News
RiskIQ: Ticketmaster breach was 'tip of the iceberg'
News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
RiskIQ: Ticketmaster breach was 'tip of the iceberg'
News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more.
-
Windows security Manage
How a vulnerability affected Microsoft's CredSSP
The CVE-2018-0886 vulnerability found within Microsoft's CredSSP was recently patched. Discover what this vulnerability is and how it affects the CredSSP protocol with Judith Myerson.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Accenture's Moskites talks infosec career paths, diversity
Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the gender gap in the infosec industry and what can be done to close it.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Dave Shackleford asks:
What has helped advance -- or inhibit -- incident response automation in your company?
-
Steven Weil asks:
What are your chief criteria for choosing a third-party incident response service for your enterprise?
Find Solutions For Your Project
-
Evaluate
Incident response playbook in flux as services, tools arrive
IR is shifting, with new technology, automation, machine learning and third-party services changing how IR is performed. But in-house security will remain central.
-
Putting incident response as a service in the tool set
-
Machine learning security, a real advance in tech protection
-
The potential fallout from the iBoot firmware code leak
-
-
Problem Solve
How users can mitigate the Janus vulnerability
The Janus vulnerability was found injecting malicious code into reputable Android apps. Once injected, users' endpoints become infected. Learn how to prevent this with expert Nick Lewis.
-
How did an old Firefox password bug go undetected?
-
How white hats penetrate and study the dark web
-
How Cisco PCP software can be exploited by attackers
-
-
Manage
How a highly critical Drupal vulnerability affects users
A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb.
-
How a cryptomining extension ban affects cryptojacking
-
How malicious add-ons can be stopped from taking root
-
Looking at privacy implications of DNS traffic over HTTPS
-
-
E-Handbook | July 2018
Incident response playbook in flux as services, tools arrive
Download -
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download -
E-Zine | June 2018
CISOs face the IoT security risks of stranger things
Download -
Buyer's Handbook | May 2018
A security operations center for hire? Something to consider
Download -
E-Handbook | May 2018
How to best secure DNS? There's more than one approach
Download
Information Security Basics
-
Get Started
Achieve results with focused IR automation efforts
Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more.
-
Get Started
Certified Cloud Security Professional (CCSP)
The Certified Cloud Security Professional (CCSP) certification is intended for experience IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of ...
-
Get Started
federated identity management
Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Cyber attribution: Why it won't be easy to stop the blame game
Infosec experts have argued that too much focus is put on cyber attribution, but moving away from publicly identifying threat groups and nation-states may be easier said than done.Continue Reading
-
It's GDPR Day. Let the privacy regulation games begin!
GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation.Continue Reading
-
More Security Bytes Posts
Google I/O's security and privacy focus missing on day one
Cybersecurity pervasiveness subsumes all security concerns
Algorithmic discrimination: A coming storm for security?
-
News
View All -
Web browser security
Google Chrome adds protections against Spectre attacks
In an effort to mitigate the risk of Spectre attacks, Google Chrome site isolation has been enabled for 99% of browser users to minimize the data that could be gleaned by an attacker.
-
Cyberespionage and nation-state cyberattacks
Special counsel indicts 12 Russian GRU officers
A grand jury for special counsel Robert Mueller's election-interference investigation indicted 12 Russian intelligence officers for crimes related to the DNC and DCCC hacks.
-
Hacker tools and techniques: Underground hacking sites
Intel pays $100,000 bounty on new Spectre attacks
Researchers discovered two new Spectre variants that can be used to bypass protections and attack systems and earned $100,000 in bug bounties from Intel.