SearchSecurity
New & Notable
News
Authors of the Mirai botnet help FBI, avoid jail
News roundup: The Mirai botnet creators will not serve time in prison after they worked with the FBI. Plus, the Department of Defense updated its cyber strategy, and more.
News
CrowdStrike-NSS Labs feud escalates with antitrust suit
CrowdStrike and the Anti-Malware Testing Standards Organization responds the allegations made by NSS Labs in a bombshell antitrust suit over product testing practices.
Manage
How an improper authentication flaw affects PulseNet
GE reported an improper authentication flaw in its PulseNet network management software for critical infrastructures. Discover how this flaw works with Judith Myerson.
News
Risk & Repeat: Trend Micro apps land in hot water
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Trend Micro's Mac apps, which have come under fire for questionable data collection features.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
Firmware flaw could allow encryption-key theft via cold boot
The idea of cold boot attacks began 10 years ago, but researchers at F-Secure found the attack can be used on modern computers to steal encryption keys and other data.
-
Windows security News
Windows 10 exploit code released, no patch available
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Breaking down the Pwnie Awards
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What do you think are the best or worst plans in the White House's Cyber Strategy?
-
Rob Wright asks:
Should testing firms be required to use the AMTSO Testing Standard? Why or why not?
Find Solutions For Your Project
-
Evaluate
How to get women in security to speak at conferences
Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage.
-
Bobbie Carlton on tech conferences' gender gap
-
How to find the best privileged identity management tool
-
How to buy the best PIM tool for your enterprise
-
-
Problem Solve
A vulnerability in strongSwan caused a buffer underflow
A buffer underflow was found to be caused by a vulnerability in strongSwan's open source VPN. Learn how this is possible and how attackers can exploit it with Judith Myerson.
-
How a SQL web vulnerability can be detrimental
-
How Telegrab bypasses end-to-end encryption
-
A look at Intel's hardware debugging exception flaw
-
-
Manage
How an improper authentication flaw affects PulseNet
GE reported an improper authentication flaw in its PulseNet network management software for critical infrastructures. Discover how this flaw works with Judith Myerson.
-
How a new practical attack affects SEV technology
-
WPA3 security enhancements and new protocol
-
Judging security operation centers' performance
-
-
E-Handbook | September 2018
Security access controls over identities must be priority
Download -
Buyer's Handbook | August 2018
How to find the best privileged identity management tool
Download -
E-Zine | August 2018
Security data scientists on how to make your data useful
Download -
E-Handbook | July 2018
Incident response playbook in flux as services, tools arrive
Download -
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download
Information Security Basics
-
Get Started
A look at the new techniques used in SynAck ransomware
A technique called Process Doppelgänging was used by the SynAck ransomware to bypass security software. Expert Michael Cobb explains how this technique works and why it's unique.
-
Get Started
access control
Access control is a security technique that regulates who or what can view or use resources in a computing environment.
-
Get Started
ethical hacker
An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to penetrate a computer system, network, application or other computing resource on behalf of its owners -- and with their ...
Multimedia
Vendor Resources
- Webinar: Financial Services Organizations, Data Privacy, & GDPR –Video
- Top 10 Ransomware from 2017 –Research Content
- Closing the IT Security Gap with Automation & AI in the Era of IoT: Global –Research Content
Blog: Security Bytes
-
What the GAO Report missed about the Equifax data breach
The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident.Continue Reading
-
DHS cybersecurity rhetoric offers contradictions at DEF CON
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...Continue Reading
-
More Security Bytes Posts
Five things to watch for at Black Hat USA this year
How Dropbox dropped the ball with anonymized data
Is the new California privacy law a domestic GDPR?
-
News
View All -
Government information security management
White House details new Cyber Strategy goals
The new National Cyber Strategy released by the White House details plans for improving cybersecurity and garnered positive early reviews from experts for its comprehensiveness.
-
Information security laws, investigations and ethics
Authors of the Mirai botnet help FBI, avoid jail
News roundup: The Mirai botnet creators will not serve time in prison after they worked with the FBI. Plus, the Department of Defense updated its cyber strategy, and more.
-
Malware, virus, Trojan and spyware protection and removal
CrowdStrike-NSS Labs feud escalates with antitrust suit
CrowdStrike and the Anti-Malware Testing Standards Organization responds the allegations made by NSS Labs in a bombshell antitrust suit over product testing practices.