SearchSecurity
New & Notable
News
Cybereason researchers detect new Astaroth malware campaign
Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.
News
Ponemon report sheds light on poor password security habits
More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.
Manage
How mobile app security is maintained with patches
A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis.
Manage
How to limit exposure to credential stuffing
Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat.
Instant Download: Free Guide to Password Security
Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.
Trending Topics
-
Emerging threats News
Cybereason researchers detect new Astaroth malware campaign
Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.
-
Windows security Manage
How to bypass a Windows kernel protection feature
Security researchers demonstrated how a new fileless attack technique can bypass a Windows kernel protection feature at Black Hat 2018. Find out how the technique works.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology News
Microsoft BitLocker misplaces trust in SSDs for encryption
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
-
Security industry trends Evaluate
CISOs face an array of serious issues in the new year
From dealing with data and staffing shortages to adapting to an ever-expanding set of job responsibilities, CISOs face an array of serious issues in 2019.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Mekhala Roy asks:
What steps has your organization taken to rectify their employees' poor password practices?
Find Solutions For Your Project
-
Evaluate
Protect your network against third-party threats
Enterprises are more vulnerable than ever before to supply chain threats from third-party apps and modules. Last fall's compromised NPM package is one cautionary tale.
-
Use cases: compare multifactor authentication tools
-
CISOs face an array of serious issues in the new year
-
3-step process measures SecOps incident response
-
-
Problem Solve
How to limit exposure to credential stuffing
Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat.
-
How an exploit code ended up in a software release
-
Should large enterprises monitor the dark web?
-
How did the Python colorama hack work?
-
-
Manage
How mobile app security is maintained with patches
A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis.
-
How attackers bypassed a Webex Meetings platform patch
-
How a Mozilla vulnerability included a duplicate bug
-
Essential web application testing checklist
-
-
E-Zine | February 2019
CISOs build cybersecurity business case amid attack onslaught
Download -
E-Handbook | January 2019
Customer identity and access management: Why now and how?
Download -
E-Handbook | December 2018
Can deception security tactics turn the tables on attackers?
Download -
E-Zine | December 2018
Allure of the threat hunter draws companies large and small
Download -
E-Handbook | October 2018
SIEM tools, future tech and how to prepare for what's ahead
Download
Information Security Basics
-
Get Started
How to prepare your organization for the CCPA
Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law.
-
Get Started
SOAR (Security Orchestration, Automation and Response)
SOAR (Security Orchestration, Automation and Response) is a technology stack of compatible software programs that allow an organization to collect data about security threats and alerts from multiple sources and respond to low-level security events ...
-
Get Started
COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...Continue Reading
-
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.Continue Reading
-
More Security Bytes Posts
Breaking down Dell's "potential cybersecurity incident" announcement
Will cybersecurity safety ever equal air travel safety?
Android Ecosystem Security Transparency Report is a wary first step
-
News
View All -
Alternative operating system security
Android bug bounties total $1.7 million in rewards for 2018
Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.
-
Emerging cyberattacks and threats
Cybereason researchers detect new Astaroth malware campaign
Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials.
-
Password management and policy
Ponemon report sheds light on poor password security habits
More than two-thirds of employees share passwords with colleagues, research reveals. Experts sound off on what's fueling poor password practices and how to solve the problem.