SearchSecurity
New & Notable
News
Experts question Google Chrome privacy after changes
Google Chrome sign-in changes are being criticized by experts, and poor communication from Google has led to more confusion about user privacy and consent.
News
Cybersecurity Tech Accord doubles in size
Microsoft announced that, six months after its introduction, the Cybersecurity Tech Accord has nearly doubled its membership and partnered with the Global Forum on Cyber Expertise.
Manage
How local government cybersecurity can be improved
When considering a local government cybersecurity program, companies must understand the dangers of not having one. Matt Pascucci explains why a program designed to monitor the public sector is crucial.
Problem Solve
Monitor privileged execution to avoid Sanny malware
Changes to the Sanny malware were recently discovered by FireEye researchers. Learn who is at risk and how elevated privileges can help protect you with Nick Lewis.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
Firmware flaw could allow encryption-key theft via cold boot
The idea of cold boot attacks began 10 years ago, but researchers at F-Secure found the attack can be used on modern computers to steal encryption keys and other data.
-
Windows security News
Windows 10 exploit code released, no patch available
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Breaking down the Pwnie Awards
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What do you think about the changes to how Google accounts are signed in to Chrome?
-
Rob Wright asks:
Will the Cybersecurity Tech Accord help limit offensive cyberattacks? Why or why not?
Find Solutions For Your Project
-
Evaluate
How to get women in security to speak at conferences
Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage.
-
Bobbie Carlton on tech conferences' gender gap
-
How to find the best privileged identity management tool
-
How to buy the best PIM tool for your enterprise
-
-
Problem Solve
Monitor privileged execution to avoid Sanny malware
Changes to the Sanny malware were recently discovered by FireEye researchers. Learn who is at risk and how elevated privileges can help protect you with Nick Lewis.
-
A vulnerability in strongSwan caused a buffer underflow
-
How a SQL web vulnerability can be detrimental
-
How Telegrab bypasses end-to-end encryption
-
-
Manage
How local government cybersecurity can be improved
When considering a local government cybersecurity program, companies must understand the dangers of not having one. Matt Pascucci explains why a program designed to monitor the public sector is crucial.
-
How to protect public SSH servers from malware
-
How an improper authentication flaw affects PulseNet
-
How a new practical attack affects SEV technology
-
-
E-Handbook | September 2018
Security access controls over identities must be priority
Download -
Buyer's Handbook | August 2018
How to find the best privileged identity management tool
Download -
E-Zine | August 2018
Security data scientists on how to make your data useful
Download -
E-Handbook | July 2018
Incident response playbook in flux as services, tools arrive
Download -
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download
Information Security Basics
-
Get Started
Payload (computing)
The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other network protocol data units like frames or segments).
-
Get Started
A look at the new techniques used in SynAck ransomware
A technique called Process Doppelgänging was used by the SynAck ransomware to bypass security software. Expert Michael Cobb explains how this technique works and why it's unique.
-
Get Started
access control
Access control is a security technique that regulates who or what can view or use resources in a computing environment.
Multimedia
Vendor Resources
Blog: Security Bytes
-
What the GAO Report missed about the Equifax data breach
The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident.Continue Reading
-
DHS cybersecurity rhetoric offers contradictions at DEF CON
The Vote Hacking Village at Defcon 26 in Las Vegas was an overwhelming jumble of activity -- a mock vote manipulated, children hacking election results websites, machines being disassembled -- and ...Continue Reading
-
More Security Bytes Posts
Five things to watch for at Black Hat USA this year
How Dropbox dropped the ball with anonymized data
Is the new California privacy law a domestic GDPR?
-
News
View All -
Web browser security
Experts question Google Chrome privacy after changes
Google Chrome sign-in changes are being criticized by experts, and poor communication from Google has led to more confusion about user privacy and consent.
-
Secure software development
Cisco surveillance gear hit by credentials flaw
Cisco hit by yet another new hardcoded credentials flaw, the latest in a long line of such flaws since last year, this time in its video surveillance manager appliance.
-
Cyberespionage and nation-state cyberattacks
Cybersecurity Tech Accord doubles in size
Microsoft announced that, six months after its introduction, the Cybersecurity Tech Accord has nearly doubled its membership and partnered with the Global Forum on Cyber Expertise.