SearchSecurity
New & Notable
Evaluate
Despite confusion, zero-trust journey underway for many
Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today.
News
'BadAlloc' vulnerabilities spell trouble for IoT, OT devices
A week after Microsoft revealed 25 memory allocation vulnerabilities in several IoT and OT products, some devices have been patched, while others have not.
News
Popular mobile apps leaking AWS keys, exposing user data
Security researchers at CloudSek discovered approximately 40 popular mobile apps contained hardcoded API secret keys, putting both user information and corporate data at risk.
News
US defense contractor BlueForce apparently hit by ransomware
The Conti ransomware operators demanded nearly $1 million in bitcoin during ransomware negotiations and threatened to publish the defense contractor's data on its leak site.
Trending Topics
-
Emerging threats News
US defense contractor BlueForce apparently hit by ransomware
The Conti ransomware operators demanded nearly $1 million in bitcoin during ransomware negotiations and threatened to publish the defense contractor's data on its leak site.
-
Windows security News
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Evaluate
Double key encryption yields data protection benefits
Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges?
-
Security industry trends Evaluate
What is the future of cybersecurity?
Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the trends shaping the future of cybersecurity.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
Despite confusion, zero-trust journey underway for many
Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today.
-
6 ways to spur cybersecurity board engagement
-
Buyers must navigate cybersecurity market confusion
-
Why recon is key to web app security offense
-
-
Problem Solve
How to mitigate container security issues
The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods.
-
How to prevent container security risks
-
How to prevent insider threats in 6 steps
-
Stopping security's top 5 vulnerabilities
-
-
Manage
Cybersecurity contingency planning needs a face-lift
Following the unexpected craziness of 2020, companies need to sit down and revamp their cybersecurity contingency plan to ensure their business continuity.
-
Take security risks seriously to protect your brand
-
6 SSH best practices to protect networks from attacks
-
Companies must train their SOC teams well to prevent breaches
-
-
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download -
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download
Information Security Basics
-
Get Started
session key
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.
-
Get Started
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.
-
Get Started
multifactor authentication
Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Information security laws, investigations and ethics
'Bulletproof' hosts catch RICO charges for aiding cybercriminals
Four men pled guilty to RICO conspiracy charges for operating a bulletproof hosting service that provided infrastructure to cybercriminal operations.
-
IoT security issues
'BadAlloc' vulnerabilities spell trouble for IoT, OT devices
A week after Microsoft revealed 25 memory allocation vulnerabilities in several IoT and OT products, some devices have been patched, while others have not.
-
Mobile application security best practices
Popular mobile apps leaking AWS keys, exposing user data
Security researchers at CloudSek discovered approximately 40 popular mobile apps contained hardcoded API secret keys, putting both user information and corporate data at risk.