SearchSecurity
New & Notable
News
Crafting an effective data breach response plan
During an IT GRC Forum webinar, experts explain the need for shedding legacy security approaches and highlight the gravity of drafting a data breach response plan.
News
Private sector affected by government shutdown
In addition to putting government agencies at risk, the shutdown has impacted federal security services and resources that the private sector relies on to keep enterprises safe.
Manage
How the TP-Link EAP Controller is vulnerable to attack
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented.
News
Attacks on the government easier during shutdown
As the shutdown continues, experts believe government cybersecurity will become more vulnerable, and government IT staff could leave for the private sector.
Instant Download: Free Guide to Password Security
Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.
Trending Topics
-
Emerging threats News
HIBP Collection #1 contains 773 million email addresses
Have I Been Pwned added a new trove of 773 million unique emails and 21 million passwords -- known as the Collection #1 breach data -- but there are questions about the freshness of the data.
-
Windows security Manage
Microsoft vulnerability too difficult to detect
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology News
Microsoft BitLocker misplaces trust in SSDs for encryption
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
-
Security industry trends News
DerbyCon's closure sparks debate, controversy
Citing an inability to manage 'negativity, polarization, and disruption' at the conference, DerbyCon organizers unexpectedly announced this year's show will be the last.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What user authentication does your organization use to minimize the risks of passwords?
Find Solutions For Your Project
-
Evaluate
Multifactor authentication methods and tech explained
Take a look at multifactor authentication benefits and methods, as well as how the technologies have evolved from key fobs to smartphones, mobile devices and the cloud.
-
How to evaluate and integrate CIAM security products
-
Learn the core ways customer IAM is different
-
How quantum computing affects cryptographic algorithms
-
-
Problem Solve
How the return of an Apple vulnerability affects users
An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices.
-
How good backups aid SamSam ransomware recovery
-
Learn how to guard hardware with enterprise protections
-
How users can protect themselves against Brrr ransomware
-
-
Manage
How the TP-Link EAP Controller is vulnerable to attack
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented.
-
How BGPsec is involved with internet traffic control
-
Supporting TLS 1.3 means adding enough key entropy
-
Malicious JavaScript code used to steal credit card data
-
-
E-Handbook | January 2019
Customer identity and access management: Why now and how?
Download -
E-Handbook | December 2018
Can deception security tactics turn the tables on attackers?
Download -
E-Zine | December 2018
Allure of the threat hunter draws companies large and small
Download -
E-Handbook | October 2018
SIEM tools, future tech and how to prepare for what's ahead
Download -
E-Zine | October 2018
User behavior analytics tackles cloud, hybrid environments
Download
Information Security Basics
-
Get Started
Multifactor authentication methods and tech explained
Take a look at multifactor authentication benefits and methods, as well as how the technologies have evolved from key fobs to smartphones, mobile devices and the cloud.
-
Get Started
Assessing security risks at industrial facilities
An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.
-
Get Started
Customer identity and access management: Why now and how?
There's an important distinction between consumers and customers; just as crucial is understanding the difference between customer IAM and traditional IAM.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ...Continue Reading
-
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors.Continue Reading
-
More Security Bytes Posts
Breaking down Dell's "potential cybersecurity incident" announcement
Will cybersecurity safety ever equal air travel safety?
Android Ecosystem Security Transparency Report is a wary first step
-
News
View All -
Emerging cyberattacks and threats
HIBP Collection #1 contains 773 million email addresses
Have I Been Pwned added a new trove of 773 million unique emails and 21 million passwords -- known as the Collection #1 breach data -- but there are questions about the freshness of the data.
-
Information security risk management
Crafting an effective data breach response plan
During an IT GRC Forum webinar, experts explain the need for shedding legacy security approaches and highlight the gravity of drafting a data breach response plan.
-
Security industry market trends, predictions and forecasts
DerbyCon's closure sparks debate, controversy
Citing an inability to manage 'negativity, polarization, and disruption' at the conference, DerbyCon organizers unexpectedly announced this year's show will be the last.