SearchSecurity
New & Notable
News
Kaspersky reveals 2 Windows zero-days from failed attack
Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer.
News
Guide to the latest Black Hat 2020 Conference news
This guide to Black Hat 2020 gathers breaking news, new ideas and technical expert insights from one of the leading cybersecurity conferences in the world.
Evaluate
What cybersecurity teams can learn from COVID-19
Nabil Hannan examines key similarities between medical and computer viruses that cybersecurity teams can use to keep businesses protected effectively.
News
Healthcare CISO offers alternatives to 'snake oil' companies
Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salesmen and more at his Black Hat USA 2020 talk.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
Eclypsium reveals 'BootHole' bypass for Secure Boot
Hardware security vendor Eclypsium discovered a bootloader vulnerability that bypasses Secure Boot protection and affects a majority of modern Linux and Windows systems.
-
Windows security News
'SigRed' alert: Experts urge action on Windows DNS vulnerability
Experts are urging organizations to take immediate action on SigRed, a 17-year-old Windows DNS server vulnerability discovered by Check Point Research and patched by Microsoft.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
How symmetric and asymmetric encryption algorithms differ
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.
-
Security industry trends News
Risk & Repeat: Can virtual infosec conferences succeed?
This week's Risk & Repeat podcast looks at the recent cancellations of Black Hat USA 2020 and DEF CON 28 and what their virtual replacements will try to accomplish.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
What cybersecurity teams can learn from COVID-19
Nabil Hannan examines key similarities between medical and computer viruses that cybersecurity teams can use to keep businesses protected effectively.
-
Security team finds ripple effects add to breach costs
-
Importance of cybersecurity awareness never greater
-
7 security awareness statistics to keep you up at night
-
-
Problem Solve
Security risks highlight need for shadow IT policy
Security risks have increased during the pandemic as remote workers try to get things done. Find out how CISOs can better manage by creating a shadow IT policy.
-
Security pros explain how to prevent cyber attacks
-
Understanding and blocking HTTP request smuggling
-
Explore 6 types of authentication and their security issues
-
-
Manage
Avoid cybersecurity oversights with a fresh perspective
It pays to expect the unexpected in information security. In this webinar, learn how starting with a blank slate helps identify and mitigate common cybersecurity problems.
-
Cybersecurity education for employees: Learn what works
-
Video conferencing security best practices
-
Develop internal cybersecurity talent to build your dream team
-
-
E-Zine | August 2020
Cybersecurity education for employees: Learn what works
Download -
E-Handbook | May 2020
How to get actionable threat intelligence from tech tools
Download -
E-Zine | May 2020
Why CISOs need advanced network security strategies now
Download -
E-Handbook | April 2020
Employ AI for cybersecurity, reap strong defenses faster
Download -
E-Handbook | March 2020
How to implement a strong COVID-19 cybersecurity plan
Download
Information Security Basics
-
Get Started
PCI DSS 12 requirements
PCI DSS 12 requirements is a set of security controls that businesses are required to implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).
-
Get Started
How to send sensitive data in an email attachment
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently, negating security benefits.
-
Get Started
Test your cybersecurity knowledge with this quick ISM quiz
Read our August 2020 e-zine, and then take this short quiz to test your knowledge of cybersecurity awareness training and other issues -- from types of CISOs to talent recruitment.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Microsoft Patch Tuesday and patch management
Kaspersky reveals 2 Windows zero-days from failed attack
Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer.
-
Risk assessments, metrics and frameworks
Healthcare CISO offers alternatives to 'snake oil' companies
Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salesmen and more at his Black Hat USA 2020 talk.
-
Security awareness training and insider threats
Why security awareness training doesn't change behaviors
Elevate Security co-founder Masha Sedova spoke at Black Hat USA 2020 about why traditional security awareness training is ineffective and fails to change risky behavior.