Ask the Experts

Ask the Experts

• How does an identity and access management framework work?

  A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?  Continue Reading

• What are the key identity and access management benefits?

  Identity and access management benefits range from access control to password management. What are some key advantages of a broad IAM framework?  Continue Reading

• What are some of the top identity and access management risks?

  Identity and access management risks exist, but the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?  Continue Reading

• What are the top enterprise email security best practices?

  Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the dangers of phishing.  Continue Reading

• How important is security awareness training for executives?

  Corporate executives are prime targets for spies and hackers, and that is why security awareness training for executives is so important.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Why do enterprises need employee security awareness training?

  With human error as the leading cause of breaches and security incidents within the enterprise, organizations should offer employees mandatory security awareness training with regular refreshers.  Continue Reading

• What is a password spraying attack and how does it work?

  Password spraying isn't a sophisticated attack, but don't discount the attackers if you detect one. Find out how this brute-force technique works and how to defend against it.  Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures.  Continue Reading

• What is post-quantum cryptography and should we care?

  Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains.  Continue Reading

• How concerned should I be about a padding oracle attack?

  Padding oracle attacks have long been well-known and well-understood. Find out how they work and why using modern encryption protocols can reduce the risks.  Continue Reading

• What is a port scan attack?

  Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work and how to defend against them.  Continue Reading

• How can I detect fileless malware attacks?

  Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns.  Continue Reading

• How do I stop the screaming channel wireless threat?

  A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks?  Continue Reading

• Why do DDoS attack patterns rise in the autumn?

  DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks?  Continue Reading