Ask the Experts

Ask the Experts

• Best practices for reporting ransomware attacks

  As ransomware continues to surge, companies are faced with decisions to report the attacks, pay the ransom or both. Experts weigh in on the options and best choices.  Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.  Continue Reading

• Explore benefits and challenges of cloud penetration testing

  Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help inform cloud pen test strategies.  Continue Reading

• Inbound vs. outbound firewall rules: What are the differences?

  Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each.  Continue Reading

• The 6 benefits of zero-trust security for businesses

  The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the six business benefits of zero trust and how it differs from traditional security approaches.  Continue Reading

• Manage unsuccessful login attempts with account lockout policy

  Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to prevent credential-based attacks.  Continue Reading

• Site-to-site VPN security benefits and potential risks

  Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk.  Continue Reading

• How to send secure email attachments

  Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently, negating security benefits.  Continue Reading

• Stateful vs. stateless firewalls: Understanding the differences

  Examine the important differences between stateful and stateless firewalls, and learn when each type of firewall should be used in an enterprise setting.  Continue Reading

• How to use a public key and private key in digital signatures

  Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents.  Continue Reading

• How to prevent network eavesdropping attacks

  One of the biggest challenges of network eavesdropping attacks is they are difficult to detect. Read about prevention measures to help keep your network safe from snoopers and sniffers.  Continue Reading

• 6 key identity and access management benefits

  Identity and access management is beneficial not just for users, security and IT admins, but also enterprises as a whole. Read up on the six key advantages of an IAM framework.  Continue Reading

• Identity management vs. authentication: Know the difference

  Andrew Froehlich breaks down how authentication and identity management differ and how each of them are intrinsic to an identity and access management framework.  Continue Reading

• How to protect workloads using a zero-trust security model

  Never trust, always verify. Learn how to implement a zero-trust security model to help manage risk and protect IT workloads at your organization.  Continue Reading

• Identifying and troubleshooting VPN session timeout issues

  Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet connection, the VPN vendor or the user device.  Continue Reading

• Is VPN split tunneling worth the security risks?

  Enabling VPN split tunneling may increase speed and decrease bandwidth use and costs, but it also increases the number of security vulnerabilities faced.  Continue Reading

• The risks and effects of spyware

  Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix infected devices.  Continue Reading

• Comparing policies, standards, procedures and technical controls

  Infosec pros may have -- incorrectly -- heard the terms standard and policy used interchangeably. Examine the differences among a policy, standard, procedure and technical control.  Continue Reading

• Considering the differences in LAN vs. WAN security

  Given the differences in the security of LAN and WAN, enterprises need to guard against insider threats, secure against unauthorized access and potentially secure the edge, too.  Continue Reading

• Symmetric vs. asymmetric encryption: Decipher the differences

  Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.  Continue Reading

• Risk management vs. risk assessment vs. risk analysis

  Understanding risk is the first step to making informed budget and security decisions. Explore the differences between risk management vs. risk assessment vs. risk analysis.  Continue Reading

• Wired vs. wireless network security: Best practices

  Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires.  Continue Reading

• Good cybersecurity thesis topics for a master's degree

  Writing a master's thesis? A strong topic positions you for academic and professional success, while a weak one promises to make an already intensive process arduous at best.  Continue Reading

• What are the 7 core zero-trust pillars?

  Learn how Forrester's seven pillars of zero trust model can help IT leaders identify, organize and implement the appropriate cybersecurity tools for a zero-trust framework.  Continue Reading

• For minimum password length, are 14-character passwords sufficient?

  When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe.  Continue Reading

• How to combat the top 5 enterprise social media risks in business

  Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology.  Continue Reading

• What are the most common digital authentication methods?

  In order to build and maintain a comprehensive access management program, enterprise leaders must get to know the various forms of digital authentication at their disposal.  Continue Reading

• How effective are traditional authentication methods?

  Are you up to date on the most popular digital authentication methods and their potential cybersecurity risks? Learn how the right technology can improve and secure access management.  Continue Reading

• How to prevent software piracy

  Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property.  Continue Reading

• 7 TCP/IP vulnerabilities and how to prevent them

  While many TCP/IP security issues are in the protocol suite's implementation, there are some vulnerabilities in the underlying protocols to be aware of.  Continue Reading

• Host IDS vs. network IDS: Which is better?

  Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security.  Continue Reading

• What is shellcode and how is it used?

  Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware term and how to mitigate the risk.  Continue Reading

• How to prevent port scan attacks

  The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks.  Continue Reading

• How can companies identify IT infrastructure vulnerabilities?

  New, sophisticated technology is available to help infosec pros find IT infrastructure vulnerabilities. Automated pen testing and outsourcing threat intelligence services can help.  Continue Reading

• What are best practices for a modern threat management strategy?

  Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management strategy that helps with both.  Continue Reading

• IT security threat management tools, services to combat new risks

  Advances in tools and services are changing IT security threat management. Learn how infosec pros are using UTM platforms, AI and threat intelligence services to alleviate risk.  Continue Reading

• What is the role of CISO in network security?

  The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees.  Continue Reading

• The network security tools to combat modern threats

  Incorporating new network security tools and methods into your enterprise's infosec program may mean the difference between staying safe or falling victim to an attack.  Continue Reading

• What are the top network security techniques for modern companies?

  Protecting the enterprise network remains integral to overall IT security. Here are the top network security techniques enterprises are using to protect data.  Continue Reading

• Do you have the right set of penetration tester skills?

  Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path.  Continue Reading

• Comparing Diffie-Hellman vs. RSA key exchange algorithms

  See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown.  Continue Reading

• What are the roles and responsibilities of a liaison officer?

  While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them critical to incident response.  Continue Reading

• The difference between AES and DES encryption

  Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES.  Continue Reading

• 6 different types of hackers, from black hat to red hat

  Black, white and grey hats are familiar to security pros, but as the spectrum evolves to include green, blue and red, things get muddled. Brush up on types of hackers, new and old.  Continue Reading

• Is a cybersecurity insurance policy a worthy investment?

  Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk.  Continue Reading

• How should I choose a cybersecurity insurance provider?

  To vet potential cybersecurity insurance providers, there are a few questions every customer should ask. Learn more about the questions to ask and how to get the answers you need.  Continue Reading

• What types of cybersecurity insurance coverage are available?

  Cybersecurity insurance coverage could prove invaluable to risk mitigation -- if it's chosen carefully. Find out which type of insurance plan is right for your organization.  Continue Reading

• Should I invest in attack simulation tools?

  Attack simulation tools -- along with third-party penetration testing -- can help improve an organization's enterprise security. Find out why.  Continue Reading

• Penetration testing vs. red team: What's the difference?

  Is penetration testing the same as red team engagement? There are similarities, but they're not the same. Understand the differences to improve your organization's cyberdefenses.  Continue Reading

• When should I use breach and attack simulation tools?

  Thanks to automation and other features, breach and attack simulation tools are an effective way to help network administrators keep their operations secure.  Continue Reading

• Do network layer and application layer DDoS attacks differ?

  Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects.  Continue Reading

• What's the purpose of CAPTCHA technology and how does it work?

  Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums and blog comment sections.  Continue Reading

• What's the best way to prevent XSS attacks?

  To prevent cross-site scripting attacks, software developers must validate user input and encode output. Review characters to filter out, as well as sources and sinks to avoid.  Continue Reading

• The difference between zero-day vulnerability and zero-day exploit

  A zero-day vulnerability isn't the same as a zero-day exploit. Learn the difference between these two zero-day terms, as well as why they should be high priority on any CISO's patching list.  Continue Reading

• Why is patch management important?

  Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.  Continue Reading

• How to build an enterprise penetration testing plan

  Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.  Continue Reading

• How to detect and defend against a TCP port 445 exploit and attacks

  The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks.  Continue Reading

• What are the pros and cons of outsourcing IT security?

  Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind.  Continue Reading

• How can endpoint security features help combat modern threats?

  The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on.  Continue Reading

• Best practices to conduct a user access review

  User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges.  Continue Reading

• Attackers turn the tables on incident response strategies

  Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies.  Continue Reading

• Do I need to adopt a cybersecurity framework?

  A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages.  Continue Reading

• What's the best way to maintain top cybersecurity frameworks?

  Keeping top cybersecurity frameworks up to date means understanding how a business evolves and changes. What steps should you take to maintain your security strategy?  Continue Reading

• What are the core components of a cybersecurity framework?

  Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know.  Continue Reading

• What are the most important email security protocols?

  Internet email was designed independent of security considerations, but these are the top email security protocols that add mechanisms to keep messaging safe from threats.  Continue Reading

• How can developers avoid a Git repository security risk?

  Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks.  Continue Reading

• What is subdomain takeover and why does it matter?

  Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.  Continue Reading

• What is MTA-STS and how will it improve email security?

  Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.  Continue Reading

• Why are fewer companies using SMS 2FA for authentication?

  Instead of SMS two-factor authentication, some companies are switching to 2FA through messaging apps and social media platforms. Learn what's behind this authentication trend.  Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.  Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.  Continue Reading

• How does an identity and access management framework work?

  A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?  Continue Reading

• What are some of the top identity and access management risks?

  Identity and access management risks exist, but the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?  Continue Reading

• What are the top enterprise email security best practices?

  Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the dangers of phishing.  Continue Reading

• How important is security awareness training for executives?

  Corporate executives are prime targets for spies and hackers, and that is why security awareness training for executives is so important.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Why do enterprises need employee security awareness training?

  With human error as the leading cause of breaches and security incidents within the enterprise, organizations should offer employees mandatory security awareness training with regular refreshers.  Continue Reading

• What is a password spraying attack and how does it work?

  Password spraying isn't a sophisticated attack, but don't discount the attackers if you detect one. Find out how this brute-force technique works and how to defend against it.  Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures.  Continue Reading

• What is post-quantum cryptography and should we care?

  Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains.  Continue Reading

• How concerned should I be about a padding oracle attack?

  Padding oracle attacks have long been well-known and well-understood. Find out how they work and why using modern encryption protocols can reduce the risks.  Continue Reading

• What is a port scan attack?

  Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work and how to defend against them.  Continue Reading

• How can I detect fileless malware attacks?

  Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns.  Continue Reading

• How do I stop the screaming channel wireless threat?

  A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks?  Continue Reading

• Why do DDoS attack patterns rise in the autumn?

  DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks?  Continue Reading

• Should I worry about the Constrained Application Protocol?

  The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack.  Continue Reading

• How can I protect my self-encrypting drives?

  Dutch researchers discovered flaws in ATA security and TCG Opal affecting self-encrypting drives. What steps can you take to guard data stored on vulnerable solid-state drives?  Continue Reading

• How does a WordPress SEO malware injection work and how can enterprises prevent it?

  Security expert Nick Lewis explains how to prevent WordPress SEO malware injection attacks that rank the attacker's search engine results higher than legitimate webpages.  Continue Reading

• Is a Mirai botnet variant targeting unpatched enterprises?

  New variants of popular botnets were found targeting IoT devices by Palo Alto Networks' Unit 42. Discover how these variants differ from their sources and what new risks they pose.  Continue Reading

• Why is the N-gram content search key for threat detection?

  Detected malware can now efficiently be tracked due to VirusTotal's enterprise version of its software. Discover what N-gram is and how it can be used with Nick Lewis.  Continue Reading

• What new technique does the Osiris banking Trojan use?

  A new Kronos banking Trojan variant was found to use process impersonation to bypass defenses. Learn what this evasion technique is and the threat it poses with Nick Lewis.  Continue Reading

• How did Signal Desktop expose plaintext passwords?

  The Signal Desktop application was found to be making decryption keys available in plaintext. Learn how the SQLite database and plaintext passwords were put at risk.  Continue Reading

• How does the iPhone phishing scam work?

  An iPhone phishing scam leads users to believe malicious incoming calls are from Apple Support. How can enterprises protect their employee against this threat?  Continue Reading

• Should I use GitHub's new private repositories?

  Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't.  Continue Reading

• How do I stop the Vidar malvertising attack?

  The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises protect themselves?  Continue Reading

• How do trusted app stores release and disclose patches?

  A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis.  Continue Reading

• How can credential stuffing attacks be detected?

  Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat.  Continue Reading

• How did the Dirty COW exploit get shipped in software?

  An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what this vulnerability can do.  Continue Reading

• Why did a Cisco patch for Webex have to be reissued?

  Cisco's Webex Meetings platform had to be re-patched after researchers found the first one was failing. Discover what went wrong with the first patch with Judith Myerson.  Continue Reading

• How did Browser Reaper cause browsers to crash?

  A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred.  Continue Reading