Ask the Experts

Ask the Experts

• What is subdomain takeover and why does it matter?

  Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.  Continue Reading

• What is MTA-STS and how will it improve email security?

  Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.  Continue Reading

• Why are fewer companies using SMS 2FA for authentication?

  Instead of SMS two-factor authentication, some companies are switching to 2FA through messaging apps and social media platforms. Learn what's behind this authentication trend.  Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.  Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.  Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.  Continue Reading

• How does an identity and access management framework work?

  A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?  Continue Reading

• What are the key identity and access management benefits?

  Identity and access management benefits range from access control to password management. What are some key advantages of a broad IAM framework?  Continue Reading

• What are some of the top identity and access management risks?

  Identity and access management risks exist, but the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?  Continue Reading

• What are the top enterprise email security best practices?

  Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the dangers of phishing.  Continue Reading

• How important is security awareness training for executives?

  Corporate executives are prime targets for spies and hackers, and that is why security awareness training for executives is so important.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Why do enterprises need employee security awareness training?

  With human error as the leading cause of breaches and security incidents within the enterprise, organizations should offer employees mandatory security awareness training with regular refreshers.  Continue Reading

• What is a password spraying attack and how does it work?

  Password spraying isn't a sophisticated attack, but don't discount the attackers if you detect one. Find out how this brute-force technique works and how to defend against it.  Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures.  Continue Reading