Features

Features

Real-time network monitoring and forensics

• Security operations center use cases, strategies vary

  More CISOs are turning to security operations centers to centralize infosec processes, but experience shows SOC use cases will depend on the organization's infosec objectives.  Continue Reading

• Zero-trust network policies should reflect varied threats

  Role-based access systems create enormous pools of responsibility for administrators. Explore how to eliminate these insecure pools of trust with zero-trust network policies.  Continue Reading

• Zero-trust methodology's popularity a double-edged sword

  The authors of 'Zero Trust Networks' discuss how the zero-trust methodology's popularity produces both vendor hype and renewed attention to critical areas of security weakness.  Continue Reading

• AI-powered cyberattacks force change to network security

  Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data.  Continue Reading

• AI for good or evil? AI dangers, advantages and decisions

  Good guys and bad guys both use AI, but the bad guys don't need to worry about complying with rules and regulations. What can security leaders do to level the playing field?  Continue Reading

• Threat hunting techniques move beyond the SOC

  Tired of waiting for signs of an attack, companies are increasingly adding threat hunting capabilities to their playbooks to find likely ways their systems could be infiltrated.  Continue Reading

• SOC services: How to find the right provider for your company

  SOCs are the latest services you can now outsource rather than build in-house. But should you entrust them to a third party? Yes—but make sure you know how to pick the best.  Continue Reading

• How machine learning anomaly detection works inside SAP

  SAP CSO Justin Somaini discusses how SAP uses machine learning for security tasks, like anomaly detection, and compares supervised and unsupervised algorithms.  Continue Reading

• Learn what breach detection system is best for your network

  Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs.  Continue Reading

• Q&A: Analyzing DNS services with Paul Vixie

  With targeted attacks such as distributed denial-of-service and ransomware on the rise, should domain name system analysis become part of your defense strategy?  Continue Reading

• Readers’ top picks for advanced threat detection

  Companies and functionality organizations are targeting when they seek to bolster their defenses through threat detection and analytics.  Continue Reading

• Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 8, Fourth Edition

  In this excerpt of Windows Forensic Analysis Toolkit, author Harlan Carvey discusses what Volume Shadow Copies are and how they affect forensic analysis in Windows 8.  Continue Reading

• Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology

  In this excerpt of Python Forensics, author Chet Hosmer offers some ground rules for using the Python programming language in forensic applications.  Continue Reading

• Continuous monitoring demystified

  A continuous monitoring program can improve everything from configuration and patch management to event monitoring and incident response.  Continue Reading

• Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides

  In this excerpt of Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides, the authors explain how to discover and extract malware from a Linux system.  Continue Reading

• Introduction to Information Security: A Strategic-Based Approach

  In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.  Continue Reading

• Digital Forensics Processing and Procedures

  In this excerpt from Digital Forensics Processing and Procedures, the authors provide insight on areas that will need to be considered when setting up a forensic laboratory.  Continue Reading

• Unified Communications Forensics: Anatomy of Common UC Attacks

  In this excerpt from Unified Communications Forensics, learn how hackers gain access into UC systems and how to scan the network for vulnerabilities.  Continue Reading

• Network Forensics: Tracking Hackers through Cyberspace

  Authors Sherri Davidoff and Jonathan Ham discuss the benefits of Web proxies and caching for forensic analysts in this chapter excerpt from their co-authored book, Network Forensics: Tracking Hackers through Cyberspace.  Continue Reading

• Chained Exploits: How to prevent phishing attacks from corporate spies

  Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt from Chained Exploits: Advanced Hacking Attacks from Start to Finish, learn how to keep corporate spies at bay.  Continue Reading

• Maintaining and Monitoring Countermeasures, Part I

   Continue Reading

• Maintaining and Monitoring Countermeasures -- Part II

   Continue Reading

• The future of intrusion detection and prevention

  Read Chapter 17, The Future of Intrusion Detection and Prevention, from the book "Intrusion Detection & Prevention" written by Carl Endorf, Eugene Schultz, Ph.D., and Jim Mellander.  Continue Reading

• Dan Kaminsky updates scanrand free IP port scanner

  The scanrand 2.0 IP port scanner uses a SQL database for more detailed mining and temporal field, according to creator Dan Kaminsky  Continue Reading

• Improve security intelligence with security information sharing

  Security information sharing with fellow security intelligence specialists can help enterprises learn about risks out and the methods that fight them.  Continue Reading

• Beyond network perimeter defense: A 'submarine warfare' strategy

  Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.  Continue Reading

• Hping: How to better understand how hackers attack

  Hping's packet-crafting function can point out holes a black hat may exploit, as well as spot imperfections in hackers' forgeries.  Continue Reading

• How to avoid federal Wiretap Act issues with a honeypot network security system

  Hackers have rights, too. How can you deploy honeypots without running afoul of the law?  Continue Reading

• Honeypot technology: How honeypots work in the enterprise

  The founder of the Honeynet Project explains how honeypots work and how they complement other technologies.  Continue Reading

• Designing a defense-in-depth network security model

  We challenged networking and firewall vendors to provide defense-in-depth security from the perimeter to the core. Their responses give us a glimpse into the future of enterprise network security.  Continue Reading

• Do's and don'ts of building a forensics workstation

  Elizabeth Genco explains the pros and cons of building a forensics workstation from scratch. Read now to learn what forensic tools are beneficial and which ones aren't.  Continue Reading

• Four computer forensics books worth investigating

  Check out four computer forensics books that can help you learn the ins and outs of computer forensics technology and laws in place to manage cybercrime.  Continue Reading

• How a computer forensics investigation put two behind bars

  A computer forensics investigation lead by a computer-savvy investigator followed a network trail from a murder probe to a digital trove of child pornography.  Continue Reading

• How security market needs transformed Network Flight Recorder

  Marcus Ranum's Network Flight Recorder was poised as a forensics tool when the market demanded IDSes -- so it adapted accordingly.  Continue Reading

• How network forensics analysis tools turn admins into detectives

  Network traffic capture, sophisticated analysis and forensics capabilities make network forensics analysis tools useful in making security assumptions and allocating resources.  Continue Reading