Features

Features

• Advanced Persistent Security

  In this excerpt from chapter seven of Advanced Persistent Security, authors Araceli Treu Gomes and Ira Winkler discuss the different threats facing organizations.  Continue Reading

• The importance of securing endpoints with antimalware protection

  All organizations need to protect their endpoints from outside malware with antimalware products, which are essential to an enterprise-wide security strategy.  Continue Reading

• Evaluating endpoint security products for antimalware protection

  Expert contributor Ed Tittel explores key criteria for evaluating endpoint security products to determine the best option for antimalware protection for your organization.  Continue Reading

• Q&A: Ping CEO on contextual authentication, intelligent identity

  Ping Identity CEO Andre Durand talks with SearchSecurity about the data-driven move toward contextual authentication and intelligent identity and what this means for enterprises.  Continue Reading

• Advanced endpoint protection takes on the latest exploits

  Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints.  Continue Reading

• Patch management tool comparison: What are the best products?

  With so many different vendors in the market, it isn't easy to pick the right patch management tool. Read this product comparison to see which is best for your company.  Continue Reading

• Choosing the best patch management software for your business

  Keeping your applications updated and patched is essential for company security. Patch management software can help you do that efficiently, but which one is best for you?  Continue Reading

• Seven tips for buying automated patch management tools

  The evaluation of patch management tools begins by determining your organization's needs. Know what to look for and learn how to gauge features, functions and interoperability.  Continue Reading

• (ISC)2 CEO on cybersecurity workforce expansion and 2017 Congress

  Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress.  Continue Reading

• Why the citizen developer trend is bugging infosec teams

  Automated tools are making it easier for citizen developers to build and deploy applications quickly. But is that a good thing for enterprise security teams?  Continue Reading

• Know why patch management tools are required in the IT infrastructure

  Regulations, efficiency and protection are the main drivers for purchasing patch management tools. See why automated patch management is a requirement for most businesses.  Continue Reading

• Introduction to automated enterprise patch management software

  Patch management software keeps enterprises better protected by automating the delivery of operating systems and application updates. See how it can help your business.  Continue Reading

• IT security trends: 2017 prioritizes cloud, network, endpoints

  The 2017 TechTarget IT Priorities Survey reports a number of key IT security trends about where enterprises and infosec professionals place their time and resources.  Continue Reading

• Experian's Tom King tackles role of CISO from the ground up

  An early career as a geologist helped the veteran financial services CISO thrive in the security field. The CISO role is now broader than technical functions, he says.  Continue Reading

• Acquiring cybersecurity insurance: Why collaboration is key

  Cybersecurity insurance is becoming more important to enterprises as threats increase. Sean Martin explains why enterprise departments need to work together to acquire it.  Continue Reading

• Trustwave Data Loss Prevention: Product overview

  Expert Bill Hayes examines Trustwave Data Loss Prevention and how the product addresses data at rest, endpoint data in use and network data in transit for enterprises.  Continue Reading

• Learn what breach detection system is best for your network

  Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs.  Continue Reading

• Okta Adaptive MFA gives companies flexible authentication

  Okta Adaptive MFA offers businesses a range of flexible authentication methods that use different contexts to determine which factors provide users with access.  Continue Reading

• Trend Micro Integrated Data Loss Prevention: Product overview

  Expert Bill Hayes examines the Trend Micro Integrated Data Loss Prevention product, which acts as a software plug-in with other Trend Micro security products.  Continue Reading

• RSA Authentication Manager offers a variety of authentication methods

  With authentication methods ranging from risk-based to tokens, RSA Authentication Manager gives companies a number of ways to employ multifactor authentication.  Continue Reading

• Proofpoint Email DLP: Product overview

  Expert Bill Hayes examines Proofpoint Email Data Loss Prevention, a specialized DLP product that's part of Proofpoint's cloud-based Information Protection suite.  Continue Reading

• Summing up Symantec VIP Service, a multifactor authentication tool

  Expert David Strom looks at the Symantec VIP multifactor authentication product and how it can benefit enterprise security.  Continue Reading

• An in-depth look at Gemalto's SafeNet Authentication Service

  Expert David Strom provides an in-depth look at Gemalto's SafeNet Authentication Service, a SaaS-based multifactor authentication product for boosting login security.  Continue Reading

• SecureAuth IdP: An overview of its multifactor authentication ability

  Expert David Strom looks at how SecureAuth IdP uniquely combines multifactor authentication and single sign-on login capabilities in a single product.  Continue Reading

• Timeline: Symantec certificate authority improprieties

  Timeline: Follow along as Google and Mozilla raise issues with Symantec certificate authority actions, and then attempt to return trust to the CA giant.  Continue Reading

• VASCO IDENTIKEY Authentication Server and a look at its key features

  Expert David Strom takes a closer look at VASCO's IDENTIKEY Authentication Server, one of the leading multifactor authentication products on the market.  Continue Reading

• Quest Defender protects businesses with two-factor authentication

  Through the Defender Management Portal, Quest Defender lets users request hard and soft tokens to provide valuable two-factor authentication and monitor all token activity.  Continue Reading

• Is threat hunting the next step for modern SOCs?

  The emergence of threat hunting programs underscores the importance of the human factor in fighting the most dangerous and costly security threats.  Continue Reading

• Polycom CISO focused on ISO 27001 certification, data privacy

  Tasked with security and compliance, Lucia Milica Turpin watches over internal systems and remote communications customers entrust to the video conferencing company.  Continue Reading

• Challenging role of CISO presents many opportunities for change

  With some reports showing incredibly short tenures, new CISOs barely have time to make their mark. The salaries are good; the opportunities for the right skills, unlimited.  Continue Reading

• Measuring and Managing Information Risk: A FAIR Approach

  In this excerpt from chapter 13 of Measuring and Managing Information Risk, authors Jack Freund and Jack Jones discuss information security metrics.  Continue Reading

• Introduction to Social Media Investigation: A Hands-on Approach

  In this excerpt from chapter four of Introduction to Social Media Investigation: A Hands-on Approach, author Jennifer Golbeck discusses privacy controls on social media.  Continue Reading

• Handbook of System Safety and Security

  In this excerpt from chapter 10 of Handbook of System Safety and Security, editor Edward Griffor discusses cloud and mobile cloud architecture and security.  Continue Reading

• Mobile Data Loss: Threats and Countermeasures

  In this excerpt from chapter three of Mobile Data Loss, author Michael T. Raggo discusses mobile security countermeasures.  Continue Reading

• Building a Practical Information Security Program

  In this excerpt from chapter nine of Building a Practical Information Security Program, authors Jason Andress and Mark Leary discuss deploying a security compliance process.  Continue Reading

• Identity and access management strategy: Time to modernize?

  More likely than not, your company's identity and access management strategy needs an update. Learn how to decide if that's the case and, if so, what you should do now.  Continue Reading

• Reviewing the threat intelligence features of VeriSign iDefense

  Expert Ed Tittel looks at VeriSign iDefense threat intelligence service for providing actionable, contextual data about today's top IT threats to organizations.  Continue Reading

• Threat Intelligence service overview of Infoblox ActiveTrust

  Expert Ed Tittel looks at the features and capabilities of the Infoblox ActiveTrust threat intelligence service for providing data on the top IT threats to organizations.  Continue Reading

• FireEye iSIGHT Threat Intelligence: Services overview

  Expert Ed Tittel looks at FireEye iSIGHT Threat Intelligence service for providing actionable, contextual data about today's top IT threats to organizations.  Continue Reading

• Detailing the features of LookingGlass Cyber Threat Center

  Expert Ed Tittel looks at the LookingGlass Cyber Threat Center service for providing organizations with intelligence on today's top IT threats.  Continue Reading

• RSA NetWitness Suite and its threat intelligence capabilities

  Expert Ed Tittel examines the RSA NetWitness Suite threat intelligence platform, which offers network forensic and analytics tools for investigating incidents and analyzing data.  Continue Reading

• CA Strong Authentication offers businesses low-cost MFA and 2FA

  CA Strong Authentication brings inexpensive multi- and two-factor authentication to businesses looking to protect mobile applications and devices and to prevent identity theft.  Continue Reading

• SecureWorks threat intelligence and what it can do for your enterprise

  Expert Ed Tittel examines the features and capabilities of SecureWorks, which gathers its intelligence from thousands of SecureWorks global customers.  Continue Reading

• Five criteria for purchasing from threat intelligence providers

  Expert Ed Tittel explores key criteria for evaluating threat intelligence providers to determine the best service for an enterprise's needs.  Continue Reading

• Analyzing the capabilities of Symantec DeepSight Intelligence

  Expert Ed Tittel offers an overview of Symantec DeepSight Intelligence, which provides organizations with information and alerts on today's IT threats.  Continue Reading

• Comparing the top threat intelligence services

  Expert Ed Tittel examines the top threat intelligence services to understand how they differ from one another and address various enterprise security needs.  Continue Reading

• Enterprise scenarios for threat intelligence tools

  Expert contributor Ed Tittel explains which types of organizations need threat intelligence tools as part of a proactive, layered security strategy to protect against threats.  Continue Reading

• An introduction to threat intelligence platforms in the enterprise

  Expert Ed Tittel describes how threat intelligence platforms work to help in the proactive defense of enterprise networks.  Continue Reading

• Politics of cyber attribution pose risk for private industry

  Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies.  Continue Reading

• In her new role of CISO, Annalea Ilg is curious, driven and paranoid

  The vice president and CISO of ViaWest, Ilg is tasked with keeping the IT managed service provider and its cloud services secure.  Continue Reading

• MSSPs add advanced threats as managed security services gain hold

  Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'?  Continue Reading

• Sharpen your DDoS detection skills with the right tool

  DDoS detection and prevention tools are more sophisticated than ever. But finding the right one for your company takes studying and asking vendors the right questions.  Continue Reading

• McAfee Total Protection for Data Loss Prevention: Product overview

  Expert Bill Hayes takes a closer look at McAfee Total Protection for Data Loss Prevention, a DLP software suite for deployment on hardware and virtual appliances.  Continue Reading

• OpenVPN Access Server is an SSL VPN based on open source software

  Expert Karen Scarfone takes a look at the OpenVPN Access Server SSL VPN for securing network traffic by providing encrypted tunnels to the enterprise.  Continue Reading

• Pulse Connect Secure offers a variety of authentication options

  Expert Karen Scarfone takes a look at the Pulse Connect Secure series of SSL VPNs for securing the connection between clients and networks through encrypted tunnels.  Continue Reading

• SonicWALL SSL VPN provides security for organizations of any size

  The SonicWALL SSL VPN protects remote client devices by creating a secure connection to enterprise networks, with many options for customized security features.  Continue Reading

• RSA Data Loss Prevention Suite: Product overview

  Expert Bill Hayes examines the RSA Data Loss Prevention Suite, which covers data in use, in transit and at rest for corporate networks, mobile devices and cloud services.  Continue Reading

• Check Point Mobile Access adds extra security to existing appliances

  Expert Karen Scarfone examines the Check Point Mobile Access Software Blade and explains how it encrypts communications between client computers and enterprise networks.  Continue Reading

• Cisco IOS SSL VPN offers security through internet routers

  Expert Karen Scarfone outlines the features of the Cisco IOS SSL VPN and explains how it secures enterprise communications.  Continue Reading

• Barracuda SSL VPN has hardware and virtual options for most businesses

  Expert Karen Scarfone takes a look at Barracuda SSL VPN and explains how the virtual private network product protects and secures enterprise communications.  Continue Reading

• MIAX Options CSO on security's role in business continuity

  Faced with the demands of derivatives trading, CSO John Masserini understands the value of aligning controls with business risk. We ask him how he does it.  Continue Reading

• Security looks to machine learning technology for a cognitive leg up

  Advances in machine learning technology and artificial intelligence have proven to work well for some information security tasks such as malware detection. What's coming next?  Continue Reading

• Ransomware prevention tools to win the fight

  Fighting malware today means battling ransomware. Learn what ransomware prevention tools you need to acquire and how to perfect using the tools your company already owns.  Continue Reading

• Role of CISO: FICO enlists CISO in security product management

  As head of FICO's information security program, Vickie Miller's role is wide-ranging.  Continue Reading

• Looming cloud security threats: How attacks will follow your data

  You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it.  Continue Reading

• How to buy digital certificates for your enterprise

  In the market to buy digital certificates? Learn exactly how digital certificates work, which features are key and how to evaluate the available options on the market.  Continue Reading

• Industrial Network Security

  In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity.  Continue Reading

• Hacking Web Intelligence

  In this excerpt from chapter 8 of Hacking Web Intelligence, authors Sudhanshu Chauhan and Nutan Panda discuss how to be anonymous on the internet using proxy.  Continue Reading

• DNS Security: Defending the Domain Name System

  In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important.  Continue Reading

• Google Earth Forensics: Using Google Earth Geo-Location in Digital Forensic Investigations

  In this excerpt from chapter five of Google Earth Forensics, authors Michael Harrington and Michael Cross discuss the process of digital forensics.  Continue Reading

• Digital Guardian for Data Loss Prevention: Product overview

  Expert Bill Hayes examines Digital Guardian for Data Loss Prevention and more of the vendor's DLP product lineup, which cover data in use, data in transit and data in the cloud.  Continue Reading

• CA Technologies Data Protection: DLP product overview

  Expert Bill Hayes examines CA Technologies Data Protection, a data loss prevention suite designed to protect data at rest, in transit and in use across enterprise devices, networks and cloud services.  Continue Reading

• Tripwire IP360: Vulnerability management product overview

  Expert Ed Tittel examines vulnerability management products from Tripwire, including the rack-mounted IP360 appliance and the cloud- based PureCloud Enterprise service.  Continue Reading

• Tenable Nessus Vulnerability Scanner: Product overview

  Expert Ed Tittel examines the Nessus vulnerability scanner series from Tenable Network Security, which includes client, cloud and on-premises vulnerability management products.  Continue Reading

• Want a board-level cybersecurity expert? They're hard to find

  Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness.  Continue Reading

• Rapid7 Nexpose: Vulnerability management product overview

  Ed Tittel examines Rapid7 Nexpose, a vulnerability management product for physical, virtual, cloud and mobile environments that discovers assets and scans for vulnerabilities.  Continue Reading

• Qualys Vulnerability Management: Product overview

  Expert Ed Tittel examines Qualys Vulnerability Management, a product for organizations of all sizes that is designed to help admins identify, monitor and mitigate vulnerabilities.  Continue Reading

• Splunk Enterprise Security: Product overview

  Expert Dan Sullivan explores how Splunk Enterprise Security uses big data security analytics to incorporate multiple methods of data integration to identify malicious events.  Continue Reading

• Choosing the best web fraud detection system for your company

  This guide explains the technology and the key features an effective system should include to help readers evaluate fraud detection products and choose the best for their company.  Continue Reading

• RSA NetWitness Logs and Packets: Security analytics product overview

  Expert Dan Sullivan examines RSA's NetWitness Logs and Packets, security analytics tools that collect and review logs, packets and behavior to detect enterprise threats.  Continue Reading

• When to take a bug bounty program public -- and how to do it

  Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.  Continue Reading

• The security ratings game grades third-party vendors

  Can security ratings services patterned on consumer credit scores offer insight into the security postures of third parties and other business partners?  Continue Reading

• Blue Coat DLP: Data loss prevention product overview

  Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products.  Continue Reading

• Blue Coat Security Analytics Platform: Product overview

  Expert Dan Sullivan takes a look at the Blue Coat Security Analytics Platform, which is designed to capture comprehensive network information and apply targeted security analytics.  Continue Reading

• WinMagic SecureDoc: Full-disk encryption product overview

  Expert Karen Scarfone examines the features of WinMagic's SecureDoc, a full-disk encryption product for laptops, desktops, mobile devices and servers.  Continue Reading

• Mojo AirTight WIPS overview

  Expert Karen Scarfone looks at the features and functionality of Mojo Networks' AirTight WIPS, a wireless intrusion prevention system designed to detect and block WLAN attacks.  Continue Reading

• Automated Security Analysis of Android and iOS Applications

  In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.  Continue Reading

• How to start building an enterprise application security program

  Building an effective application security program can be daunting. Sean Martin talks with experts about the best first steps enterprises should take.  Continue Reading

• Cybersecurity blind spots: Mitigating risks and vulnerabilities

  Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge.  Continue Reading

• CISSP online training: Software Development Security domain

  Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.  Continue Reading

• Aruba RFProtect WIPS: Product overview

  Expert Karen Scarfone examines the features of Aruba RFProtect, a wireless intrusion prevention system to detect and block WLAN attacks against enterprise networks.  Continue Reading

• Check Point Next Generation Firewall: Product overview

  Check Point Next Generation Firewall family combines firewalls with unified threat management technology, VPNs and more. Expert Mike O. Villegas takes a closer look.  Continue Reading

• Cisco ASA with FirePOWER: NGFW product overview

  Cisco combined the ASA series firewall with SourceFire's FirePOWER threat and malware detection capabilities. Expert Mike O. Villegas takes a closer look at this NGFW.  Continue Reading

• Strong authentication methods: Are you behind the curve?

  Not sure who's really behind that username and password? Google, Facebook and others may finally give multifactor authentication technology the 'push' it needs.  Continue Reading

• Proper network segments may prevent the next breach

  Companies still fail to implement secure network segmentation and role-based access. Here's how to protect your sensitive data and stay out of the headlines.  Continue Reading

• Choosing secure file transfer products for your enterprise

  Are you concerned about file transfer security? Expert Karen Scarfone discusses the best products for transporting files while maintaining their confidentiality.  Continue Reading

• Voltage SecureMail encryption tool: Product overview

  Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise.  Continue Reading

• Symantec Desktop Email Encryption: Product overview

  Expert contributor Karen Scarfone examines Symantec Desktop Email Encryption, a tool for encrypting email messages for individuals within the enterprise.  Continue Reading

• Information Governance and Security: Protecting and Managing Your Company's Proprietary

  In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business.  Continue Reading

• Integrated Security Systems Design

  In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design ...  Continue Reading