Evaluate

Evaluate

Weigh the pros and cons of technologies, products and projects you are considering.

• Who wins the security vs. privacy debate in the age of AI?

  When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading

• What are the cybersecurity benefits of zero trust?

  The zero-trust model demands infosec leaders take a holistic approach to security. Learn about the benefits of zero trust and how it differs from traditional security approaches. Continue Reading

• Risk & Repeat: More McAfee executives depart

  This week's Risk & Repeat podcast discusses the revelation that more executives have left McAfee amid the unexpected departure of longtime CEO Chris Young last month. Continue Reading

• RSA Conference 2020 guide: Highlighting security's human element

  What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event. Continue Reading

• Risk & Repeat: 2019 data breaches in review

  This week's Risk & Repeat podcast looks at some of the biggest data breach disclosures from the second half of 2019 and discusses the trends around these incidents. Continue Reading

• 2 components of detection and threat intelligence platforms

  Deploying threat detection and intelligence platforms is one of the smartest ways to protect your organization's valuable assets. Make sure you know how to choose the best tool.Continue Reading

• Cisco CISO says today's enterprise must take chances

  Cisco CISO Steve Martino talks about taking chances, threats, how the security leader's role is changing and what really works when it comes to keeping the company secure.Continue Reading

• Can IDaaS adoption improve enterprise security posture?

  Experts suggest enterprises consider identity as a service as organizations' data management needs grow and access management becomes more complex.Continue Reading

• ransomware

  Ransomware is a subset of malware in which the data on a victim's computer is locked -- typically by encryption -- and payment is demanded before the ransomed data is decrypted and access is returned to the victim.Continue Reading

• Compare container security companies for the best protection

  Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic.Continue Reading

• Top 10 cybersecurity predictions: 2020 edition

  When it comes to cybersecurity predictions, in many ways, 2020 is a continuation of the present. Emerging trends include nation-state activity, IoT infrastructure attacks and more.Continue Reading

• AI and machine learning in cybersecurity: Trends to watch

  AI and machine learning in cybersecurity are not so much useful to security teams today as they are necessary. Examine cybersecurity automation trends and benefits.Continue Reading

• Editor's picks: Most pressing cybersecurity stories in 2019

  As the year comes to an end, SearchSecurity takes a bird's-eye view of the sophisticated cyberthreat landscape and how it has changed over the past 12 months.Continue Reading

• Host IDS vs. network IDS: Which is better?

  Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security.Continue Reading

• Google expands multiple Chrome password protection features

  Chrome's updated, built-in protections are intended to help users protect their passwords and data against malware, data breaches and phishing sites, according to the company.Continue Reading

• Role of AI in cybersecurity and 6 possible product options

  Cyberthreats loom large in this modern IT environment. Explore the six most common roles of AI in cybersecurity and the products synthesizing them.Continue Reading

• As cybersecurity insurance coverage becomes common, buyer beware

  Cybersecurity insurance coverage can certainly have its benefits after a breach, but companies must consider a variety of unique business factors before choosing a policy.Continue Reading

• The top 3 use cases for AI endpoint security tools

  Endpoint attack surfaces are growing, and cybersecurity pros struggle to keep up. Consider the following use cases for AI endpoint security techniques in the enterprise.Continue Reading

• Designing the future of cyber threat intelligence sharing

  Attendees at the ACSC conference strategized about what ideal threat intelligence sharing looks like. Learn more about the future of collaborative cyberdefense.Continue Reading

• Boost network security visibility with these 4 technologies

  The network is where it's at if you want to stop malicious actors. But first you need to up your network visibility. Learn about four technologies that can help.Continue Reading

• Network visibility and monitoring tools now amp up security

  Three technology trends are currently making network visibility even more central to security tools. Learn more about the impact of big data, AI and APIs.Continue Reading

• How the future of data privacy regulation is spurring change

  Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape.Continue Reading

• On a penetration tester career path, flexibility and curiosity are key

  Becoming a pen tester takes more than passing an exam. Learn the qualities ethical hackers should embrace to achieve success on their penetration tester career path.Continue Reading

• Is a cybersecurity insurance policy a worthy investment?

  Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk.Continue Reading

• How should I choose a cybersecurity insurance provider?

  To vet potential cybersecurity insurance providers, there are a few questions every customer should ask. Learn more about the questions to ask and how to get the answers you need.Continue Reading

• Essential instruments for a pen test toolkit

  Does your penetration testing toolkit have the proper contents? Learn the must-have tool for any pen tester, as well as specific tools for wireless, network and web app pen testing.Continue Reading

• Choosing between an SSL/TLS VPN vs. IPsec VPN

  Infosec pros need to know the ins and outs of SSL/TLS VPNs vs. IPsec VPNs to better understand which product's features will fulfill the needs of their organization. Get help comparing here.Continue Reading

• Should I invest in attack simulation tools?

  Attack simulation tools -- along with third-party penetration testing -- can help improve an organization's enterprise security. Find out why.Continue Reading

• Do network layer and application layer DDoS attacks differ?

  Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects.Continue Reading

• Symmetric vs. asymmetric encryption: Deciphering the differences

  Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.Continue Reading

• How software-defined perimeter authentication ups security

  Find out how the emerging software-defined perimeter model increases security by its design and how it can serve as a building block to zero-trust security.Continue Reading

• Designing IoT security: Experts warn against cutting corners

  Security, though costly, is essential for IoT devices; a single breach can destroy a company's reputation. IoT security by design can avoid devastating incidents.Continue Reading

• Gigamon launches platform to improve application visibility

  Application Metadata Intelligence identifies network performance, application performance, operational technology communications and security and threat detection.Continue Reading

• Browse the best email security products for your enterprise

  Finding the best email security product is vital to protect companies from cyberattacks. Here's a look at the current market leaders.Continue Reading

• The difference between zero-day vulnerability and zero-day exploit

  A zero-day vulnerability isn't the same as a zero-day exploit. Learn the difference between these two zero-day terms, as well as why they should be high priority on any CISO's patching list.Continue Reading

• DevOps security checklist requires proper integration

  There are a lot of moving parts to adding security into a DevOps environment. Using application testing DevOps security tools are key to the equation.Continue Reading

• How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.Continue Reading

• 5 email security appliance comparison criteria to consider

  Identifying the best email security appliance on the market can be hard. This article discusses the criteria to consider when choosing one for your organization.Continue Reading

• Why is third-party risk management essential to cybersecurity?

  Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals.Continue Reading

• What secure email gateways can do for your enterprise

  Discover email security gateways in this buyer's guide that outlines architecture, cost and uses of email security products.Continue Reading

• Digital transformation redefines cybersecurity skills, careers

  The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think.Continue Reading

• How to pass the CISSP exam on your first try: Tips to get a good score

  Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.Continue Reading

• SD-WAN security benefits go beyond the obvious

  SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise.Continue Reading

• What are the pros and cons of outsourcing IT security?

  Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind.Continue Reading

• Quantum computers mean cryptography needs to change, and soon

  As quantum computing gains momentum with practical quantum computers due to come online as early as next year, concerns about post-quantum cryptography are pushed to the forefront.Continue Reading

• Understand the basics of email security gateways

  Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these products get the job done.Continue Reading

• 5 best practices to choose the right email security software

  Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise.Continue Reading

• The benefits of IAM can far outweigh the costs

  Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network.Continue Reading

• Cisco engineer: Why we need more women in cybersecurity

  Progress on the cybersecurity gender gap has been slow but steadier recently. Cisco engineer Michele Guel explains how to hack the gender gap.Continue Reading

• Who's to blame for ransomware attacks -- beyond the attackers?

  Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops.Continue Reading

• Do I need to adopt a cybersecurity framework?

  A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages.Continue Reading

• How to beef up Office 365 email security features

  Companies looking to fortify their Office 365 email security can assess options from a variety of third-party vendors. Find out which features are the most important.Continue Reading

• Ultimate guide to incident response and management

  Learn actionable incident response strategies that your IT and enterprise security teams can use to meet today's security threats and vulnerabilities more effectively.Continue Reading

• Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black

  Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents.Continue Reading

• How to become an incident responder: Requirements and more

  Incident response is a growth field that provides excitement and a good salary. Here's an in-depth look at requirements, salaries and the career path.Continue Reading

• Top 10 incident response vendors for 2019

  Leading incident response services include a variety of specialized tools to help organizations plan and manage their overall cybersecurity posture.Continue Reading

• Top incident response tools to boost network protection

  Incident response tools can help organizations identify, prevent and respond to malware exploits, ransomware and other targeted cybersecurity attacks.Continue Reading

• What identity governance tools can do for your organization

  Learn how to evaluate available security tools that manage the governance of your users' identity and access to company systems and data.Continue Reading

• SANS security awareness credential paves new career path

  The SANS Security Awareness Professional credential gives enterprises a new method to recognize and promote cybersecurity awareness in the organization.Continue Reading

• Zero-trust security model means more than freedom from doubt

  A zero-trust security model has a catchy name, but the methodology means more than not trusting any person or device on the network. What you need to know.Continue Reading

• Why are fewer companies using SMS 2FA for authentication?

  Instead of SMS two-factor authentication, some companies are switching to 2FA through messaging apps and social media platforms. Learn what's behind this authentication trend.Continue Reading

• Explore this NGFW comparison of leading vendors on the market

  Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decisionContinue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.Continue Reading

• How to select and implement a next-gen firewall

  This buyer's guide examines next-generation firewalls and how to select the correct one for your organization based on comparison of product features.Continue Reading

• What makes BSA's secure software development framework unique?

  BSA rolled out a new secure software development framework in an effort to promote best practices for secure software development and improve security for all.Continue Reading

• 6 firewall selection criteria to purchase NGFWs

  These six key factors will help your company determine the best NGFW product for your organization's needs.Continue Reading

• How does an identity and access management framework work?

  A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?Continue Reading

• The 5 different types of firewalls

  Learn about the similarities and differences among five basic types of firewalls, including packet filtering firewalls, application-level gateways and next-gen firewalls.Continue Reading

• Next-generation firewall comparison based on company needs

  Compare leading next-generation firewalls to help find the option that best fits your IT environment and security needs.Continue Reading

• What are some of the top identity and access management risks?

  Identity and access management risks exist, but the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?Continue Reading

• Next-generation firewalls vs. traditional and UTMs

  Learn the advantages of next-generation firewalls that protect enterprise networks from attacks and intrusion, as well as the differences between NGFWs and traditional firewalls.Continue Reading

• How information sharing can reduce cybersecurity vulnerabilities

  Cybersecurity vulnerabilities come from multiple fronts for modern businesses, but information sharing about real-world breaches -- good and bad -- provides valuable intelligence.Continue Reading

• Top risks of deploying zero-trust cybersecurity model

  Adopting a zero-trust model for cybersecurity brings many benefits -- but also risks. Find out why a zero-trust approach to security is not a panacea.Continue Reading

• 10 endpoint security products to protect your business

  Check out this product roundup and discover all the features endpoint security protection offers, such as patch management, email protection and reporting.Continue Reading

• Challenges and benefits of using the Mitre ATT&CK framework

  Taking the first step might be the biggest hurdle to using the Mitre ATT&CK cybersecurity framework. Find out more about the benefits, challenges and how to get started.Continue Reading

• Top 5 reasons for a zero-trust approach to network security

  As network perimeters disintegrate and enterprises adopt cloud computing, discover the top reasons organizations are opting for a zero-trust approach to network security.Continue Reading

• 12 essential features of advanced endpoint security tools

  In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security products to monitor operation functions and data backup strategies.Continue Reading

• Assess secure web gateways to suit your network security needs

  Secure web gateways play an important role in minimizing security risks associated with website vulnerabilities, user behaviors and endpoint weaknesses.Continue Reading

• Assess endpoint security tools to fulfill organizational needs

  Learn about the evolution of endpoint security tools, and how to procure and buy the right antimalware protection products for your organization.Continue Reading

• Fortinet: 5G to present new edge computing security concerns

  Although the rollout of 5G connectivity will enable new edge computing opportunities, John Maddison, executive VP at Fortinet, said it will also require new security considerations.Continue Reading

• Symantec Web Security Service vs. Zscaler Internet Access

  Learn how cloud-based secure web gateway products Symantec Web Security Service and Zscaler Internet Access compare when it comes to features, benefits, pricing and support.Continue Reading

• 6 questions to ask before evaluating secure web gateways

  Learn which six questions can help an organization identify its web security and business needs and its readiness to implement a secure web gateway.Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures.Continue Reading

• Zero-trust security model primer: What, why and how

  What exactly is a zero-trust security model? This primer explains the basics about the philosophy behind how designing a security architecture strictly limits access to all, not just outsiders.Continue Reading

• How can I detect fileless malware attacks?

  Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns.Continue Reading

• Who needs security orchestration, automation and response?

  Who needs SOAR? Only those companies with understaffed, overworked IT security teams. Learn how SOAR tools free up security pros to tackle the more demanding projects.Continue Reading

• Plugging the cybersecurity skills gap with security automation

  Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder.Continue Reading

• An introduction to building management system vulnerabilities

  Understanding what a building management system is and does is important for organizations to have stronger security postures. Expert Ernie Hayden examines the BMS and its flaws.Continue Reading

• Find the right tool using this antimalware software comparison

  Compare endpoint antimalware software products for organizations based on features, level of protection and vendor offerings.Continue Reading

• How bellwether cybersecurity technologies predict success

  Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why.Continue Reading

• The developer's role in application security strategy

  Developers often pay lip service about being integral to application security, but they usually don't consider vulnerabilities until much too late in the dev process.Continue Reading

• Antimalware protection and the fundamentals of endpoint security

  Learn about antimalware protection and how endpoint security technology prevents malware from infecting end-user computers and corporate networks.Continue Reading

• Multifactor authentication methods, use cases and products

  Protect your organization from financial and client loss with multifactor authentication tools that keep your company safe from potential cyberattacks.Continue Reading

• A guide to SIEM platforms, benefits and features

  Evaluate the top SIEM platforms before making a buying decision. Explore how the top SIEM platform tools protect enterprises by collecting security event data for centralized analysis.Continue Reading

• Can a zero-trust approach fill the security perimeter void?

  With the enterprise perimeter a mere memory, how can enterprises hope to secure their mission-critical data and systems?Continue Reading

• Microsegmentation security: Your key to zero trust

  Zero trust is the path forward to secure corporate IT assets. Learn how to put into place a zero-trust security model with a microsegmentation strategy.Continue Reading

• Should I use GitHub's new private repositories?

  Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't.Continue Reading

• Explore multifactor authentication products in-depth

  Discover some of the best multifactor authentication products currently on the market based on target industry and main features to help you make a final buying decision.Continue Reading

• Vet third-party apps to reduce supply chain threats

  Enterprises are more vulnerable than ever before to supply chain threats from third-party apps and modules. Last fall's compromised NPM package is one cautionary tale.Continue Reading

• Compare the top multifactor authentication vendors

  What makes a multifactor authentication tool right for an enterprise? This article compares four of the leading multifactor authentication vendors and reviews their products.Continue Reading