Evaluate

Password Management and Policy

• How did Netflix phishing attacks use legitimate TLS certificates?

  Hackers can imitate the design and domain name of popular sites like Netflix to steal credentials. Expert Michael Cobb explains how these Netflix phishing attacks work. Continue Reading

• How to find the best privileged identity management tool

  To ensure IT security means first realizing that elevated privileges can also be an open door for hackers. Locking things down requires teamwork, good tools and more. Continue Reading

• Weighing privileged identity management tools' pros and cons

  Products that help security pros manage access privileges are essential to IT security. Learn how to evaluate market offerings and acquire the best for your company. Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies. Continue Reading

• What new NIST password recommendations should enterprises adopt?

  NIST is coming up with new password recommendations for the U.S. government. Expert Michael Cobb covers the most important changes that enterprises should note. Continue Reading

• Keydnap malware: How does it steal Mac passwords?

  The Keydnap malware has the ability to steal passwords stored in the Keychain Access app on Mac systems. Expert Nick Lewis explains how to mitigate this issue.Continue Reading

• Risk & Repeat: Yahoo data breach details emerge

  In this Risk & Repeat podcast, SearchSecurity editors discuss new information on the Yahoo data breach, including how counterfeit cookies may have been used by attackers.Continue Reading

• Risk & Repeat: Yahoo breach response, security practices criticized

  In this Risk & Repeat podcast, SearchSecurity editors discuss the Yahoo breach and questions and criticism regarding the company's enterprise security practices.Continue Reading

• Making updates to your IAM framework

  This Security School examines how security professionals should consider updating and adapting their IAM framework to work with emerging technologies.Continue Reading

• IAM strategy: Update to work with new technologies

  Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.Continue Reading

• Expanding the IAM infrastructure to meet emerging challenges

  Your IAM infrastructure should cut through the 'access excess' that is plaguing most companies. Learn how to overcome the challenges posed by migration to cloud and mobility.Continue Reading

• Windows 10 Wi-Fi Sense for hotspot sharing: Is it safe?

  Microsoft's Windows 10 Wi-Fi Sense was designed to make hotspot sharing easy, but experts debate if the security risks are real and whether the new feature offers substantial benefits and relative safety.Continue Reading

• Can facial recognition authentication improve mobile security?

  MasterCard is testing a new facial recognition authentication system for mobile payments. Expert Michael Cobb explains how it works, and what it means for users.Continue Reading

• What does bimodal IAM mean for user credentials?

  Bimodal IAM may be a new term, but this new way to use user credentials should probably already be in practice among secure organizations.Continue Reading

• Why PCI non-compliance is a problem for many

  PCI DSS requirement 2 specifies companies must change vendor-supplied default passwords, but only 50% were in compliance. Expert Mike Chapple explains why.Continue Reading