Evaluate

Evaluate

Weigh the pros and cons of technologies, products and projects you are considering.

• Attack by TIFF images: What are the vulnerabilities in LibTIFF?

  Attackers using crafted TIFF images can exploit flaws in the LibTIFF library to carry out remote code execution. Expert Michael Cobb explains how these vulnerabilities work. Continue Reading

• Risk & Repeat: Does the Amazon S3 outage raise security flags?

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications. Continue Reading

• How can the Dirty COW vulnerability be used to attack Android devices?

  A copy-on-write vulnerability known as 'Dirty COW' was found in the Linux kernel of Android devices. Expert Michael Cobb explains the risks of this attack. Continue Reading

• SHA-1 certificates: How will Mozilla's deprecation affect enterprises?

  Mozilla browser users will encounter 'untrusted connection' errors if they use SHA-1 signed certificates. Expert Michael Cobb explains why, and what enterprises can do. Continue Reading

• Ransomware costs not limited to ransoms, research shows

  The financial fallout from ransomware involves more than bitcoins, one study found. Targeted companies invest in security technology and fear loss of reputation and customers. Continue Reading

• Ransomware prevention tools to win the fight

  Fighting malware today means battling ransomware. Learn what ransomware prevention tools you need to acquire and how to perfect using the tools your company already owns.Continue Reading

• What are the pros and cons of hiring a virtual CISO?

  A virtual CISO is a good option for smaller organizations that want stronger security leadership, but don't have the budget. Expert Mike O. Villegas discusses the pros and cons.Continue Reading

• How big data tools and technologies can be protected from risk

  Big data tools and technologies can contribute to your enterprise's overall security, but they also require protection. Find out the controls your enterprise can implement.Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.Continue Reading

• Risk & Repeat: Pentagon cybersecurity under fire

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Pentagon cybersecurity amid reports of misconfigured servers at the U.S. Department of Defense.Continue Reading

• What's the difference between software containers and sandboxing?

  Understanding the difference between software containers and sandboxing can help enterprises make the right decision about which to use. Expert Matthew Pascucci explains them.Continue Reading

• Big data frameworks: Making their use in enterprises more secure

  Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis.Continue Reading

• Stop app attacks with a web application firewall

  Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF.Continue Reading

• Insider threat detection tools that sniff out dangers from within

  Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.Continue Reading