Get started

Data Security and Cloud Computing

• Microsoft FIM (Microsoft Forefront Identity Manager)

  Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite. Continue Reading

• Certification Central - CISSP®

  Studying for, obtaining and maintaining your CISSP® certification has now become more convenient with SearchSecurity.com. Continue Reading

• Splunk video tutorial demonstrates how to use Splunk for security

  Video: Keith Barker of CBT Nuggets walks viewers through a tutorial of how to use Splunk and shows how the free version can be used for IT security. Continue Reading

• Introduction: Mobile security survey 2012 audio slideshow

   Continue Reading

• Firewall security best practices: Get firewall network security advice

  Get to know your firewall inside and out with this compilation of resources on firewall vulnerabilities, configuration and more. Continue Reading

• Definitions to Get Started

  • backdoor (computing)
  • post-quantum cryptography
  • cybercrime
  • CVSS (Common Vulnerability Scoring System)

  • Dridex malware
  • identity management (ID management)
  • SOAR (Security Orchestration, Automation and Response)
  • Certified Information Systems Auditor (CISA)

  View All Definitions

• Network Forensics: Tracking Hackers through Cyberspace

  Authors Sherri Davidoff and Jonathan Ham discuss the benefits of Web proxies and caching for forensic analysts in this chapter excerpt from their co-authored book, Network Forensics: Tracking Hackers through Cyberspace.Continue Reading

• Intrusion detection and prevention: IDS/IPS security guide

  This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, ...Continue Reading

• attack vector

  An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.Continue Reading

• Zeus Trojan (Zbot)

  Zeus, also known as Zbot, is a malware toolkit that allows a cybercriminal to build his own Trojan Horse. A Trojan Horse is programming that appears to be legitimate but actually hides an attack.Continue Reading

• memory-scraping malware

  Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes.Continue Reading

• differential power analysis (DPA)

  A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.Continue Reading

• WAPI (WLAN Authentication and Privacy Infrastructure)

  WAPI (WLAN Authentication and Privacy Infrastructure) is the wireless local area network (WLAN) standard officially supported by the Chinese state government.Continue Reading

• PCI DSS 2.0

  PCI DSS 2.0 (Payment Card Industry Data Security Standard Version 2.0) is the second version of the Payment Card Industry Data Security Standard (PCI DSS).Continue Reading

• PCI Security Standards Council

  The PCI Security Standards Council is an organization created by the major credit card companies in an effort to better protect credit card holder data.Continue Reading

• PCI QSA

  Payment Card Industry Qualified Security Assessor (PCI QSA) is a designation conferred by the PCI Security Standards Council to individuals it deems qualified to perform PCI assessments and consulting servicesContinue Reading

• PA-DSS (Payment Application Data Security Standard)

  Payment Application Data Security Standard (PA-DSS) is a set of requirements that are intended to help software vendors develop secure payment applications that support PCI DSS compliance.Continue Reading

• PCI policy

  A PCI policy is a type of security policy that covers how an organization addresses the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS).Continue Reading

• NAC security guide: How to achieve secure network access in the enterprise

  This multi-part network access control (NAC) security guide covers a variety of NAC-related topics, offering tips and expert advice on how to thoroughly secure network access to the enterprise.Continue Reading

• Security School: Data breach prevention strategies

  In this lesson, expert Nick Lewis establishes a baseline data breach prevention strategy every enterprise should have in place.Continue Reading

• Technical Guide on SIM

  Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting.Continue Reading

• RSA Conference 2012: Special Conference Coverage

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• Security School: Network content monitoring must-haves

  In this new lesson, expert Mike Chapple explores how to best prioritize and strategize for data protection investments to protect key content.Continue Reading

• Book chapter: Social media security policy best practices

  The following is an excerpt from chapter 6 Gary Bahadur from the book Securing the clicks: Network security in the age of social media.Continue Reading

• Shared Key Authentication (SKA)

  Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol... (Continued)Continue Reading

• Tilded platform

  The Tilded platform is a malicious software communicator specifically designed as a vessel for transmitting malware undetected.Continue Reading

• Duqu (W32.Duqu)

  Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.Continue Reading

• security awareness training

  Security awareness training is a formal process for educating employees about corporate policies and procedures for working with information technology (IT).Continue Reading

• homomorphic encryption

  Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.  Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without ...Continue Reading

• voluntary botnet

  A voluntary botnet is a distributed network of computers whose processing power is harnessed to carry out a political or socially-motivated denial of service (DoS) attack.Continue Reading

• TDL-4 (TDSS or Alureon)

  TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.Continue Reading

• application blacklisting

  Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or ...Continue Reading

• barnacle

  In a computer, a barnacle is unwanted programming, such as adware or spyware, that is downloaded and installed along with a user-requested program.Continue Reading

• malvertisement (malicious advertisement or malvertising)

  A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.Continue Reading

• Information security job titles: Irrelevant to your career

  Remember, potential new security roles are doled out based on experience and accomplishments, not some fancy title.Continue Reading

• Network security audit guidelines: Inside the importance of audit planning

  In this SearchSecurity.com mini learning guide you will learn the ins and outs of network security audit guidelines, as well as the importance of audit planning, and how to perform and prepare for an audit.Continue Reading

• Common Weakness Enumeration (CWE)

  Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)Continue Reading

• Twofish

  Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.Continue Reading

• XML encryption and WS-Security tutorial: Essential elements of Web services security

  WS-Security and XML encryption are two essential elements of Web services security. In this XML encryption and WS-Security tutorial, which is a part of the SearchSecurity.com XML Web services tutorial, learn more about the security threats and ...Continue Reading

• XML firewall security guide: Prevent XML vulnerabilities and threats

  This section of the XML Web services Tutorial highlights the functions and capabilities of the XML firewall, how the features of an XML firewall compare to other firewalls, and offers advice on how to prevent XML vulnerabilities and stop XML attacks.Continue Reading

• content filtering (information filtering)

  On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.Continue Reading

• Secure VoIP tutorial: Understanding VoIP security best practices

  More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best...Continue Reading

• Career advantages of security professional certifications and advanced degrees

  Choose wisely when pursuing industry certifications and advanced degrees to gain the best competitive advantage.Continue Reading

• parameter tampering

  Parameter tampering is a form of Web-based hacking event (called an attack) in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user's authorization... (Continued)Continue Reading

• authentication, authorization, and accounting (AAA)

  Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading

• backscatter body scanning

  Backscatter body scanning is an X-ray-based technology that yields a high-resolution image of a person's body beneath their clothing and reveals concealed objects... (Continued)Continue Reading

• wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.Continue Reading

• privilege escalation attack

  A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.Continue Reading

• domain rotation

  Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist...Continue Reading

• user account provisioning

  User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading

• advanced evasion technique (AET)

  An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection systemContinue Reading

• metamorphic and polymorphic malware

  Metamorphic and polymorphic malware are two categories of malicious programs that have the ability to change their code as they propagate.Continue Reading

• Pwn2Own

  Pwn2Own is an annual hacking competition sponsored by security vendor TippingPoint and held at the CanSecWest security conference.Continue Reading

• electronic discovery (e-discovery or ediscovery)

  Electronic discovery (also called e-discovery or ediscovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case.Continue Reading

• alternate data stream (ADS)

  An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.Continue Reading

• endpoint fingerprinting

  Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems,...Continue Reading

• bot worm

  A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that...Continue Reading

• Security as a Service (SaaS)

  Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided ...Continue Reading

• zero-day exploit

  A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.Continue Reading

• HIPAA business associate

  As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health ...Continue Reading

• Qualified Security Assessor (QSA)

  A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance.Continue Reading

• Report on Compliance (ROC)

  A Report on Compliance (ROC) is a form that must be completed by all Level 1 Visa merchants undergoing a PCI DSS audit. In general, a level 1 merchant is one who processes over 6 million Visa transactions in a year.Continue Reading

• Web browser security tutorial: Safari, IE, Firefox browser protection

  Newly updated: This Web browser security tutorial identifies the inherent flaws of Internet Explorer and Mozilla Firefox, introduces viable Web browser alternatives and provides tools and tactics to maximize your Web browsing security and browser ...Continue Reading

• I-SPY Act -- Internet Spyware Prevention Act of 2005 (H.R. 744)

  The I-SPY Act, formally known as the Internet Spyware Prevention Act of 2005 (H.R. 744), is a bill in the U.S. Congress that would criminalize the unauthorized use of spyware, phishing, and other methods of using the Internet to obtain sensitive ...Continue Reading

• intelligence community

  The term intelligence community refers to government and other public agencies as well as private agencies that gather, assemble, and report information that pertains to world or national security.Continue Reading

• Fortezza

  Fortezza, Italian for "fortress," is a family of security products trademarked by the US government's National Security Agency.Continue Reading

• Defense Message System (DMS)

  The Defense Message System (DMS) is a secure X.400-based e-mail system developed by the United States government in conjunction with industry partners to ensure safety for critical operations.Continue Reading

• lifestyle polygraph

  A lifestyle polygraph is a lie-detector (polygraph) test that is administered as a requirement for employment in certain fields.Continue Reading

• HSPD-7 (Homeland Security Presidential Directive No. 7)

  HSPD-7 (Homeland Security Presidential Directive No. 7) was a directive issued by U.S. President George W. Bush in December, 2003 that updated policies intended to protect the country from terrorist attacks. This directive superseded the earlier PDD...Continue Reading

• CALEA (Communications Assistance for Law Enforcement Act)

  CALEA (Communications Assistance for Law Enforcement Act) is a United States federal law that enables the government to intercept wire and electronic communications and call-identifying information under certain circumstances -- in particular, when ...Continue Reading

• national identity card

  A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of ...Continue Reading

• National Computer Security Center (NCSC)

  The National Computer Security Center (NCSC) is a U.S. government organization within the National Security Agency (NSA) that evaluates computing equipment for high security applications to ensure that facilities processing classified or other ...Continue Reading

• Tempest

  Tempest was the name of a classified (secret) U.S. government project to study (probably for the purpose of both exploiting and guarding against) the susceptibility of some computer and telecommunications devices to emit electromagnetic radiation (...Continue Reading

• security clearance

  A security clearance is an authorization that allows access to information that would otherwise be forbidden.Continue Reading

• government Trojan

  A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals ...Continue Reading

• Four steps toward a plan for a career in information security

  Having a long-term goal for a career in information security isn't enough. Here are four key steps for planning for a career in information security.Continue Reading

• Risk-based audit methodology: How to achieve enterprise security

  Discover how using a risk-based audit methodology can achieve better enterprise security. Learn how to develop an internal IT audit program, implement risk mitigation methods and develop controls and ensure they are effective.Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.Continue Reading

• IT security policy management: Effective polices to mitigate threats

  In this mini guide, you will gain a better understanding of IT security policy management and learn how to create an effective IT security policy, how to ensure security polices are managed appropriately, best practices for policy implementation and...Continue Reading

• Develop an effective information security career plan

  A successful career in information security requires an effective information security career planContinue Reading

• Same Origin Policy (SOP)

  The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integrity of information.Continue Reading

• Securing your wireless network: Preventing wireless security threats

  This mini learning guide helps enterprise information security managers and executives develop a better understanding of wireless network security and learn why investing time and resources in securing your wireless network can help thwart security ...Continue Reading

• Web application attacks security guide: Preventing attacks and flaws

  This Web application attacks guide explains how Web application attacks occur, identifies Web application attack types, and provides Web application security tools and tactics to protect against them.Continue Reading

• Operation Phish Phry

  Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities.Continue Reading

• pulsing zombie

  A pulsing zombie is a computer whose security has been compromised without its owner's knowledge by a cracker so that it intermittently carries out a denial-of-service attack on target computers in a network.Continue Reading

• Mini guide: How to remove and prevent Trojans, malware and spyware

  Organizations need to learn how to implement proper protections and understand best practices for malware defense in order to keep their network environments secure. In this mini guide you will learn how to prevent, remove and stop types of malware ...Continue Reading

• micro-botnet (mini-botnet or baby botnet)

  A micro-botnet, also called a mini-botnet or baby botnet, is a small network of Internet-connected computers that have been hijacked to attack specific companies or individuals within a company.Continue Reading

• Endpoint protection best practices manual: Combating issues, problems

  Learn how to employ effective endpoint security controls, technologies and policies, and well as define methods and techniques for a multilayered endpoint defense system.Continue Reading

• Buffer overflow tutorial: How to find vulnerabilities, prevent attacks

  Buffer overflow exploits and vulnerabilities can lead to serious harm to corporate Web applications, as well as embarrassing and costly data security breaches and system compromises.Continue Reading

• data masking

  Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. The purpose is to protect the actual data while having a ...Continue Reading

• RAT (remote access Trojan)

  A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the...Continue Reading

• SQL injection protection: A guide on how to prevent and stop attacks

  In this SQL injection protection guide get advice on how to prevent and stop SQL injection attacks, also learn best practices on how to detect vulnerabilities.Continue Reading

• security information management (SIM)

  Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is ...Continue Reading

• deperimeterization

  In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.Continue Reading

• FERPA (Family Educational Rights and Privacy Act of 1974)

  FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.Continue Reading

• An introduction to Information Security Career Advisor

  SearchSecurity.com is pleased to partner with infosec career experts Lee Kushner and Mike Murray to bring you a new monthly column on information security careers. In their debut article, they explain why information security career coaching is ...Continue Reading

• An introduction to wireless security

  Don't let Wi-Fi become the weak link in your network's armor! Learn the business risks posed by wireless, essential countermeasures that can reduce those risks, and industry best practices for designing, deploying and monitoring secure WLANs.Continue Reading

• Hacker attack techniques and tactics: Understanding hacking strategies

  This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your network.Continue Reading

• HIPAA compliance manual: Training, audit and requirement checklist

  In this HIPAA compliance manual you will recieve advice on how to prepare for a security audit as well as a checklist for HIPAA training, gudielines and requirements.Continue Reading

• Internet Key Exchange (IKE)

  The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.Continue Reading

• Spyware Protection and Removal Tutorial

  This free spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and most importantly what you can to do to win the war on spyware.Continue Reading