Get started

Data Security and Cloud Computing

• Cyberthreats, cyber vulnerabilities, and how to fight back

  The key to countering cyberthreats today is to first understand your biggest vulnerabilities and then research the most effective countermeasures available to minimize them. Continue Reading

• principle of least privilege (POLP)

  The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work. Continue Reading

• identity management (ID management)

  Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with ... Continue Reading

• Security Controls Evaluation, Testing, and Assessment Handbook

  In this excerpt from chapter 11 of Security Controls Evaluation, Testing, and Assessment Handbook, author Leighton Johnson discusses access control. Continue Reading

• How to add HTTP security headers to various types of servers

  Expert Judith Myerson outlines the different types of HTTP security headers and how to add them to different servers, including Apache, Ngnix and Microsoft IIS Manager. Continue Reading

• Definitions to Get Started

  • BlueKeep (CVE-2019-0708)
  • single sign-on (SSO)
  • biometrics
  • cyberwarfare

  • firewall
  • spear phishing
  • bridge
  • cyberterrorism

  View All Definitions

• How to prevent password attacks and other exploits

  Prevention is essential to protection against various types of password attacks, unauthorized access and related threats. Expert Adam Gordon outlines how to proactively bolster your defenses.Continue Reading

• The best email security comes through strategy and tactics

  The best email security policy requires a holistic approach of the issue, understanding both the problem's scope and the most likely threats.Continue Reading

• Why threat models are crucial for secure software development

  Threat modeling is an important component of the secure software development process. Steve Lipner of SafeCode explains how threat models benefit software security.Continue Reading

• Learn how to identify and prevent access control attacks

  Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening.Continue Reading

• Are companies with a SOC team less likely to get breached?

  Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get.Continue Reading

• phishing

  Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.Continue Reading

• vulnerability disclosure

  Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.Continue Reading

• The Basics of Cyber Safety

  In this excerpt from chapter four of The Basics of Cyber Safety, authors John Sammons and Michael Cross discuss basic email security.Continue Reading

• cyber attribution

  Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.Continue Reading

• incident response

  Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.Continue Reading