Get started
Bring yourself up to speed with our introductory content.
Data Security and Cloud Computing
How to manage HTTP response headers for IIS, Nginx and Apache
HTTP response header configuration files on servers need to be set up properly to secure sensitive data. Expert Judith Myerson outlines how to do this on different types of servers. Continue Reading
CISSP Domain 5: Cloud identity management and access control
From cloud identity and access management to physical access control, this study guide will help you review key concepts from Domain 5 of the CISSP exam. Continue Reading
CISSP Domain 5 quiz: Types of access control systems
Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more. Continue Reading
-
What GDPR privacy requirements mean for U.S. businesses
Prospects of GDPR enforcement may be sowing fear, uncertainty and doubt. But the policy is also sending a clear message to companies: protect customer privacy, or else. Continue Reading
Will it last? The marriage between UBA tools and SIEM
The failure to detect insider threats and a growing need to store and sort through massive amounts of data have drawn attention to user behavior analytics, sometimes called user and entity behavior analytics. According to Gartner, UBA tools deliver ... Continue Reading
Cyberthreats, cyber vulnerabilities, and how to fight back
The key to countering cyberthreats today is to first understand your biggest vulnerabilities and then research the most effective countermeasures available to minimize them.Continue Reading
principle of least privilege (POLP)
The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work.Continue Reading
identity management (ID management)
Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with ...Continue Reading
Security Controls Evaluation, Testing, and Assessment Handbook
In this excerpt from chapter 11 of Security Controls Evaluation, Testing, and Assessment Handbook, author Leighton Johnson discusses access control.Continue Reading
How to add HTTP security headers to various types of servers
Expert Judith Myerson outlines the different types of HTTP security headers and how to add them to different servers, including Apache, Ngnix and Microsoft IIS Manager.Continue Reading
-
How to prevent password attacks and other exploits
Prevention is essential to protection against various types of password attacks, unauthorized access and related threats. Expert Adam Gordon outlines how to proactively bolster your defenses.Continue Reading
The best email security comes through strategy and tactics
The best email security policy requires a holistic approach of the issue, understanding both the problem's scope and the most likely threats.Continue Reading
Why threat models are crucial for secure software development
Threat modeling is an important component of the secure software development process. Steve Lipner of SafeCode explains how threat models benefit software security.Continue Reading
Learn how to identify and prevent access control attacks
Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening.Continue Reading
Are companies with a SOC team less likely to get breached?
Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get.Continue Reading