Get started

Data Security and Cloud Computing

• SSL (Secure Sockets Layer)

  Secure Sockets Layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet. Continue Reading

• Certified Information Systems Security Professional (CISSP)

  Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². Continue Reading

• What Moody's cyber-risk ratings mean for enterprises

  Moody's announced it will soon begin composing cyber-risk ratings for enterprises. Kevin McDonald explores the move and what it could mean for enterprises and the infosec industry. Continue Reading

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture. Continue Reading

• RSA algorithm (Rivest-Shamir-Adleman)

  The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it... Continue Reading

• Definitions to Get Started

  • tokenization
  • incident response
  • Federal Information Security Management Act (FISMA)
  • CISO as a service (vCISO, virtual CISO, fractional CISO)

  • access control
  • advanced persistent threat (APT)
  • biometrics
  • zero-day (computer)

  View All Definitions

• IP Spoofing

  IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.Continue Reading

• Testing email security products: Challenges and methodologies

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products, as well as the challenges it faced to come up with sound methodologies.Continue Reading

• smart card

  A smart card is a physical card that has an embedded integrated chip that acts as a security token.Continue Reading

• one-time password (OTP)

  A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.Continue Reading

• cipher

  In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.Continue Reading

• pen test (penetration testing)

  Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.Continue Reading

• challenge-response authentication

  In information security, challenge-response authentication is a type of authentication protocol where one entity presents a challenge or question, and another entity provides a valid response to be authenticated.Continue Reading

• NIST incident response plan: 4 steps to better incident handling

  The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step.Continue Reading

• honeypot (computing)

  A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.Continue Reading

• How to protect enterprise ICS networks with firewalls

  ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected.Continue Reading

• How Shodan helps identify ICS cybersecurity vulnerabilities

  Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security.Continue Reading

• denial-of-service attack

  A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.Continue Reading

• role-based access control (RBAC)

  Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.Continue Reading

• How does the SynAck ransomware use Process Doppelgänging?

  A technique called Process Doppelgänging was used by the SynAck ransomware to bypass security software. Expert Michael Cobb explains how this technique works and why it's unique.Continue Reading

• ethical hacker

  An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to penetrate a computer system, network, application or other computing resource on behalf of its owners -- and with their ...Continue Reading

• WannaCry ransomware

  The WannaCry ransomware is a worm that spreads by exploiting vulnerabilities in the Windows operating system.Continue Reading

• digital certificate

  A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.Continue Reading

• SIEM evaluation criteria: Choosing the right SIEM products

  Establishing solid SIEM evaluation criteria and applying them to an organization's business needs goes far when selecting the right SIEM products. Here are the questions to ask.Continue Reading

• Advances in access governance strategy and technology

  Recent advances in IAM policy, strategy and technology are raising companies' ability authenticate identities and manage access to their systems and data.Continue Reading

• SIEM benefits include efficient incident response, compliance

  SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting.Continue Reading

• certificate authority (CA)

  A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key.Continue Reading

• hacktivism

  Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.Continue Reading

• whaling attack (whaling phishing)

  A whaling attack, also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company.Continue Reading

• A comprehensive guide to SIEM products

  Expert Karen Scarfone examines security information and event management systems and explains why SIEM systems and SIEM products are crucial for enterprise security.Continue Reading

• Endgame's Devon Kerr on what it takes to be a threat hunter

  Threat hunting goes beyond mere monitoring and detection. Endgame's Devon Kerr explains tomorrow's threat hunters and the keys to successful cyberthreat hunting.Continue Reading

• Fine-tuning incident response automation for optimal results

  Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more.Continue Reading

• Certified Cloud Security Professional (CCSP)

  The Certified Cloud Security Professional (CCSP) certification is intended for experienced IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of...Continue Reading

• federated identity management

  Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.Continue Reading

• next-generation firewall (NGFW)

  A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the ...Continue Reading

• Know your enemy: Understanding insider attacks

  Insider attacks are a significant threat to enterprises. Expert Ernie Hayden provides an introduction to insider threats and how organizations can protect themselves.Continue Reading

• AI and machine learning in network security advance detection

  Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.Continue Reading

• Insider threat report tracks annual cost of theft, carelessness

  The Ponemon Institute study "2018 Cost of Insider Threats" examines the cost to companies victimized by material insider threat incidents during the past 12 months.Continue Reading

• IPsec (Internet Protocol Security)

  IPsec, also known as the Internet Protocol Security or IP Security protocol, defines the architecture for security services for IP network traffic.Continue Reading

• McAfee CISO explains why diversity in cybersecurity matters

  Improving diversity in cybersecurity teams can help improve their ability to address cybersecurity challenges through diversity of thought, suggests McAfee CISO Grant Bourzikas.Continue Reading

• authentication

  Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.Continue Reading

• email virus

  An email virus consists of malicious code that is distributed in email messages, and it can be activated when a user clicks on a link in an email message, opens an email attachment or interacts in some other way with the infected email message.Continue Reading

• claims-based identity

  Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.Continue Reading

• social engineering

  Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or...Continue Reading

• How security operations centers work to benefit enterprises

  One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve.Continue Reading

• How to best secure DNS? There's more than one approach

  Few aspects of the internet are as crucial as the domain name system. It may be that a 'passive' approach to DNS security is the most effective approach.Continue Reading

• Protecting the DNS protocol: How DNSSEC can help

  Securing the DNS protocol is no joke. Learn what the DNS Security Extensions are and the efforts the United States government is taking to push DNSSEC adoption.Continue Reading

• Ways to solve DNS security issues in your organization

  Get up to speed fast on means and methods for reducing or eliminating security-related issues in DNS, an integral service upon which the internet depends.Continue Reading

• How the BloodHound tool can improve Active Directory security

  Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help.Continue Reading

• evil maid attack

  An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.  An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's...Continue Reading

• What is included in the mPOS security standard from PCI SSC?

  The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.Continue Reading

• Common Body of Knowledge (CBK)

  In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.Continue Reading

• Metamorphic virus

  A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.Continue Reading

• Self-sovereign identity: How will regulations affect it?

  Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain.Continue Reading

• Cybersecurity defense in depth means more than ticking boxes

  F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks.Continue Reading

• How to do risk management in cybersecurity using ERM

  Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk.Continue Reading

• Cyber-risk strategies and models for a post-perimeter age

  Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets?Continue Reading

• cyberextortion

  Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading

• National Security Agency (NSA)

  The National Security Agency is the official U.S. cryptologic organization of the United States Intelligence Community under the Department of Defense.Continue Reading

• unified threat management (UTM)

  A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading

• Becoming a cybersecurity professional: What are the options?

  A cybersecurity professional has several options for their career path. Expert Ernie Hayden reviews the cybersecurity career track options and what skills are required for each one.Continue Reading

• How the Mirai botnet changed IoT security and DDoS defense

  It seemed that no IoT device was safe from the Mirai botnet when it took down major enterprises and internet infrastructure providers with massive DDoS attacks.Continue Reading

• Software security training: Perspectives on best practices

  Software development training with an emphasis on secure coding can improve enterprise security postures. Steve Lipner of SafeCode discusses different ways to get the job done.Continue Reading

• The time is ripe to implement cybersecurity automation

  Automation is essential to keep up with the speed and potential lethality of threats now. Does automatic feel problematic? Then try to focus on security fundamentals.Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.Continue Reading

• cross-site scripting (XSS)

  Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.Continue Reading

• CISSP Domain 8: Software development security explained

  If you're studying for the CISSP exam, don't miss this special Security School on Domain 8. Review important concepts in software development security and sharpen your skills.Continue Reading

• Domain 8: Security in software development lifecycle quiz

  Understanding the ins and outs of the software development lifecycle is pivotal to passing Domain 8 of the CISSP exam. Are you ready? Find out with this practice quiz.Continue Reading

• FIDO (Fast Identity Online)

  FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization that seeks to standardize authentication at the client and protocol layers.Continue Reading

• CISSP Domain 7: Security operations

  Learn about important cybersecurity techniques and technologies that serve as the foundation of both day-to-day security operations and incident response.Continue Reading

• Get ready for CISSP Domain 7: Cyberattack prevention quiz

  Do you know what it takes to stop bad guys in their tracks? Find out with this practice quiz on cybersecurity methods and tools used to thwart or recover from an attack.Continue Reading

• Network intrusion detection systems ID threats

  Learn how to stop threats before they turn into real danger. Expert Adam Gordon provides a deep dive into tools and technologies that should be in every infosec pro's back pocket.Continue Reading

• Mobile security trends point to unifying policy and tools

  Securing mobile devices in the enterprise to effectively deflect potential breaches now means enterprise mobile management must evolve into unified endpoint management.Continue Reading

• Mobile security issues require a unified approach

  Security gaps in mobile devices can be many and varied, but they must be addressed immediately. Unified endpoint management is the next-gen way to close the gaps.Continue Reading

• Counter mobile device security threats with unified tools

  Attacks on enterprise mobile endpoints are more lethal than ever. To help infosec pros fight back, enterprise mobile management has unified to fortify defenses.Continue Reading

• Cybersecurity roadmap: What's driving CISOs' agendas for 2018

  Omar F. Khawaja, CISO at Highmark Health, has five areas of focus on his cybersecurity roadmap, and technology is not at the top of the list. Instead, he is prioritizing organizational change management and building an effective decision-making ...Continue Reading

• SAML (Security Assertion Markup Language)

  The Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.Continue Reading

• cryptanalysis

  Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them.Continue Reading

• macro virus

  A macro virus is a computer virus written in the same macro language used for software programs, including Microsoft Excel or word processors such as Microsoft Word.Continue Reading

• white hat

  A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.Continue Reading

• Containing ransomware outbreaks now a top infosec priority

  Prepping for and dealing with an outbreak of ransomware is the IT version of the flu shot. Learn how company systems and data from these potentially deadline infections.Continue Reading

• How are middleboxes affecting the TLS 1.3 release date?

  Despite fixing important security problems, the official TLS 1.3 release date keeps getting pushed back, in part due to failures in middlebox implementations.Continue Reading

• Are you next-gen secure? Defense-in-depth security key to IT

  The notion of a defensible security perimeter is outmoded, but that doesn't mean the goal of IT security is unattainable. Laying on defenses is what's needed now.Continue Reading

• Six questions to ask before buying enterprise MDM products

  Mobile device management can be a crucial part of enterprise security. Expert Matt Pascucci presents the key questions to ask when investigating MDM products.Continue Reading

• Understand the basics of mobile device management products

  Implementing MDM products has traditionally been the go-to answer for securing mobile devices, but with the role of mobile devices in the enterprise growing, admins need a more comprehensive security option.Continue Reading

• Stuxnet

  The Stuxnet worm is a rootkit exploit that targets supervisory control and data acquisition (SCADA) systems.Continue Reading

• polymorphic virus

  A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to detect with antimalware programs.Continue Reading

• What is emotional data and what are the related privacy risks?

  SearchSecurity talks with UC Berkeley professor Steven Weber about the concept of emotional data, where it comes from and how it can potentially be used -- and abused.Continue Reading

• antimalware (anti-malware)

  Antimalware (anti-malware) is a type of software program designed to prevent, detect and remove malicious software (malware) on IT systems, as well as individual computing devices.Continue Reading

• A look at the key GDPR requirements and how to meet them

  Meeting the most important GDPR requirements is a great first step to compliance with the new regulation. Expert Steve Weil outlines how to get started on GDPR compliance.Continue Reading

• user behavior analytics (UBA)

  User behavior analytics (UBA) is a process in which security teams use monitoring tools to track, collect and assess the network activities of all individuals accessing those system to detect potentially malicious activity.Continue Reading

• Get great results from authenticated vulnerability scanning

  Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection.Continue Reading

• CISSP Domain 6: The importance of security assessments and testing

  Security assessment and testing should be baked into your regular IT workflows so that you’re able to spot software vulnerabilities before they turn into full-blown attacks.Continue Reading

• Five questions to ask before purchasing NAC products

  Organizations are recognizing the need for network access control systems, but it is important to evaluate and perform research before you invest in enterprise NAC products.Continue Reading

• App design, software validation testing need infosec input

  Security and function don’t have to compete. By working together, information security pros and systems administrators can build better, more secure software.Continue Reading

• Prevent attacks with these security testing techniques

  Software bugs are more than a nuisance. Errors can expose vulnerabilities. Here’s the good news: These security testing tools and techniques can help you avoid them.Continue Reading

• How to manage HTTP response headers for IIS, Nginx and Apache

  HTTP response header configuration files on servers need to be set up properly to secure sensitive data. Expert Judith Myerson outlines how to do this on different types of servers.Continue Reading

• CISSP Domain 5: Cloud identity management and access control

  From cloud identity and access management to physical access control, this study guide will help you review key concepts from Domain 5 of the CISSP exam.Continue Reading

• CISSP Domain 5 quiz: Types of access control systems

  Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more.Continue Reading

• What GDPR privacy requirements mean for U.S. businesses

  Prospects of GDPR enforcement may be sowing fear, uncertainty and doubt. But the policy is also sending a clear message to companies: protect customer privacy, or else.Continue Reading

• Will it last? The marriage between UBA tools and SIEM

  The failure to detect insider threats and a growing need to store and sort through massive amounts of data have drawn attention to user behavior analytics, sometimes called user and entity behavior analytics. According to Gartner, UBA tools deliver ...Continue Reading