Get started

Data Security and Cloud Computing

• McAfee CISO explains why diversity in cybersecurity matters

  Improving diversity in cybersecurity teams can help improve their ability to address cybersecurity challenges through diversity of thought, suggests McAfee CISO Grant Bourzikas. Continue Reading

• SSL VPN (Secure Sockets Layer virtual private network)

  An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol -- or, more often, its successor, the Transport Layer Security (TLS) protocol -- in standard web browsers to provide secure, remote-access VPN capability. Continue Reading

• authentication

  Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be. Continue Reading

• email virus

  An email virus consists of malicious code that is distributed in email messages, and it can be activated when a user clicks on a link in an email message, opens an email attachment or interacts in some other way with the infected email message. Continue Reading

• claims-based identity

  Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions. Continue Reading

• Definitions to Get Started

  • Transport Layer Security (TLS)
  • van Eck phreaking
  • checksum
  • logic bomb

  • malware (malicious software)
  • email spoofing
  • information security (infosec)
  • payload (computing)

  View All Definitions

• cybersecurity

  Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks.Continue Reading

• social engineering

  Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or...Continue Reading

• How security operations centers work to benefit enterprises

  One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve.Continue Reading

• How to best secure DNS? There's more than one approach

  Few aspects of the internet are as crucial as the domain name system. It may be that a 'passive' approach to DNS security is the most effective approach.Continue Reading

• Protecting the DNS protocol: How DNSSEC can help

  Securing the DNS protocol is no joke. Learn what the DNS Security Extensions are and the efforts the United States government is taking to push DNSSEC adoption.Continue Reading

• Ways to solve DNS security issues in your organization

  Get up to speed fast on means and methods for reducing or eliminating security-related issues in DNS, an integral service upon which the internet depends.Continue Reading

• How the BloodHound tool can improve Active Directory security

  Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help.Continue Reading

• evil maid attack

  An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.  An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's...Continue Reading

• What is included in the mPOS security standard from PCI SSC?

  The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.Continue Reading

• Common Body of Knowledge (CBK)

  In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.Continue Reading