Get started
Bring yourself up to speed with our introductory content.
Data Security and Cloud Computing
email spoofing
Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Continue Reading
information security (infosec)
Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Continue Reading
payload (computing)
In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the military and is often associated with the capacity of executable malicious code to do damage. Technically, the payload of a ... Continue Reading
-
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a ... Continue Reading
Mimikatz tutorial: How it hacks Windows passwords, credentials
In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords. Continue Reading
Web application firewall (WAF)
A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are especially useful to companies that provide products or services over the Internet.Continue Reading
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code ...Continue Reading
cache poisoning (DNS poisoning, web cache poisoning)
Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.Continue Reading
How to comply with the California privacy act
Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law.Continue Reading
SOAR (Security Orchestration, Automation and Response)
SOAR (Security Orchestration, Automation and Response) is a technology stack of compatible software programs that allow an organization to collect data about security threats and alerts from multiple sources and respond to low-level security events ...Continue Reading
-
COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.Continue Reading
Three examples of multifactor authentication use cases
When evaluating the business case for multifactor authentication, an organization must first identify how these three operational scenarios apply to a potential implementation.Continue Reading
Exploring multifactor authentication benefits and technology
Take a look at multifactor authentication benefits and methods, as well as how the technologies have evolved from key fobs to smartphones, mobile devices and the cloud.Continue Reading
How to perform an ICS risk assessment in an industrial facility
An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.Continue Reading
Customer identity and access management: Why now and how?
There's an important distinction between consumers and customers; just as crucial is understanding the difference between customer IAM and traditional IAM.Continue Reading