Get started
Bring yourself up to speed with our introductory content.
Data Security and Cloud Computing
How does the Android Trojan Triada infect a device's core processes?
The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the effects of this serious threat. Continue Reading
Risk & Repeat: Equation Group hack raises questions for NSA
In this Risk & Repeat podcast, SearchSecurity editors discuss the mystery behind the recent Equation Group hack and the motives and identity of the Shadow Brokers. Continue Reading
What CISOs need to incorporate into cloud service-level agreements
CISOs may be unfamiliar with cloud service-level agreements, but they're still a necessary part of enterprise security. Expert Mike O. Villegas has some tips to build cloud SLAs. Continue Reading
-
Achieving cybersecurity readiness: What enterprises should know
Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
Putting IPv6 vulnerabilities under the microscope
Examining IPv6 vulnerabilities prior to deployment is crucial for enterprises. Expert Judith Myerson explains the risks of older gear, unpatched IPv6 ND flaws and other issues. Continue Reading
Building an application security program: Why education is key
Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs.Continue Reading
Google Play services
The Google Play services app runs in the background on Android devices and gives apps access to core functionalities such as authentication services; it should not be disabled.Continue Reading
DevOps security requires new mindset and tools for visibility, automation
Intuit did it. Etsy did it. Netflix did it. How fast moving companies are integrating security into the agile DevOps cycle for continuous deployment of software and services.Continue Reading
DevSecOps: Security leaves the silos (and badges) behind
Delays, "no" and "redo that work" causes many developers to avoid IT security. With DevOps, proponents aim to make security at scale everybody's problem.Continue Reading
DevOps and security? Here's how
The automation of development and operations processes, known as DevOps, is catching on in project teams and business units across industries. The missing component in many of these high-risk scenarios? Security. To make DevOps and security work ...Continue Reading
-
Automated Security Analysis of Android and iOS Applications
In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.Continue Reading
How infosec professionals can improve their careers through writing
Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it.Continue Reading
How does Locky ransomware use DGA in its attacks?
Locky ransomware has borrowed features from Dridex malware, which focused on attacking banks. Expert Nick Lewis explains Locky's techniques and how to detect it.Continue Reading
Risk & Repeat: Catching the Pokémon GO app permissions flaw
In this Risk & Repeat podcast, SearchSecurity editors try to catch some answers to the controversy around the Pokémon GO app and its permissions flaw.Continue Reading
timing attack
A timing attack looks at how long it takes a system to do something and allows the attacker, through statistical analysis, to learn enough about the system to find the decryption key needed to gain access to it.Continue Reading
Clinton email server probe highlights government security issues
In this Risk & Repeat podcast, SearchSecurity editors discuss the security lessons of the Hillary Clinton email server probe and the state of federal government cybersecurity.Continue Reading
Best practices for an information security assessment
Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading
What social media policy best practices should be followed for healthcare?
It's important for healthcare organizations to have clear social media policy best practices. Expert Mike Chapple explains what needs to be in the policy to stay HIPAA compliant.Continue Reading
Tackle endpoint defense issues to obtain the best endpoint security
The best endpoint security requires more than virus scanning. This guide shows why antivirus is the least of your worries when it comes to endpoint protection.Continue Reading
How to address key SSL security issues and vulnerabilities
As SSL technology evolves and changes, new vulnerabilities begin to cause problems. Expert Rob Shapland explains how security professionals can overcome these SSL security issues.Continue Reading
Lenovo SHAREit: How does its hardcoded password vulnerability work?
The Lenovo SHAREit file-sharing app has a hardcoded password vulnerability, among other issues. Expert Michael Cobb explains these flaws and how to prevent exploits on them.Continue Reading
How can the AirDroid app phone hijacking be prevented?
A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it.Continue Reading
Countering the latest mobile app security threats
Initially, concerns about mobile security were centered around basic controls such as remote wipe. Naturally, though, the focus has shifted to the heart of the mobile enterprise: the app. Mobile app security threats are in their early days, and the ...Continue Reading
CISSP online training: Software Development Security domain
Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.Continue Reading
CISSP online training: Telecommunications and Networking
Spotlight article: Shon Harris explains the main concepts in the CISSP domain on telecommunications and networking, including network protocols, extension technologies and more.Continue Reading
CISO challenges: Addressing cybersecurity blind spots
Every enterprise has cybersecurity blind spots that it fails to recognize and address. Sean Martin explains what they are and how they create more CISO challenges.Continue Reading
The problem with Badlock and branded vulnerability marketing
Branded vulnerability marketing, such as in the case of Badlock, can raise challenges for responsible disclosure. Expert Nick Lewis explains the problems it creates.Continue Reading
What are the benefits of a risk-based framework for security?
Many organizations use a risk-based framework to help manage their cybersecurity program. Expert Mike O. Villegas discusses the development and benefits of current frameworks.Continue Reading
How do chief data officers affect the role of the CISO?
Chief data officers are becoming more common in enterprises, but how does the presence of this c-level affect the CISO's role? Expert Mike O. Villegas discusses.Continue Reading
DOS (Disk Operating System)
DOS (Disk Operating System) can refer to a computer operating system that is loaded from a disk drive or to an operating system based on Microsoft Disk Operating System (MS-DOS).Continue Reading
Check Point Next Generation Firewall: Product overview
Check Point Next Generation Firewall family combines firewalls with unified threat management technology, VPNs and more. Expert Mike O. Villegas takes a closer look.Continue Reading
Cisco ASA with FirePOWER: NGFW product overview
Cisco combined the ASA series firewall with SourceFire's FirePOWER threat and malware detection capabilities. Expert Mike O. Villegas takes a closer look at this NGFW.Continue Reading
How to find the best next-generation firewall
Next-generation firewalls are integrated, hardware- or software-based, network security tools designed to detect and block sophisticated attacks. The NGFWs available on the market today can vary significantly from one another in many ways, including...Continue Reading
Mass HIway: What are the security risks for healthcare programs?
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you need to know.Continue Reading
Does the Icera modem vulnerability in Blackphones affect other devices?
A vulnerability was found in the Blackphone's Icera modem. Expert Michael Cobb explains how attackers could hijack the device, and if this would occur in other mobile devices.Continue Reading
What does a security awareness training program need to include?
An effective security awareness training program can make a significant difference in enterprises security. Expert Mike O. Villegas discusses what makes a good program.Continue Reading
The best email encryption products: A comprehensive buyer's guide
Email encryption is a critical component of enterprise security. In this buyer's guide, expert Karen Scarfone breaks down what you need to know to find the best email encryption software for your organization.Continue Reading
What do CISO training programs cover and are they worth it?
CISO training programs, like the Deloitte CISO Transition Lab, are available for those who are new to the role. Expert Mike O. Villegas explains what's covered in these programs.Continue Reading
IAM strategy: Update to work with new technologies
Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.Continue Reading
How does Rekoobe Linux malware spread and avoid detection?
A hard to detect type of Linux malware, Rekoobe, can download files to user systems. Expert Nick Lewis explains the malware's key functionality and how to mitigate attacks.Continue Reading
Update your IAM strategy for integration with new technology
Revise your enterprise's IAM strategy for better integration with emerging technologies, such as cloud services and software-defined everything. Expert Johna Till Johnson explains.Continue Reading
How does SlemBunk collect Android user credentials?
An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.Continue Reading
How to get started securing IoT in the enterprise
This Security School examines how security professionals can commence securing IoT in the enterprise even as the number of connected devices proliferates.Continue Reading
Certificate Revocation List (CRL)
A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid ...Continue Reading
How can common mobile application security risks be reduced?
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can do to reduce them.Continue Reading
How IAM can address unstructured content security risks
The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.Continue Reading
ModPOS: How can enterprises defend against POS malware?
ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and what can be done to stop it.Continue Reading
Breaking down the DROWN attack and SSLv2 vulnerability
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take.Continue Reading
PCI DSS 3.2 marks the end of an era, not of the standard
Does PCI DSS 3.2 mark the end of major updates to payment security compliance standards? Expert Mike Chapple discusses the update and what it means for organizations.Continue Reading
Voltage SecureMail encryption tool: Product overview
Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise.Continue Reading
Trend Micro Email Encryption: Product overview
Expert contributor Karen Scarfone examines Trend Micro's suite of email encryption software products for securing email messages in the enterprise.Continue Reading
Machine learning applications: Mitigating the risks
Machine learning applications are beneficial to enterprises, but there are also several risks involved. Expert Judith Myerson explains five ways to combat them.Continue Reading
Managing Online Risk
In this excerpt of Managing Online Risk, author Deborah Gonzalez outlines the main steps of a risk management model.Continue Reading
Information Governance and Security: Protecting and Managing Your Company's Proprietary
In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business.Continue Reading
Integrated Security Systems Design
In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design ...Continue Reading
What are the best risk assessment frameworks?
A recent survey indicated an increased use of risk assessment frameworks among enterprises. Here's why it's important to choose the right framework for your organization.Continue Reading
Designing and Building Security Operations center
In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security.Continue Reading
Is information security gap analysis important for HIPAA compliance?
Security gap analysis is a strong, reliable technique for enterprises looking to assure HIPAA compliance. Expert Mike Chapple explains how to perform the analysis.Continue Reading
How to buy the best antimalware tools to protect endpoints
Malware writers are becoming more sophisticated, increasing the threats to data privacy and security. To counter the growing risks of unauthorized access to proprietary or confidential information, the very best antimalware tools are essential.
How to achieve secure file sync and share
Enterprise file synchronization and sharing, also known as corporate sync and share, or even just EFSS, lets users to place their files either ...Continue Reading
A secure sync-and-share tool can provide powerful file protection
A secure sync-and-share tool can keep sensitive files safe -- if the tool itself properly deployed and managed. Learn how in the expert tip.Continue Reading
Q&A: Rethink compensating controls, says Warner Bros. CISO
It is not hard to make the shift from independent controls for defense in depth to interlocking strategies, Ron Dilley tells Marcus Ranum, but careful planning is required.Continue Reading
Wi-Fi Sense
Windows Wi-Fi Sense allows Windows 10 users to get Internet access from public hotspots and private wireless local area networks (WLANs) that have been shared by friends. Although Wi-Fi Sense is enabled by default in all editions of Windows 10, the ...Continue Reading
How should CISOs present a security assessment report?
CISOs regularly have to present a security assessment report to the board of directors. Expert Mike O. Villegas has some tips to make it more engaging.Continue Reading
The enterprise potential of behavioral biometrics
Biometric authentication has quickly evolved to include behavioral identifiers. Expert Michael Cobb explores the benefits of behavioral biometric technology for enterprises.Continue Reading
How to buy multifactor authentication tools
Multifactor authentication (MFA) is a security technology that takes something that end users possess, such as a security token ...Continue Reading
Network perimeter security in a perimeterless world
The old enterprise network perimeter is becoming perimeterless. Here’s how to revamp old network perimeter security strategies to cope with the new reality.Continue Reading
What happens if you ignore information security compliance?
If an enterprise decides to ignore its information security compliance obligations, what happens? Expert Mike Chapple explains what willful noncompliance means.Continue Reading
Introduction to big data security analytics in the enterprise
Expert Dan Sullivan explains what big data security analytics is and how these tools are applied to security monitoring to enable broader and more in-depth event analysis for better enterprise protection.Continue Reading
network behavior anomaly detection (NBAD)
Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.Continue Reading
Supply chain security: Controlling third-party risks
Third-party contractors and business partners can create risks for enterprises. Expert Eric Cole offers guidance on improving supply chain security and controlling third-party risks.Continue Reading
How should enterprises start the vendor management process?
The security vendor management process can be tricky, especially at the beginning when deciding what to buy and from whom. Expert Mike O. Villegas has some advice.Continue Reading
Three steps to prevent and mitigate router security issues
Numerous router security threats have made the news, threatening the integrity of enterprise data. Expert Kevin Beaver offers three steps for maintaining router safety.Continue Reading
What are enterprise social media best practices for CISOs?
CISOs need to follow certain enterprise social media best practices if they want to safely maintain public profiles. Expert Mike O. Villegas has ten best practices for social media.Continue Reading
What should CISOs include in security reports?
Security reports are a good way for CISOs to communicate with the board of directors. Here are specific topics that should be included in the reporting.Continue Reading
Indicators of Compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.Continue Reading
bimodal IAM (bimodal identity access management)
Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.Continue Reading
Can opportunistic encryption improve browser security?
Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security.Continue Reading
What does the CASP certification update include?
CompTIA released updates to the CASP certification. Expert Mike O. Villegas reviews the changes and discusses whether they add value to the certification.Continue Reading
Is data center cleaning a compliance requirement?
Data center cleaning may not be mandated, but it's still a good idea to do. Some best practices include using HEPA technology and specific cleaning products.Continue Reading
HIPAA and HITECH compliance: Who should perform assessments?
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance.Continue Reading
Comparing the best data loss prevention products
Expert Bill Hayes examines the strengths and weaknesses of top-rated data loss prevention (DLP) products to help enterprises make the right purchasing decision.Continue Reading
Building an Information Security Awareness Program
In this excerpt of Building an Information Security Awareness Program, authors Bill Gardner and Valerie Thomas discuss why lecturing is an ineffective method of security awareness programs and offer alternative measures enterprises should consider.Continue Reading
How can security leaders create a positive work environment?
It's the responsibility of security leaders to create a positive work environment for security teams, which can be tough to do in such a demanding field. Here's how.Continue Reading
How is the NIST Cybersecurity Framework being received?
The NIST Cybersecurity Framework gets mixed reviews, but it could be a good starting point for organizations looking to better manage cybersecurity.Continue Reading
How will the Cybersecurity Information Sharing Act affect enterprises?
The Cybersecurity Information Sharing Act has ruffled some feathers in the security industry. What is the CISA and what is the debate around it?Continue Reading
STIX (Structured Threat Information eXpression)
STIX (Structured Threat Information eXpression) is an XML programming language that allows cybersecurity threat data to be shared.Continue Reading
Comparing the best Web application firewalls in the industry
Expert Brad Causey compares the best Web application firewalls on the market across three types of product types: cloud, integrated and appliance.Continue Reading
How can a compliance management plan help enterprises avoid fatigue?
Complex compliance mandates can lead to compliance fatigue. Expert Mike Chapple explains how to develop an effective compliance management plan.Continue Reading
Is a DNSSEC implementation an enterprise necessity?
While there are numerous security benefits to a DNSSEC implementation, there are drawbacks as well. Expert Kevin Beaver explains.Continue Reading
Improve corporate data protection with foresight, action
Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack.Continue Reading
Learn from the past: Ensure a secure future of information security
To ensure the future of information security, enterprises must learn from the past, launch proper training and install the right technologies.Continue Reading
Trading Microsoft Patch Tuesday in for Windows Update for Business
While the consumer world is going Patch Tuesday-less, Microsoft is evolving its Patch Tuesday into Windows Update for Business for enterprise software. Learn what this change means.Continue Reading
How can geofencing improve an enterprise security strategy?
Geofencing technology creates a virtual fence on employee devices, adding a crucial extra layer of security. But do privacy concerns negate the benefits of this feature? Expert Michael Cobb explains.Continue Reading
CSSLP (certified secure software lifecycle professional)
The CSSLP (certified secure software lifecycle professional) is a certification for security professionals who wish to strengthen and demonstrate their knowledge about application security.Continue Reading
watering hole attack
A watering hole attack targets a specific group of users by infecting websites group members like to visit. The name watering hole attack is inspired by predators in the natural world who lurk near watering holes, looking for opportunities to attack...Continue Reading
Wearables security: Do enterprises need a separate WYOD policy?
Wearable technology is infiltrating the enterprise, much like BYOD has. Expert Michael Cobb discusses the security concerns of wearables and outlines how to create a WYOD policy.Continue Reading
Gula talks Nessus agents and Nessus cloud
Video: SearchSecurity spoke with Tenable co-founder Ron Gula about recent additions to the Nessus feature set, including a version that lives in the cloud.Continue Reading
Choosing a threat intelligence platform: What enterprises should know
Video: Threat intelligence tools are a growing market and enterprises need to be able to see through the hype to get the best product for them.Continue Reading
What happens if the Data Accountability and Trust Act becomes a law?
The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.Continue Reading