Get started

Data Security and Cloud Computing

• How does the Android Trojan Triada infect a device's core processes?

  The Android Trojan Triada has the ability to replace a device's system functions with its own. Expert Michael Cobb explains how to mitigate the effects of this serious threat. Continue Reading

• Risk & Repeat: Equation Group hack raises questions for NSA

  In this Risk & Repeat podcast, SearchSecurity editors discuss the mystery behind the recent Equation Group hack and the motives and identity of the Shadow Brokers. Continue Reading

• What CISOs need to incorporate into cloud service-level agreements

  CISOs may be unfamiliar with cloud service-level agreements, but they're still a necessary part of enterprise security. Expert Mike O. Villegas has some tips to build cloud SLAs. Continue Reading

• Achieving cybersecurity readiness: What enterprises should know

  Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading

• Putting IPv6 vulnerabilities under the microscope

  Examining IPv6 vulnerabilities prior to deployment is crucial for enterprises. Expert Judith Myerson explains the risks of older gear, unpatched IPv6 ND flaws and other issues. Continue Reading

• Definitions to Get Started

  • backdoor (computing)
  • post-quantum cryptography
  • cybercrime
  • CVSS (Common Vulnerability Scoring System)

  • Dridex malware
  • identity management (ID management)
  • SOAR (Security Orchestration, Automation and Response)
  • Certified Information Systems Auditor (CISA)

  View All Definitions

• Building an application security program: Why education is key

  Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs.Continue Reading

• Google Play services

  The Google Play services app runs in the background on Android devices and gives apps access to core functionalities such as authentication services; it should not be disabled.Continue Reading

• DevOps security requires new mindset and tools for visibility, automation

  Intuit did it. Etsy did it. Netflix did it. How fast moving companies are integrating security into the agile DevOps cycle for continuous deployment of software and services.Continue Reading

• DevSecOps: Security leaves the silos (and badges) behind

  Delays, "no" and "redo that work" causes many developers to avoid IT security. With DevOps, proponents aim to make security at scale everybody's problem.Continue Reading

• DevOps and security? Here's how

  The automation of development and operations processes, known as DevOps, is catching on in project teams and business units across industries. The missing component in many of these high-risk scenarios? Security. To make DevOps and security work ...Continue Reading

• Automated Security Analysis of Android and iOS Applications

  In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.Continue Reading

• How infosec professionals can improve their careers through writing

  Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it.Continue Reading

• How does Locky ransomware use DGA in its attacks?

  Locky ransomware has borrowed features from Dridex malware, which focused on attacking banks. Expert Nick Lewis explains Locky's techniques and how to detect it.Continue Reading

• Risk & Repeat: Catching the Pokémon GO app permissions flaw

  In this Risk & Repeat podcast, SearchSecurity editors try to catch some answers to the controversy around the Pokémon GO app and its permissions flaw.Continue Reading

• timing attack

  A timing attack looks at how long it takes a system to do something and allows the attacker, through statistical analysis, to learn enough about the system to find the decryption key needed to gain access to it.Continue Reading

• Clinton email server probe highlights government security issues

  In this Risk & Repeat podcast, SearchSecurity editors discuss the security lessons of the Hillary Clinton email server probe and the state of federal government cybersecurity.Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading

• What social media policy best practices should be followed for healthcare?

  It's important for healthcare organizations to have clear social media policy best practices. Expert Mike Chapple explains what needs to be in the policy to stay HIPAA compliant.Continue Reading

• Tackle endpoint defense issues to obtain the best endpoint security

  The best endpoint security requires more than virus scanning. This guide shows why antivirus is the least of your worries when it comes to endpoint protection.Continue Reading

• How to address key SSL security issues and vulnerabilities

  As SSL technology evolves and changes, new vulnerabilities begin to cause problems. Expert Rob Shapland explains how security professionals can overcome these SSL security issues.Continue Reading

• Lenovo SHAREit: How does its hardcoded password vulnerability work?

  The Lenovo SHAREit file-sharing app has a hardcoded password vulnerability, among other issues. Expert Michael Cobb explains these flaws and how to prevent exploits on them.Continue Reading

• How can the AirDroid app phone hijacking be prevented?

  A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it.Continue Reading

• Countering the latest mobile app security threats

  Initially, concerns about mobile security were centered around basic controls such as remote wipe. Naturally, though, the focus has shifted to the heart of the mobile enterprise: the app. Mobile app security threats are in their early days, and the ...Continue Reading

• CISSP online training: Software Development Security domain

  Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.Continue Reading

• CISSP online training: Telecommunications and Networking

  Spotlight article: Shon Harris explains the main concepts in the CISSP domain on telecommunications and networking, including network protocols, extension technologies and more.Continue Reading

• CISO challenges: Addressing cybersecurity blind spots

  Every enterprise has cybersecurity blind spots that it fails to recognize and address. Sean Martin explains what they are and how they create more CISO challenges.Continue Reading

• The problem with Badlock and branded vulnerability marketing

  Branded vulnerability marketing, such as in the case of Badlock, can raise challenges for responsible disclosure. Expert Nick Lewis explains the problems it creates.Continue Reading

• What are the benefits of a risk-based framework for security?

  Many organizations use a risk-based framework to help manage their cybersecurity program. Expert Mike O. Villegas discusses the development and benefits of current frameworks.Continue Reading

• How do chief data officers affect the role of the CISO?

  Chief data officers are becoming more common in enterprises, but how does the presence of this c-level affect the CISO's role? Expert Mike O. Villegas discusses.Continue Reading

• DOS (Disk Operating System)

  DOS (Disk Operating System) can refer to a computer operating system that is loaded from a disk drive or to an operating system based on Microsoft Disk Operating System (MS-DOS).Continue Reading

• Check Point Next Generation Firewall: Product overview

  Check Point Next Generation Firewall family combines firewalls with unified threat management technology, VPNs and more. Expert Mike O. Villegas takes a closer look.Continue Reading

• Cisco ASA with FirePOWER: NGFW product overview

  Cisco combined the ASA series firewall with SourceFire's FirePOWER threat and malware detection capabilities. Expert Mike O. Villegas takes a closer look at this NGFW.Continue Reading

• How to find the best next-generation firewall

  Next-generation firewalls are integrated, hardware- or software-based, network security tools designed to detect and block sophisticated attacks. The NGFWs available on the market today can vary significantly from one another in many ways, including...Continue Reading

• Mass HIway: What are the security risks for healthcare programs?

  Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you need to know.Continue Reading

• Does the Icera modem vulnerability in Blackphones affect other devices?

  A vulnerability was found in the Blackphone's Icera modem. Expert Michael Cobb explains how attackers could hijack the device, and if this would occur in other mobile devices.Continue Reading

• What does a security awareness training program need to include?

  An effective security awareness training program can make a significant difference in enterprises security. Expert Mike O. Villegas discusses what makes a good program.Continue Reading

• The best email encryption products: A comprehensive buyer's guide

  Email encryption is a critical component of enterprise security. In this buyer's guide, expert Karen Scarfone breaks down what you need to know to find the best email encryption software for your organization.Continue Reading

• What do CISO training programs cover and are they worth it?

  CISO training programs, like the Deloitte CISO Transition Lab, are available for those who are new to the role. Expert Mike O. Villegas explains what's covered in these programs.Continue Reading

• IAM strategy: Update to work with new technologies

  Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.Continue Reading

• How does Rekoobe Linux malware spread and avoid detection?

  A hard to detect type of Linux malware, Rekoobe, can download files to user systems. Expert Nick Lewis explains the malware's key functionality and how to mitigate attacks.Continue Reading

• Update your IAM strategy for integration with new technology

  Revise your enterprise's IAM strategy for better integration with emerging technologies, such as cloud services and software-defined everything. Expert Johna Till Johnson explains.Continue Reading

• How does SlemBunk collect Android user credentials?

  An Android Trojan called SlemBunk is impersonating banking applications in order to collect user credentials. Expert Nick Lewis explains the security measures to stop this malware.Continue Reading

• How to get started securing IoT in the enterprise

  This Security School examines how security professionals can commence securing IoT in the enterprise even as the number of connected devices proliferates.Continue Reading

• Certificate Revocation List (CRL)

  A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid ...Continue Reading

• How can common mobile application security risks be reduced?

  A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can do to reduce them.Continue Reading

• How IAM can address unstructured content security risks

  The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.Continue Reading

• ModPOS: How can enterprises defend against POS malware?

  ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and what can be done to stop it.Continue Reading

• Breaking down the DROWN attack and SSLv2 vulnerability

  A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take.Continue Reading

• PCI DSS 3.2 marks the end of an era, not of the standard

  Does PCI DSS 3.2 mark the end of major updates to payment security compliance standards? Expert Mike Chapple discusses the update and what it means for organizations.Continue Reading

• Voltage SecureMail encryption tool: Product overview

  Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise.Continue Reading

• Trend Micro Email Encryption: Product overview

  Expert contributor Karen Scarfone examines Trend Micro's suite of email encryption software products for securing email messages in the enterprise.Continue Reading

• Machine learning applications: Mitigating the risks

  Machine learning applications are beneficial to enterprises, but there are also several risks involved. Expert Judith Myerson explains five ways to combat them.Continue Reading

• Managing Online Risk

  In this excerpt of Managing Online Risk, author Deborah Gonzalez outlines the main steps of a risk management model.Continue Reading

• Information Governance and Security: Protecting and Managing Your Company's Proprietary

  In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business.Continue Reading

• Integrated Security Systems Design

  In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design ...Continue Reading

• What are the best risk assessment frameworks?

  A recent survey indicated an increased use of risk assessment frameworks among enterprises. Here's why it's important to choose the right framework for your organization.Continue Reading

• Designing and Building Security Operations center

  In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security.Continue Reading

• Is information security gap analysis important for HIPAA compliance?

  Security gap analysis is a strong, reliable technique for enterprises looking to assure HIPAA compliance. Expert Mike Chapple explains how to perform the analysis.Continue Reading

• How to buy the best antimalware tools to protect endpoints

  Malware writers are becoming more sophisticated, increasing the threats to data privacy and security. To counter the growing risks of unauthorized access to proprietary or confidential information, the very best antimalware tools are essential.

  ...Continue Reading

• How to achieve secure file sync and share

  Enterprise file synchronization and sharing, also known as corporate sync and share, or even just EFSS, lets users to place their files either ...Continue Reading

• A secure sync-and-share tool can provide powerful file protection

  A secure sync-and-share tool can keep sensitive files safe -- if the tool itself properly deployed and managed. Learn how in the expert tip.Continue Reading

• Q&A: Rethink compensating controls, says Warner Bros. CISO

  It is not hard to make the shift from independent controls for defense in depth to interlocking strategies, Ron Dilley tells Marcus Ranum, but careful planning is required.Continue Reading

• Wi-Fi Sense

  Windows Wi-Fi Sense allows Windows 10 users to get Internet access from public hotspots and private wireless local area networks (WLANs) that have been shared by friends. Although Wi-Fi Sense is enabled by default in all editions of Windows 10, the ...Continue Reading

• How should CISOs present a security assessment report?

  CISOs regularly have to present a security assessment report to the board of directors. Expert Mike O. Villegas has some tips to make it more engaging.Continue Reading

• The enterprise potential of behavioral biometrics

  Biometric authentication has quickly evolved to include behavioral identifiers. Expert Michael Cobb explores the benefits of behavioral biometric technology for enterprises.Continue Reading

• How to buy multifactor authentication tools

  Multifactor authentication (MFA) is a security technology that takes something that end users possess, such as a security token ...Continue Reading

• Network perimeter security in a perimeterless world

  The old enterprise network perimeter is becoming perimeterless. Here’s how to revamp old network perimeter security strategies to cope with the new reality.Continue Reading

• What happens if you ignore information security compliance?

  If an enterprise decides to ignore its information security compliance obligations, what happens? Expert Mike Chapple explains what willful noncompliance means.Continue Reading

• Introduction to big data security analytics in the enterprise

  Expert Dan Sullivan explains what big data security analytics is and how these tools are applied to security monitoring to enable broader and more in-depth event analysis for better enterprise protection.Continue Reading

• network behavior anomaly detection (NBAD)

  Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.Continue Reading

• Supply chain security: Controlling third-party risks

  Third-party contractors and business partners can create risks for enterprises. Expert Eric Cole offers guidance on improving supply chain security and controlling third-party risks.Continue Reading

• How should enterprises start the vendor management process?

  The security vendor management process can be tricky, especially at the beginning when deciding what to buy and from whom. Expert Mike O. Villegas has some advice.Continue Reading

• Three steps to prevent and mitigate router security issues

  Numerous router security threats have made the news, threatening the integrity of enterprise data. Expert Kevin Beaver offers three steps for maintaining router safety.Continue Reading

• What are enterprise social media best practices for CISOs?

  CISOs need to follow certain enterprise social media best practices if they want to safely maintain public profiles. Expert Mike O. Villegas has ten best practices for social media.Continue Reading

• What should CISOs include in security reports?

  Security reports are a good way for CISOs to communicate with the board of directors. Here are specific topics that should be included in the reporting.Continue Reading

• Indicators of Compromise (IOC)

  Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.Continue Reading

• bimodal IAM (bimodal identity access management)

  Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.Continue Reading

• Can opportunistic encryption improve browser security?

  Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security.Continue Reading

• What does the CASP certification update include?

  CompTIA released updates to the CASP certification. Expert Mike O. Villegas reviews the changes and discusses whether they add value to the certification.Continue Reading

• Is data center cleaning a compliance requirement?

  Data center cleaning may not be mandated, but it's still a good idea to do. Some best practices include using HEPA technology and specific cleaning products.Continue Reading

• HIPAA and HITECH compliance: Who should perform assessments?

  Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance.Continue Reading

• Comparing the best data loss prevention products

  Expert Bill Hayes examines the strengths and weaknesses of top-rated data loss prevention (DLP) products to help enterprises make the right purchasing decision.Continue Reading

• Building an Information Security Awareness Program

  In this excerpt of Building an Information Security Awareness Program, authors Bill Gardner and Valerie Thomas discuss why lecturing is an ineffective method of security awareness programs and offer alternative measures enterprises should consider.Continue Reading

• How can security leaders create a positive work environment?

  It's the responsibility of security leaders to create a positive work environment for security teams, which can be tough to do in such a demanding field. Here's how.Continue Reading

• How is the NIST Cybersecurity Framework being received?

  The NIST Cybersecurity Framework gets mixed reviews, but it could be a good starting point for organizations looking to better manage cybersecurity.Continue Reading

• How will the Cybersecurity Information Sharing Act affect enterprises?

  The Cybersecurity Information Sharing Act has ruffled some feathers in the security industry. What is the CISA and what is the debate around it?Continue Reading

• STIX (Structured Threat Information eXpression)

  STIX (Structured Threat Information eXpression) is an XML programming language that allows cybersecurity threat data to be shared.Continue Reading

• Comparing the best Web application firewalls in the industry

  Expert Brad Causey compares the best Web application firewalls on the market across three types of product types: cloud, integrated and appliance.Continue Reading

• How can a compliance management plan help enterprises avoid fatigue?

  Complex compliance mandates can lead to compliance fatigue. Expert Mike Chapple explains how to develop an effective compliance management plan.Continue Reading

• Is a DNSSEC implementation an enterprise necessity?

  While there are numerous security benefits to a DNSSEC implementation, there are drawbacks as well. Expert Kevin Beaver explains.Continue Reading

• Improve corporate data protection with foresight, action

  Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack.Continue Reading

• Learn from the past: Ensure a secure future of information security

  To ensure the future of information security, enterprises must learn from the past, launch proper training and install the right technologies.Continue Reading

• Trading Microsoft Patch Tuesday in for Windows Update for Business

  While the consumer world is going Patch Tuesday-less, Microsoft is evolving its Patch Tuesday into Windows Update for Business for enterprise software. Learn what this change means.Continue Reading

• How can geofencing improve an enterprise security strategy?

  Geofencing technology creates a virtual fence on employee devices, adding a crucial extra layer of security. But do privacy concerns negate the benefits of this feature? Expert Michael Cobb explains.Continue Reading

• CSSLP (certified secure software lifecycle professional)

  The CSSLP (certified secure software lifecycle professional) is a certification for security professionals who wish to strengthen and demonstrate their knowledge about application security.Continue Reading

• watering hole attack

  A watering hole attack targets a specific group of users by infecting websites group members like to visit. The name watering hole attack is inspired by predators in the natural world who lurk near watering holes, looking for opportunities to attack...Continue Reading

• Wearables security: Do enterprises need a separate WYOD policy?

  Wearable technology is infiltrating the enterprise, much like BYOD has. Expert Michael Cobb discusses the security concerns of wearables and outlines how to create a WYOD policy.Continue Reading

• Gula talks Nessus agents and Nessus cloud

  Video: SearchSecurity spoke with Tenable co-founder Ron Gula about recent additions to the Nessus feature set, including a version that lives in the cloud.Continue Reading

• Choosing a threat intelligence platform: What enterprises should know

  Video: Threat intelligence tools are a growing market and enterprises need to be able to see through the hype to get the best product for them.Continue Reading

• What happens if the Data Accountability and Trust Act becomes a law?

  The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.Continue Reading