Get started

Network threat detection

• security information and event management (SIEM)

  Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. Continue Reading

• 2 components of detection and threat intelligence platforms

  Deploying threat detection and intelligence platforms is one of the smartest ways to protect your organization's valuable assets. Make sure you know how to choose the best tool. Continue Reading

• What is the role of CISO in network security?

  The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees. Continue Reading

• New network traffic analysis tools focus on security

  Companies have used traffic data analytics to improve bandwidth and network performance. Now, though, a new class of tools taps network data to improve security. Continue Reading

• Network traffic analysis tools secure a new, crucial role

  Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security. Continue Reading

• Definitions to Get Started

  • security information and event management (SIEM)
  • information security (infosec)
  • sandbox (computer security)
  • IP Spoofing

  • honeypot (computing)
  • unified threat management (UTM)
  • domain fluxing

  View All Definitions

• How to build an enterprise penetration testing plan

  Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.Continue Reading

• information security (infosec)

  Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.Continue Reading

• sandbox (computer security)

  A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system or platform on which they run.Continue Reading

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture.Continue Reading

• IP Spoofing

  IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.Continue Reading

• honeypot (computing)

  A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.Continue Reading

• SIEM evaluation criteria: Choosing the right SIEM products

  Establishing solid SIEM evaluation criteria and applying them to an organization's business needs goes far when selecting the right SIEM products. Here are the questions to ask.Continue Reading

• SIEM benefits include efficient incident response, compliance

  SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting.Continue Reading

• A comprehensive guide to SIEM products

  Expert Karen Scarfone examines security information and event management systems and explains why SIEM systems and SIEM products are crucial for enterprise security.Continue Reading

• AI and machine learning in network security advance detection

  Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.Continue Reading

• unified threat management (UTM)

  A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading

• Five questions to ask before purchasing NAC products

  Organizations are recognizing the need for network access control systems, but it is important to evaluate and perform research before you invest in enterprise NAC products.Continue Reading

• Crafting a cybersecurity incident response plan, step by step

  'Swift' and 'automatic': key characteristics of effective incident response. But how to get from where your plan is to where it needs to be? This handbook has the answers.Continue Reading

• Make your incident response policy a living document

  Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members.Continue Reading

• How to make a SIEM system comparison before you buy

  The current trend in SIEM systems involves machine learning capabilties. Even so, direct human management is still essential for SIEM to be effective.Continue Reading

• Security analysis principles and techniques for IT pros

  The drive for greater security fuels IT more than ever, but fighting infosec threats depends on locating the right data sets and analyzing them efficiently.Continue Reading

• Tactics for security threat analysis tools and better protection

  Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool.Continue Reading

• What breach detection systems are best for corporate defenses?

  A system breach is inevitable, and BDS products provide a valuable means of detection. But a strategy that blends both defense and offense is the best approach to security.Continue Reading

• How threat intelligence feeds aid organizations' security posture

  This Security School explores how threat intelligence feeds works and discusses the types of vendor services that exist now.Continue Reading

• What are the secrets to SIEM deployment success?

  Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation.Continue Reading

• domain fluxing

  Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.Continue Reading