Get started
Bring yourself up to speed with our introductory content.
Network threat detection
sandbox (computer security)
A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system or platform on which they run. Continue Reading
5 actionable deception-tech steps to take to fight hackers
Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture. Continue Reading
IP Spoofing
IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both. Continue Reading
-
honeypot (computing)
A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems. Continue Reading
SIEM evaluation criteria: Choosing the right SIEM products
Establishing solid SIEM evaluation criteria and applying them to an organization's business needs goes far when selecting the right SIEM products. Here are the questions to ask. Continue Reading
SIEM benefits include efficient incident response, compliance
SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting.Continue Reading
A comprehensive guide to SIEM products
Expert Karen Scarfone examines security information and event management systems and explains why SIEM systems and SIEM products are crucial for enterprise security.Continue Reading
AI and machine learning in network security advance detection
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.Continue Reading
unified threat management (UTM)
A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading
security information and event management (SIEM)
Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of organization’s information technology (IT) security. Continue Reading
-
Five questions to ask before purchasing NAC products
Organizations are recognizing the need for network access control systems, but it is important to evaluate and perform research before you invest in enterprise NAC products.Continue Reading
Crafting a cybersecurity incident response plan, step by step
'Swift' and 'automatic': key characteristics of effective incident response. But how to get from where your plan is to where it needs to be? This handbook has the answers.Continue Reading
Make your incident response policy a living document
Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members.Continue Reading
How to make a SIEM system comparison before you buy
The current trend in SIEM systems involves machine learning capabilties. Even so, direct human management is still essential for SIEM to be effective.Continue Reading
Security analysis principles and techniques for IT pros
The drive for greater security fuels IT more than ever, but fighting infosec threats depends on locating the right data sets and analyzing them efficiently.Continue Reading