Get started
Bring yourself up to speed with our introductory content.
Productivity apps and messaging security
application whitelisting
Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
What is MTA-STS and how will it improve email security?
Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers. Continue Reading
sandbox (computer security)
A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system or platform on which they run. Continue Reading
-
two-factor authentication (2FA)
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual factor authentication, is a security process in which the user provides two different authentication factors to verify themselves to better protect both the ... Continue Reading
The best email security comes through strategy and tactics
The best email security policy requires a holistic approach of the issue, understanding both the problem's scope and the most likely threats. Continue Reading
How to craft an application security strategy that's airtight
A solid application security strategy today must include varieties like cloud apps and mobile. Learn how to set application security policies and practices that keep hackers out.Continue Reading
Building an application security program: Why education is key
Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs.Continue Reading
Lenovo SHAREit: How does its hardcoded password vulnerability work?
The Lenovo SHAREit file-sharing app has a hardcoded password vulnerability, among other issues. Expert Michael Cobb explains these flaws and how to prevent exploits on them.Continue Reading
CISSP online training: Software Development Security domain
Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.Continue Reading
ERP security: How to defend against SAP vulnerabilities
A recent study revealed more than 95% of SAP systems were exposed to potentially disastrous vulnerabilities. Expert Nick Lewis explains how to mitigate these SAP vulnerabilities and maintain ERP security.Continue Reading
-
PHP security tips to ensure enterprise Web safety
Research shows more than three-quarters of PHP installations run with at least one vulnerability. Learn the steps for ensuring PHP security in the enterprise workplace.Continue Reading
Whitelisting: Filtering for advanced malware prevention
Though it's been maligned in the past, whitelisting can be an effective tactic for filtering advanced malware attacks against enterprise endpoints.Continue Reading
Ranum Q&A with Aaron Turner: Whitelisting is on enterprise blacklist
An early proponent of Microsoft SRP, Aaron Turner says application whitelisting has finally taken hold in consumer app stores.Continue Reading
Security policy for PDF use: How to secure PDF files for the enterprise
PDF files are an integral part of many enterprises' business processes, and, as such, they are a prime target for malicious activity. In this learning guide, learn how to secure your organization's PDFs, prevent attacks against them and decide when ...Continue Reading
zero-day exploit
A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known...(Continued)Continue Reading