Get started

Get started

Bring yourself up to speed with our introductory content.

• What is the role of CISO in network security?

  The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees. Continue Reading

• Building a security operations center with these features

  Building a security operations center means understanding the key features you need to ensure your network remains protected against threats. Continue Reading

• Do you have the right set of penetration tester skills?

  Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path. Continue Reading

• Comparing Diffie-Hellman vs. RSA key exchange algorithms

  See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown. Continue Reading

• Raise enterprise network visibility, and security rises too

  The need to improve network visibility has bedeviled IT teams for years. Better tools offer hope but there are privacy and ethical concerns that come with responsible use. Continue Reading

• Definitions to Get Started

  • security
  • threat modeling
  • social engineering
  • distributed denial-of-service (DDoS) attack

  • password cracking
  • National Security Agency (NSA)
  • firewall
  • Cryptography quiz questions and answers: Test your smarts

  View All Definitions

• Web application firewall (WAF)

  A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a website or web application.Continue Reading

• spyware

  Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.Continue Reading

• application whitelisting

  Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.Continue Reading

• Test your grasp of AI threats, privacy regulations and more

  Test your grasp of current security topics like AI in cybersecurity and what privacy regulations require. Then receive CPE credit by passing this quiz.Continue Reading

• Enterprises feel the pain of cybersecurity staff shortages

  It's hard enough keeping up with today's threats on a good day. But when your IT organization is spread thin, especially in terms of cybersecurity staff, the challenges mount.Continue Reading

• CompTIA PenTest+ practice test questions to assess your knowledge

  Think you're ready to take the CompTIA PenTest+ certification exam? Test your skill set with some of the sample multiple-choice questions you may be facing.Continue Reading

• 6 different types of hackers, from black hat to red hat

  Black, white and grey hats are familiar to security pros, but as the spectrum evolves to include green, blue and red, things get muddled. Brush up on types of hackers, new and old.Continue Reading

• identity provider

  An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and ...Continue Reading

• What types of cybersecurity insurance coverage are available?

  Cybersecurity insurance coverage could prove invaluable to risk mitigation -- if it's chosen carefully. Find out which type of insurance plan is right for your organization.Continue Reading

• The 3 pillars of a DevSecOps model

  In this excerpt from Chapter 1 of Securing DevOps: Security in the Cloud, author Julien Vehent describes three principles critical to the DevSecOps model.Continue Reading

• The 3 types of DNS servers and how they work

  DNS is a core internet technology, instrumental in mapping human-readable domains into corresponding IP addresses. Learn about the three DNS server types and their roles in the internet.Continue Reading

• Penetration testing vs. red team: What's the difference?

  Is penetration testing the same as red team engagement? There are similarities, but they're not the same. Understand the differences to improve your organization's cyberdefenses.Continue Reading

• IT/OT convergence is necessary, desirable, but not so simple

  A secure IT/OT convergence requires a strategy that takes into account compliance requirements and likely threats and recognizes the critical role of people.Continue Reading

• Create a manageable, secure IT/OT convergence strategy in 3 steps

  An effective IT/OT strategy requires at least three things: an evangelist, an infrastructure reference architecture and a plan to sanely divide operations between IT and OT.Continue Reading

• Cybersecurity frameworks hold key to solid security strategy

  Cybersecurity frameworks take work, but they help organizations clarify their security strategies. If you don't have one, here's what to consider, even for emerging perimeterless security options.Continue Reading

• What's the purpose of CAPTCHA technology and how does it work?

  Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums and blog comment sections.Continue Reading

• Test your infosec smarts about IAM and other key subjects

  Solidify your knowledge and get CPE credits by taking this quiz on IAM, security frameworks, IoT third-party risks and more.Continue Reading

• computer worm

  A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.Continue Reading

• What it takes to be a DevSecOps engineer

  To address security early in the application development process, DevSecOps requires a litany of skills and technology literacy. Learn what it takes to be a DevSecOps engineer.Continue Reading

• How does AttackSurfaceMapper help with attack surface mapping?

  A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement.Continue Reading

• How to navigate the often challenging CISO career path

  There's no clear-cut path to becoming a CISO. However, the right security certifications, an ever-questioning attitude and a strong network of CISO peers can help prepare you for the journey.Continue Reading

• New network traffic analysis tools focus on security

  Companies have used traffic data analytics to improve bandwidth and network performance. Now, though, a new class of tools taps network data to improve security.Continue Reading

• Network traffic analysis tools secure a new, crucial role

  Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security.Continue Reading

• How to build an enterprise penetration testing plan

  Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.Continue Reading

• Wireshark tutorial: How to use Wireshark to sniff network traffic

  Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection.Continue Reading

• How to start building a DevSecOps model

  To help transition to a DevSecOps model to protect enterprises, security teams need to identify key stakeholders, provide examples of specific company security events and work toward creating crossover teams.Continue Reading

• The must-have skills for cybersecurity aren't what you think

  The most critical skills that cybersecurity lacks -- like leadership buy-in, people skills and the ability to communicate -- are not the ones you hear about. That needs to change.Continue Reading

• New tech steers identity and access management evolution

  IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets.Continue Reading

• How to pass the CISSP exam on your first try: Tips to get a good score

  Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.Continue Reading

• Portrait of a CISO: Roles and responsibilities

  Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate.Continue Reading

• How does an island hopping attack work?

  Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them.Continue Reading

• time-based one-time password (TOTP)

  A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to computer systems.Continue Reading

• Building a threat intelligence framework: Here's how

  A robust threat intelligence framework is a critical part of a cybersecurity plan. A top researcher discusses what companies need to know.Continue Reading

• What are the core components of a cybersecurity framework?

  Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know.Continue Reading

• Incident response tools: How, when and why to use them

  The OODA loop can help organizations throughout the entire incident response process by giving them insight into which tools they need to detect and respond to security events.Continue Reading

• Incident response: How to implement a communication plan

  Communication is critical to an effective incident response plan. Here are five best practices an organization can use to gather and share information.Continue Reading

• Top 5 incident response interview questions

  Job interviews are always nerve-wracking. But you can prepare now by honing your responses to the most likely interview questions for an incident response position.Continue Reading

• Strategies to mitigate cybersecurity incidents need holistic plans

  Every organization needs strategies to mitigate cybersecurity incidents, but what areas should the strategies address? Find out what experts suggest to protect the entire organization.Continue Reading

• 5 critical steps to creating an effective incident response plan

  With cyberthreats and security incidents growing by the day, every organization needs a solid plan for mitigating threats. Here's how to create yours.Continue Reading

• How to build an incident response team for your organization

  The time to organize and train an IR team is long before a security incident occurs. Learn the practical steps needed to create an effective, cross-functional team.Continue Reading

• Words to go: Identity and access management security

  IT pros must keep up to date with rapidly changing identity technology and access threats. Help protect IAM security by getting familiar with this list of foundation terms.Continue Reading

• Why user identity management is a security essential

  Who's on your network and accessing your data? IT security teams must be able to answer these questions. A strong identity management strategy will help.Continue Reading

• Biometric authentication terms to know

  Consumers are on board with biometric authentication, but enterprises aren't so sure. Here's a breakdown of the must-know terms for companies considering biometric authentication.Continue Reading

• privilege creep

  Privilege creep is the gradual accumulation of access rights beyond what an individual needs to do his job. In IT, a privilege is an identified right that a particular end user has to a particular system resource, such as a file folder.Continue Reading

• BlueKeep (CVE-2019-0708)

  BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008.Continue Reading

• What is subdomain takeover and why does it matter?

  Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.Continue Reading

• What is MTA-STS and how will it improve email security?

  Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.Continue Reading

• Top 7 IT security frameworks and standards explained

  Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization.Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.Continue Reading

• How to find an MSP to protect you from outsourcing IT risks

  Check out what questions to ask MSPs to make sure they have the right security systems in place to protect your organization against outsourcing IT risks.Continue Reading

• How do buffer overflow attacks work?

  Buffer overflow attacks are simple exploits that can give an attacker control over a program or process. Learn how these attacks work and how to make sure they don't happen to you.Continue Reading

• spear phishing

  Spear phishing is an email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.Continue Reading

• bridge

  A bridge is a class of network device that’s designed to connect networks at OSI Level 2, which is the data link layer of a local-area network (LAN).Continue Reading

• CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

  A CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is a type of challenge-response system designed to differentiate humans from robotic software programs.Continue Reading

• cyberterrorism

  According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by ...Continue Reading

• Why EDR technologies are essential for endpoint protection

  In this post-perimeter era, endpoint detection and response tools can provide essential protection to thwart advanced persistent threats. Learn what EDR offers.Continue Reading

• Endpoint security tools get an essential upgrade

  Malware, APTs and other threats are getting smarter, but so are endpoint detection and response products. Learn what the latest versions can do to keep threats away.Continue Reading

• private key

  A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt code.Continue Reading

• How to perform a building security assessment

  There are four major systems to review in a building security assessment. Learn what they are and how to review their potential cyber and physical risks.Continue Reading

• How to conduct a security risk review on a large building

  Assessors cannot dive into a security risk review of a large building; they have to prepare and strategize ahead of time. Learn how to get ready for this type of security assessment.Continue Reading

• cryptographic nonce

  A nonce is a random or semi-random number that is generated for a specific use, typically related to cryptographic communication or information technology.Continue Reading

• 5 common authentication factors to know

  Multifactor authentication is a security system that requires two or more authentication steps to verify the user's identity. Discover the most important terms related to MFA.Continue Reading

• How to manage application security best practices and risks

  The reality of application security risks requires software developers to be mindful of testing, tools and best practices to improve user experience and information security.Continue Reading

• Take this cybersecurity-challenges quiz and score CPE credit

  Just finished ISM's May 2019 issue? Solidify your knowledge, and get CPE credits too, by passing this 10-question quiz.Continue Reading

• Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.Continue Reading

• Conquering cloud security threats with awareness and tools

  Continue Reading

• key fob

  A key fob is a small, programmable hardware device that provides access to a physical object. Key fobs, are used to provide one-factor authentication for objects such as doors or automobiles. They are also used as an authentication factor for ...Continue Reading

• How to put AI security to work in your organization

  Countering cyberthreats through human effort alone is impossible; you need to add AI and machine learning products to your security program. Here's how to get started.Continue Reading

• checksum

  A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions.Continue Reading

• logic bomb

  A logic bomb, sometimes referred to as slag code, is a string of malicious code used to cause harm to a network when the programmed conditions are met.Continue Reading

• payload (computing)

  In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the military and is often associated with the capacity of executable malicious code  to do damage. Technically, the payload of a ...Continue Reading

• passphrase

  A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a ...Continue Reading

• Mimikatz tutorial: How it hacks Windows passwords, credentials

  In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords.Continue Reading

• Diffie-Hellman key exchange (exponential key exchange)

  Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code ...Continue Reading

• cache poisoning (DNS poisoning, web cache poisoning)

  Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.Continue Reading

• Try this quiz on cybersecurity problems to earn CPE credit

  This quiz tests your understanding of key cybersecurity issues in 2019 covered in the February issue of 'Information Security' magazine. Pass the quiz and earn CPE credit.Continue Reading

• How to comply with the California privacy act

  Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law.Continue Reading

• Three examples of multifactor authentication use cases

  When evaluating the business case for multifactor authentication, an organization must first identify how these three operational scenarios apply to a potential implementation.Continue Reading

• Exploring multifactor authentication benefits and technology

  Take a look at multifactor authentication benefits and methods, as well as how the technologies have evolved from key fobs to smartphones, mobile devices and the cloud.Continue Reading

• How to perform an ICS risk assessment in an industrial facility

  An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.Continue Reading

• Customer identity and access management: Why now and how?

  There's an important distinction between consumers and customers; just as crucial is understanding the difference between customer IAM and traditional IAM.Continue Reading

• brute force attack

  Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than ...Continue Reading

• steganography

  Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it at its destination.Continue Reading

• PCI DSS merchant levels

  Merchant levels are used by the payment card industry (PCI) to determine risk levels and determine the appropriate level of security for their businesses. Specifically, merchant levels determine the amount of assessment and security validation that ...Continue Reading

• sandbox (software testing and security)

  A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system or platform on which they run.Continue Reading

• SSL (Secure Sockets Layer)

  Secure Sockets Layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.Continue Reading

• Certified Information Systems Security Professional (CISSP)

  Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².Continue Reading

• What Moody's cyber-risk ratings mean for enterprises

  Moody's announced it will soon begin composing cyber-risk ratings for enterprises. Kevin McDonald explores the move and what it could mean for enterprises and the infosec industry.Continue Reading

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture.Continue Reading

• RSA algorithm (Rivest-Shamir-Adleman)

  The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it...Continue Reading

• IP Spoofing

  IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.Continue Reading

• Testing email security products: Challenges and methodologies

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products, as well as the challenges it faced to come up with sound methodologies.Continue Reading

• smart card

  A smart card is a physical card that has an embedded integrated chip that acts as a security token.Continue Reading

• cipher

  In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.Continue Reading