Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
The top full disk encryption products on the market today
Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading
How will Android encryption by default affect enterprise BYOD?
Google is beginning to encrypt data by default on its Android devices. Expert Michael Cobb explains how this change will affect enterprise BYOD security. Continue Reading
How does the Melbourne Shuffle prevent data access pattern recognition?
Access pattern recognition in the cloud is becoming an enterprise risk. Expert Michael Cobb explains how the Melbourne Shuffle can improve access pattern security. Continue Reading
-
How to bake security into your Wi-Fi deployment
A Wi-Fi deployment is the preferred method for network access for most enterprises; it’s the InfoSec’s job to make that Wi-Fi secure. Continue Reading
The secrets of proper firewall maintenance and security testing techniques
The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks. Continue Reading
How can organizations prepare for a HIPAA audit?
HIPAA audits are finally on the way, and organizations need to be ready. Expert Mike Chapple reveals the best way to prepare your company for a HIPAA audit.Continue Reading
Login credential security: How to defend against tabnapping
Tabnapping can be used to capture user login credentials. Enterprise threats expert Nick Lewis explains how to defend against the risk.Continue Reading
The benefits of open source identity management software
Organizations are often looking to minimize costs without compromising on security. Expert Randall Gamby examines the benefits of open source identity management software.Continue Reading
What are the secrets to SIEM deployment success?
Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation.Continue Reading
Beyond PCI: Out-of-band security tips for credit card data protection
Securing credit card data -- both online and at brick-and-mortar stores -- requires security measures beyond those mandated by PCI DSS. Expert Philip Alexander outlines six out-of-band security controls to consider.Continue Reading
-
Introduction to security analytics tools in the enterprise
Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats.Continue Reading
How should agencies prepare for federal security scanning?
What do agencies need to consider before going through the Department of Homeland Security's network security scanning? Expert Mike Chapple answers.Continue Reading
International Information Systems Security Certification Consortium (ISC)2
The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.Continue Reading
Four questions to ask before buying a Web application firewall
Web application firewalls are complex products. Expert Brad Causey explains the key criteria enterprises need to consider before investing in a WAF product.Continue Reading
Five network security lessons learned from the Sony Pictures hack
Following the Sony Pictures hack, several of the company's network security shortcomings were revealed. Expert Kevin Beaver explains how better network security may have prevented the extent of the breach.Continue Reading
multifactor authentication (MFA)
Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.Continue Reading
What to look for in secure file transfer products
As the prospect of significant breaches grows, the argument for secure file transfer becomes more compelling—but what exactly are you buying?
At its most basic, file transfer technology is simply a mechanism to transport a file from one ...Continue ReadingSix ways to use wireless intrusion prevention systems in the enterprise
Expert George V. Hulme presents six real-world use cases for the deployment of WIPS to beef up wireless network security in the enterprise.Continue Reading
single-factor authentication (SFA)
Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.Continue Reading
Can Vawtrak malware block enterprise security software?
Emerging malware, like the Vawtrak banking malware, has the ability to block enterprise antimalware measures. Expert Nick Lewis explains how to mitigate the risk.Continue Reading
Intrusion detection project design and rollout
Evaluating intrusion detection technology requires an understanding of its capabilities. Get help with getting started on an intrusion system program design and uncover technical considerations your enterprise needs to know.Continue Reading
Introduction to intrusion detection and prevention technologies
Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important.Continue Reading
Emotet: How can traffic-sniffing banking malware be thwarted?
A new variety of banking malware can sniff traffic from APIs. Enterprise threats expert Nick Lewis outlines how to mitigate the risk.Continue Reading
Types of intrusion detection products: Suite vs. best-of-breed
When evaluating types of intrusion detection products, it is important to distinguish whether a best-of-breed or suite-based product is the right match for your enterprise. Expert Bill Hayes offers guidance to help you decide.Continue Reading
Evaluating intrusion detection and prevention systems and vendors
Protecting the corporate network from intruders is a difficult task. Learn how intrusion systems help prevent, identify and minimize the effects of a breach.Continue Reading
Oracle Critical Patch Update (Oracle CPU)
The Oracle Critical Patch Update (CPU) is an ongoing series of regularly issued fixes for security flaws in products made by or maintained by software giant Oracle Corp.Continue Reading
Business-use scenarios for a Web application firewall deployment
Web application firewalls can be a critical security layer for many companies. Expert Brad Causey explains when and how to deploy a WAF in the enterprise.Continue Reading
How can jailbroken devices be detected within the enterprise?
Jailbroken devices pose significant enterprise risks in BYOD environments. Security expert Michael Cobb discusses how to detect and mitigate the risks of jailbroken BYODs.Continue Reading
knowledge-based authentication (KBA)
In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.Continue Reading
Why is the Certified Ethical Hacker certification suddenly popular?
The Certified Ethical Hacker certification gained in popularity recently. Expert Joseph Granneman explains the CEH and why it's relevant again.Continue Reading
pass the hash attack
A pass the hash attack is an NT LAN Manager (NTLM)-based technique in which an attacker steals a hashed user credential and, without cracking it, reuses it to trick a Windows-based authentication system into creating a new authenticated session on ...Continue Reading
Getting to know the new GIAC certification: GCCC
The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why.Continue Reading
How to evaluate IPv6 network security with SI6 Networks IPv6 Toolkit
Some security pros underestimate the importance of IPv6 network security assessment tools. Expert Fernando Gont offers an illustrated guide on how to use SI6 Networks' free IPv6 toolkit.Continue Reading
Defend against APTs with big data security analytics
Without a trace: Cybersecurity incident response teams must follow the thread of security events through volumes of log data from increasingly diverse sources.Continue Reading
Mini risk assessments: Simplifying protection of critical assets
Expert Eric Cole explains how his simplified, risk-based approach to security will help enterprises better identify -- and prevent -- the most dangerous threats.Continue Reading
What's the best way to find enterprise compliance tools?
Looking for compliance tools? Expert Mike Chapple explains why the best place to start the search is within your own information security infrastructure.Continue Reading
Understanding endpoint security products, features and vendors
Securing a plethora of enterprise endpoints is challenging. This guide will help you evaluate endpoint security capabilities, products and vendors.Continue Reading
How to increase the importance of information security in enterprises
Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.Continue Reading
What is endpoint security? What benefits does it offer?
The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.Continue Reading
Endpoint protection software features and functionality
Learn about the different capabilities endpoint protection software often includes and the security benefits each of these capabilities have to offer.Continue Reading
Detecting backdoors: The Apple backdoor that never was?
The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.Continue Reading
A first look at Windows 10 security features
In a preview of Windows 10 security features, expert Michael Cobb discusses three improvements that will boost enterprise security.Continue Reading
single-factor token
A single-factor token is a small hardware device that produces one confirming credential for user authentication; the devices may be used in conjunction with other types of credentials for multifactor authentication.Continue Reading
multifactor token
Multifactor tokens are security tokens that use more than one category of credential to confirm user authentication. The standard categories of authentication credentials are knowledge factors things that the user knows) inherence factors (things ...Continue Reading
mobile authentication
Mobile authentication is the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access.Continue Reading
shared secret
A shared secret is data known to only the two entities involved in a communication so that either party's possession of that data can be provided as proof of identity for authentication.Continue Reading
grid authentication
Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of ...Continue Reading
soft token
A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display.Continue Reading
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password. Out-of-band authentication is often used in financial ...Continue Reading
inherence factor
The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.Continue Reading
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...Continue Reading
knowledge factor
The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.Continue Reading
user authentication
User authentication is the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity; the term contrasts with machine authentication, which involves automated processes that do not require ...Continue Reading
Can OAuth 2.0 strengthen authentication?
Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own identity.Continue Reading
Social Engineering Penetration Testing
In this excerpt of Social Engineering Penetration Testing, the authors outline what phishing attacks are and outline how these attacks work using multiple real-world examples.Continue Reading
Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology
In this excerpt of Python Forensics, author Chet Hosmer offers some ground rules for using the Python programming language in forensic applications.Continue Reading
How can forged certificates from trusted vendors be stopped?
Unauthorized certificates from trusted vendors have become a big Internet security concern. Expert Michael Cobb discusses how to stay protected against this threat.Continue Reading
four-factor authentication (4FA)
Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.Continue Reading
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledge, possession and inherence categories.Continue Reading
one-time password token (OTP token)
A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.Continue Reading
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is. Biometric authentication systems compare a biometric data capture to stored, confirmed ...Continue Reading
Finding an enterprise SIEM: What problems are you trying to solve?
Purchasing a SIEM system isn't as easy as picking a product off of the shelf. Expert Adrian Lane explains how your enterprise can figure out exactly what it needs from a SIEM, making the evaluating process a lot simpler.Continue Reading
Google Authenticator
Google Authenticator is a security application used to verify user identities before granting access to websites and services. The application uses a two-step verification process involving two-factor authentication to make it less likely that an ...Continue Reading
two-step verification
Two-step verification requires the sequential use of two authentication methods to verify that someone or something is who or what they are declared to be. In contrast with two-factor authentication processes, the methods in two-step verification ...Continue Reading
Duo Security
Duo Security is a vendor of cloud-based two-factor authentication products.Continue Reading
Shellshock
Shellshock is the common name for a coding vulnerability found in the Bash shell user interface that affects Unix-based operating systems, including Linux and Mac OS X, and allows attackers to remotely gain complete control of a system.Continue Reading
Understanding security flaws in IPv6 addressing schemes
Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.Continue Reading
authentication factor
An authentication factor is a category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are ...Continue Reading
Pretty Good Privacy (PGP)
Pretty Good Privacy or PGP is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.Continue Reading
Data Encryption Standard (DES)
The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.Continue Reading
The fundamentals of FDE: Full disk encryption in the enterprise
Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer.Continue Reading
2014 Information Security Readers' Choice Winners
The votes are tallied. The readers have spoken. Information Security is honoring readers’ picks for the best security hardware, appliances and services in our ninth-annual Readers’ Choice Awards.Continue Reading
Inside DLP: Full-suite products, DLP lite, content analysis
Data loss prevention (DLP) can be a confusing technology. Security expert Rich Mogull discusses the difference between DLP and DLP lite, as well as the ins and outs of content analysis.Continue Reading
The three stages of the ISO 31000 risk management process
The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.Continue Reading
An intro to automated penetration testing
In this exploratory article, expert Mike Chapple explains what automated penetration testing is, why it is useful and how to start building an enterprise penetration tester toolkit.Continue Reading
How to take a measured approach to automated penetration testing
Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains.Continue Reading
POODLE (Padding Oracle On Downgraded Legacy Encryption)
POODLE (Padding Oracle On Downgraded Legacy Encryption) is a security flaw that can be exploited to conduct a man-in-the-middle attack that targets Web browser-based communication between clients and servers using Secure Sockets Layer (SSL) 3.0.Continue Reading
SSL certificate (Secure Sockets Layer certificate)
A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser.Continue Reading
CISSP training video: Security Architecture and Design
In this CISSP Essentials Security School video presentation, Shon Harris details the first half of the Security Architecture and Design domain, including system components, system protection, CUP and memory management and more.Continue Reading
CISSP training video: Access control security models
In this CISSP Essentials Security School presentation, Shon Harris discusses the topics of security models, assurance evaluation and certification/accreditation in the Security Architecture and Design domain.Continue Reading
CISSP online training: Security Architecture and Design
Spotlight article: Shon Harris discusses the main topics in the CISSP domain on security architecture and design, highlighting formal architectures, system architectures, security models and system evaluation.Continue Reading
CISSP cryptography training: PKI, digital certificates
In this CISSP Essentials Security School video presentation, Shon Harris discusses two core tenants of the cryptography domain: public key infrastructure and the use of digital certificates.Continue Reading
CISSP training video: Cryptography algorithms and encryption keys
In this CISSP Essentials Security School presentation, Shon Harris explains the basics of the Cryptography domain, including definitions, cryptography algorithms, encryption keys and more.Continue Reading
CISSP cryptography training: Components, protocols and authentication
Spotlight article: Shon Harris outlines the main topics in the CISSP domain on cryptography -- background information, cryptography components, digital authentication, protocols and more.Continue Reading
Continuous monitoring: Start with basic data collection techniques
Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor.Continue Reading
Continuous monitoring demystified
A continuous monitoring program can improve everything from configuration and patch management to event monitoring and incident response.Continue Reading
CISSP training video: Authentication technologies, federated identities
In this CISSP Essentials Security School presentation, Shon Harris discusses the main topics of the Access Control domain, including authentication technologies, identity management systems and federated identity.Continue Reading
CISSP online training: Inside the access control domain
Spotlight article: Shon Harris discusses the main topics covered in the CISSP domain on access control, including authorization, authentication, identity management and more.Continue Reading
Applying insider threat detection during the hiring process
Starting the insider threat detection process when hiring new staff members can put your company ahead of the curve. Expert Joe Granneman explains what to look for to prevent insider threats.Continue Reading
The importance of an IT security governance body
An IT security governance board is a key feature in security budgeting, but who makes up this body? Expert Joseph Granneman outlines the best structure for security governance boards.Continue Reading
CISSP online training: Information security governance, risk management
Spotlight article: Shon Harris offers an in-depth look at the topics covered in the CISSP domain on infosec governance and risk management.Continue Reading
CISSP training video: The AIC triad, ISMS, ISO 27000 series
In this CISSP Essentials Security School presentation, expert Shon Harris discusses three key components of the CISSP Information Security Governance and Risk Management domain: the AIC triad, ISMS and the ISO 27000 series.Continue Reading
Introduction to Information Security: A Strategic-Based Approach
In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.Continue Reading
Security School: Distributed denial-of-service attack defense
Check you're up to speed and ready to protect your organization from the threat of denial of service attacks.Continue Reading
identity governance
Identity governance is the policy-based centralized orchestration of user identity management and access control.Continue Reading
An introduction to the (ISC)2 CISSP security certification exam
Spotlight article: Learn about the (ISC)2 CISSP security exam, the 10 CISSP domains and the exclusive CISSP prep materials offered by Shon Harris and SearchSecurity.Continue Reading
Amazon Fire Phone security features and pitfalls
The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings.Continue Reading
Google's HIPAA-compliant cloud: what you need to know
Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.Continue Reading
TAN (transaction authentication number)
A transaction authentication number (TAN) is a type of single-use password used for an online banking transaction in conjunction with a standard ID and password. TANs are often in a list made by a financial institution and sent to the owner of the ...Continue Reading
OpenAppID
OpenAppID is an application-layer network security plugin for the open source intrusion detection system Snort.Continue Reading