Get started

Get started

Bring yourself up to speed with our introductory content.

• The top full disk encryption products on the market today

  Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading

• How will Android encryption by default affect enterprise BYOD?

  Google is beginning to encrypt data by default on its Android devices. Expert Michael Cobb explains how this change will affect enterprise BYOD security. Continue Reading

• How does the Melbourne Shuffle prevent data access pattern recognition?

  Access pattern recognition in the cloud is becoming an enterprise risk. Expert Michael Cobb explains how the Melbourne Shuffle can improve access pattern security. Continue Reading

• How to bake security into your Wi-Fi deployment

  A Wi-Fi deployment is the preferred method for network access for most enterprises; it’s the InfoSec’s job to make that Wi-Fi secure. Continue Reading

• The secrets of proper firewall maintenance and security testing techniques

  The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks. Continue Reading

• Definitions to Get Started

  • PKI (public key infrastructure)
  • obfuscation
  • dumpster diving
  • cyber hijacking

  • challenge-response authentication
  • antimalware (anti-malware)
  • botnet
  • SOAR (security orchestration, automation and response)

  View All Definitions

• How can organizations prepare for a HIPAA audit?

  HIPAA audits are finally on the way, and organizations need to be ready. Expert Mike Chapple reveals the best way to prepare your company for a HIPAA audit.Continue Reading

• Login credential security: How to defend against tabnapping

  Tabnapping can be used to capture user login credentials. Enterprise threats expert Nick Lewis explains how to defend against the risk.Continue Reading

• The benefits of open source identity management software

  Organizations are often looking to minimize costs without compromising on security. Expert Randall Gamby examines the benefits of open source identity management software.Continue Reading

• What are the secrets to SIEM deployment success?

  Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation.Continue Reading

• Beyond PCI: Out-of-band security tips for credit card data protection

  Securing credit card data -- both online and at brick-and-mortar stores -- requires security measures beyond those mandated by PCI DSS. Expert Philip Alexander outlines six out-of-band security controls to consider.Continue Reading

• Introduction to security analytics tools in the enterprise

  Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats.Continue Reading

• How should agencies prepare for federal security scanning?

  What do agencies need to consider before going through the Department of Homeland Security's network security scanning? Expert Mike Chapple answers.Continue Reading

• International Information Systems Security Certification Consortium (ISC)2

  The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.Continue Reading

• Four questions to ask before buying a Web application firewall

  Web application firewalls are complex products. Expert Brad Causey explains the key criteria enterprises need to consider before investing in a WAF product.Continue Reading

• Five network security lessons learned from the Sony Pictures hack

  Following the Sony Pictures hack, several of the company's network security shortcomings were revealed. Expert Kevin Beaver explains how better network security may have prevented the extent of the breach.Continue Reading

• multifactor authentication (MFA)

  Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.Continue Reading

• What to look for in secure file transfer products

  As the prospect of significant breaches grows, the argument for secure file transfer becomes more compelling—but what exactly are you buying?
  
  At its most basic, file transfer technology is simply a mechanism to transport a file from one ...Continue Reading

• Six ways to use wireless intrusion prevention systems in the enterprise

  Expert George V. Hulme presents six real-world use cases for the deployment of WIPS to beef up wireless network security in the enterprise.Continue Reading

• single-factor authentication (SFA)

  Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.Continue Reading

• Can Vawtrak malware block enterprise security software?

  Emerging malware, like the Vawtrak banking malware, has the ability to block enterprise antimalware measures. Expert Nick Lewis explains how to mitigate the risk.Continue Reading

• Intrusion detection project design and rollout

  Evaluating intrusion detection technology requires an understanding of its capabilities. Get help with getting started on an intrusion system program design and uncover technical considerations your enterprise needs to know.Continue Reading

• Introduction to intrusion detection and prevention technologies

  Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important.Continue Reading

• Emotet: How can traffic-sniffing banking malware be thwarted?

  A new variety of banking malware can sniff traffic from APIs. Enterprise threats expert Nick Lewis outlines how to mitigate the risk.Continue Reading

• Types of intrusion detection products: Suite vs. best-of-breed

  When evaluating types of intrusion detection products, it is important to distinguish whether a best-of-breed or suite-based product is the right match for your enterprise. Expert Bill Hayes offers guidance to help you decide.Continue Reading

• Evaluating intrusion detection and prevention systems and vendors

  Protecting the corporate network from intruders is a difficult task. Learn how intrusion systems help prevent, identify and minimize the effects of a breach.Continue Reading

• Oracle Critical Patch Update (Oracle CPU)

  The Oracle Critical Patch Update (CPU) is an ongoing series of regularly issued fixes for security flaws in products made by or maintained by software giant Oracle Corp.Continue Reading

• Business-use scenarios for a Web application firewall deployment

  Web application firewalls can be a critical security layer for many companies. Expert Brad Causey explains when and how to deploy a WAF in the enterprise.Continue Reading

• How can jailbroken devices be detected within the enterprise?

  Jailbroken devices pose significant enterprise risks in BYOD environments. Security expert Michael Cobb discusses how to detect and mitigate the risks of jailbroken BYODs.Continue Reading

• knowledge-based authentication (KBA)

  In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.Continue Reading

• Why is the Certified Ethical Hacker certification suddenly popular?

  The Certified Ethical Hacker certification gained in popularity recently. Expert Joseph Granneman explains the CEH and why it's relevant again.Continue Reading

• pass the hash attack

  A pass the hash attack is an NT LAN Manager (NTLM)-based technique in which an attacker steals a hashed user credential and, without cracking it, reuses it to trick a Windows-based authentication system into creating a new authenticated session on ...Continue Reading

• Getting to know the new GIAC certification: GCCC

  The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why.Continue Reading

• How to evaluate IPv6 network security with SI6 Networks IPv6 Toolkit

  Some security pros underestimate the importance of IPv6 network security assessment tools. Expert Fernando Gont offers an illustrated guide on how to use SI6 Networks' free IPv6 toolkit.Continue Reading

• Defend against APTs with big data security analytics

  Without a trace: Cybersecurity incident response teams must follow the thread of security events through volumes of log data from increasingly diverse sources.Continue Reading

• Mini risk assessments: Simplifying protection of critical assets

  Expert Eric Cole explains how his simplified, risk-based approach to security will help enterprises better identify -- and prevent -- the most dangerous threats.Continue Reading

• What's the best way to find enterprise compliance tools?

  Looking for compliance tools? Expert Mike Chapple explains why the best place to start the search is within your own information security infrastructure.Continue Reading

• Understanding endpoint security products, features and vendors

  Securing a plethora of enterprise endpoints is challenging. This guide will help you evaluate endpoint security capabilities, products and vendors.Continue Reading

• How to increase the importance of information security in enterprises

  Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.Continue Reading

• What is endpoint security? What benefits does it offer?

  The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.Continue Reading

• Endpoint protection software features and functionality

  Learn about the different capabilities endpoint protection software often includes and the security benefits each of these capabilities have to offer.Continue Reading

• Detecting backdoors: The Apple backdoor that never was?

  The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.Continue Reading

• A first look at Windows 10 security features

  In a preview of Windows 10 security features, expert Michael Cobb discusses three improvements that will boost enterprise security.Continue Reading

• single-factor token

  A single-factor token is a small hardware device that produces one confirming credential for user authentication; the devices may be used in conjunction with other types of credentials for multifactor authentication.Continue Reading

• multifactor token

  Multifactor tokens are security tokens that use more than one category of credential to confirm user authentication. The standard categories of authentication credentials are knowledge factors things that the user knows) inherence factors (things ...Continue Reading

• mobile authentication

  Mobile authentication is the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access.Continue Reading

• shared secret

  A shared secret is data known to only the two entities involved in a communication so that either party's possession of that data can be provided as proof of identity for authentication.Continue Reading

• grid authentication

  Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider. Because the grid consists of ...Continue Reading

• soft token

  A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display.Continue Reading

• out-of-band authentication

  Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password. Out-of-band authentication is often used in financial ...Continue Reading

• inherence factor

  The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.Continue Reading

• possession factor

  The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...Continue Reading

• knowledge factor

  The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.Continue Reading

• user authentication

  User authentication is the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity; the term contrasts with machine authentication, which involves automated processes that do not require ...Continue Reading

• Can OAuth 2.0 strengthen authentication?

  Security expert Michael Cobb explains what Open Authorization or OAuth 2.0 is, its pros and cons, and how it is different from bring your own identity.Continue Reading

• Social Engineering Penetration Testing

  In this excerpt of Social Engineering Penetration Testing, the authors outline what phishing attacks are and outline how these attacks work using multiple real-world examples.Continue Reading

• Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology

  In this excerpt of Python Forensics, author Chet Hosmer offers some ground rules for using the Python programming language in forensic applications.Continue Reading

• How can forged certificates from trusted vendors be stopped?

  Unauthorized certificates from trusted vendors have become a big Internet security concern. Expert Michael Cobb discusses how to stay protected against this threat.Continue Reading

• four-factor authentication (4FA)

  Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.Continue Reading

• three-factor authentication (3FA)

  Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledge, possession and inherence categories.Continue Reading

• one-time password token (OTP token)

  A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.Continue Reading

• biometric authentication

  Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is. Biometric authentication systems compare a biometric data capture to stored, confirmed ...Continue Reading

• Finding an enterprise SIEM: What problems are you trying to solve?

  Purchasing a SIEM system isn't as easy as picking a product off of the shelf. Expert Adrian Lane explains how your enterprise can figure out exactly what it needs from a SIEM, making the evaluating process a lot simpler.Continue Reading

• Google Authenticator

  Google Authenticator is a security application used to verify user identities before granting access to websites and services. The application uses a two-step verification process involving two-factor authentication to make it less likely that an ...Continue Reading

• two-step verification

  Two-step verification requires the sequential use of two authentication methods to verify that someone or something is who or what they are declared to be. In contrast with two-factor authentication processes, the methods in two-step verification ...Continue Reading

• Duo Security

  Duo Security is a vendor of cloud-based two-factor authentication products.Continue Reading

• Shellshock

  Shellshock is the common name for a coding vulnerability found in the Bash shell user interface that affects Unix-based operating systems, including Linux and Mac OS X, and allows attackers to remotely gain complete control of a system.Continue Reading

• Understanding security flaws in IPv6 addressing schemes

  Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.Continue Reading

• authentication factor

  An authentication factor is a category of credential used for identity verification. The three most common categories are often described as something you know (the knowledge factor), something you have (the possession factor) and something you are ...Continue Reading

• Pretty Good Privacy (PGP)

  Pretty Good Privacy or PGP is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.Continue Reading

• Data Encryption Standard (DES)

  The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.Continue Reading

• The fundamentals of FDE: Full disk encryption in the enterprise

  Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer.Continue Reading

• 2014 Information Security Readers' Choice Winners

  The votes are tallied. The readers have spoken. Information Security is honoring readers’ picks for the best security hardware, appliances and services in our ninth-annual Readers’ Choice Awards.Continue Reading

• Inside DLP: Full-suite products, DLP lite, content analysis

  Data loss prevention (DLP) can be a confusing technology. Security expert Rich Mogull discusses the difference between DLP and DLP lite, as well as the ins and outs of content analysis.Continue Reading

• The three stages of the ISO 31000 risk management process

  The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.Continue Reading

• An intro to automated penetration testing

  In this exploratory article, expert Mike Chapple explains what automated penetration testing is, why it is useful and how to start building an enterprise penetration tester toolkit.Continue Reading

• How to take a measured approach to automated penetration testing

  Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains.Continue Reading

• POODLE (Padding Oracle On Downgraded Legacy Encryption)

  POODLE (Padding Oracle On Downgraded Legacy Encryption) is a security flaw that can be exploited to conduct a man-in-the-middle attack that targets Web browser-based communication between clients and servers using Secure Sockets Layer (SSL) 3.0.Continue Reading

• SSL certificate (Secure Sockets Layer certificate)

  A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser.Continue Reading

• CISSP training video: Security Architecture and Design

  In this CISSP Essentials Security School video presentation, Shon Harris details the first half of the Security Architecture and Design domain, including system components, system protection, CUP and memory management and more.Continue Reading

• CISSP training video: Access control security models

  In this CISSP Essentials Security School presentation, Shon Harris discusses the topics of security models, assurance evaluation and certification/accreditation in the Security Architecture and Design domain.Continue Reading

• CISSP online training: Security Architecture and Design

  Spotlight article: Shon Harris discusses the main topics in the CISSP domain on security architecture and design, highlighting formal architectures, system architectures, security models and system evaluation.Continue Reading

• CISSP cryptography training: PKI, digital certificates

  In this CISSP Essentials Security School video presentation, Shon Harris discusses two core tenants of the cryptography domain: public key infrastructure and the use of digital certificates.Continue Reading

• CISSP training video: Cryptography algorithms and encryption keys

  In this CISSP Essentials Security School presentation, Shon Harris explains the basics of the Cryptography domain, including definitions, cryptography algorithms, encryption keys and more.Continue Reading

• CISSP cryptography training: Components, protocols and authentication

  Spotlight article: Shon Harris outlines the main topics in the CISSP domain on cryptography -- background information, cryptography components, digital authentication, protocols and more.Continue Reading

• Continuous monitoring: Start with basic data collection techniques

  Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor.Continue Reading

• Continuous monitoring demystified

  A continuous monitoring program can improve everything from configuration and patch management to event monitoring and incident response.Continue Reading

• CISSP training video: Authentication technologies, federated identities

  In this CISSP Essentials Security School presentation, Shon Harris discusses the main topics of the Access Control domain, including authentication technologies, identity management systems and federated identity.Continue Reading

• CISSP online training: Inside the access control domain

  Spotlight article: Shon Harris discusses the main topics covered in the CISSP domain on access control, including authorization, authentication, identity management and more.Continue Reading

• Applying insider threat detection during the hiring process

  Starting the insider threat detection process when hiring new staff members can put your company ahead of the curve. Expert Joe Granneman explains what to look for to prevent insider threats.Continue Reading

• The importance of an IT security governance body

  An IT security governance board is a key feature in security budgeting, but who makes up this body? Expert Joseph Granneman outlines the best structure for security governance boards.Continue Reading

• CISSP online training: Information security governance, risk management

  Spotlight article: Shon Harris offers an in-depth look at the topics covered in the CISSP domain on infosec governance and risk management.Continue Reading

• CISSP training video: The AIC triad, ISMS, ISO 27000 series

  In this CISSP Essentials Security School presentation, expert Shon Harris discusses three key components of the CISSP Information Security Governance and Risk Management domain: the AIC triad, ISMS and the ISO 27000 series.Continue Reading

• Introduction to Information Security: A Strategic-Based Approach

  In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.Continue Reading

• Security School: Distributed denial-of-service attack defense

  Check you're up to speed and ready to protect your organization from the threat of denial of service attacks.Continue Reading

• identity governance

  Identity governance is the policy-based centralized orchestration of user identity management and access control.Continue Reading

• An introduction to the (ISC)2 CISSP security certification exam

  Spotlight article: Learn about the (ISC)2 CISSP security exam, the 10 CISSP domains and the exclusive CISSP prep materials offered by Shon Harris and SearchSecurity.Continue Reading

• Amazon Fire Phone security features and pitfalls

  The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings.Continue Reading

• Google's HIPAA-compliant cloud: what you need to know

  Before using the HIPAA-compliant cloud services from Google, there are some things companies need to know, according to expert Mike Chapple.Continue Reading

• TAN (transaction authentication number)

  A transaction authentication number (TAN) is a type of single-use password used for an online banking transaction in conjunction with a standard ID and password. TANs are often in a list made by a financial institution and sent to the owner of the ...Continue Reading

• OpenAppID

  OpenAppID is an application-layer network security plugin for the open source intrusion detection system Snort.Continue Reading