Manage

Manage

Learn to apply best practices and optimize your operations.

• How to mitigate the Efail flaws in OpenPGP and S/MIME

  Efail exploits vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext in encrypted emails. Learn more about the Efail vulnerabilities from expert Michael Cobb. Continue Reading

• Skygofree Trojan: What makes this spyware unique?

  Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user information and app data. Continue Reading

• Ransomware recovery: How can enterprises operate post-attack?

  A report detailed how Maersk recovered its infrastructure from a NotPetya ransomware attack along with its chosen recovery option. Expert Nick Lewis explains how it worked. Continue Reading

• Incident response frameworks for enterprise security teams

  After a security breach, incident response practices become crucial to minimize and contain the damage. Learn about incident response frameworks with guest David Geer. Continue Reading

• 10 unified access management questions for OneLogin CSO Justin Calmus

  Enterprise security veteran Justin Calmus, who describes himself as an avid hacker, joined OneLogin as the CSO earlier this year. After last year's breach, who would want this job? Continue Reading

• Okiru malware: How does this Mirai malware variant work?

  A Mirai variant has the ability to put billions of devices at risk of becoming part of a botnet. Discover how this works and what devices are at risk with expert Nick Lewis.Continue Reading

• How criticality analysis benefits from an entropy engineer

  NIST published 'Criticality Analysis Process Model: Prioritizing Systems and Components' to guide organizations when prioritizing systems. Discover the key processes with Judith Myerson.Continue Reading

• How do SDKs for ad networks cause data leaks?

  SDKs made user data susceptible to security vulnerabilities in mobile apps. Expert Michael Cobb explains how this security vulnerability put user data at risk.Continue Reading

• What to do when IPv4 and IPv6 policies disagree

  Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules.Continue Reading

• Security data scientists on how to make your data useful

  Data science and machine learning can reveal valuable security information that would otherwise remain hidden in large data sets. Security data scientists can be hard to find and may be out of reach for most organizations. Even without these skill ...Continue Reading

• Tom Van Vleck on the Multics operating system, security decisions

  Time-sharing systems got a lot right from a security standpoint. "We aimed toward a completely lights-out, 'no chance for mistakes' interface," says the security researcher.Continue Reading

• Fannie Mae CISO calls for more data on security incidents

  Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender.Continue Reading

• Not enough information security analysts, despite higher wages

  Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient.Continue Reading

• Overwhelmed by security data? Science to the rescue

  Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives.Continue Reading

• Why third-party access to data may come at a price

  Google and other platform companies dangled not only APIs but access to user data from unwitting customers to attract third-party developers and other partners.Continue Reading