Manage

Manage

Learn to apply best practices and optimize your operations.

• Can a decentralized open source community properly address security?

  SearchSecurity talks with UC Berkeley Professor Steven Weber about the open source community, the security challenges facing it and the prospect of software liability. Continue Reading

• The five different types of firewalls

  Learn about the similarities and differences between five basic types of firewalls, including packet filtering firewalls, application-level gateways and next-gen firewalls. Continue Reading

• OneLogin data breach: What does the attack mean for SSOs?

  A OneLogin data breach affected all of the company's U.S. customers after threat actors abused an Amazon Web Services API. Discover what this means for customers and SSO companies. Continue Reading

• Say hello to the future of authentication, bye to passwords

  Passwords and tokens are a thing of the past. No way, you say? Our webcast on the likely ways authentication will work in the future may make a believer out of you. Continue Reading

• How can a vulnerability in Ruggedcom switches be mitigated?

  Vulnerabilities in Ruggedcom switches could open the industrial switches and other communication devices up to attacks. Expert Judith Myerson explains how to mitigate the risks. Continue Reading

• How does port swapping work to bypass two-factor authentication?

  With a port swapping attack, hackers can bypass two-factor authentication and control a victim's mobile device. Judith Myerson explains how the attacks work and how to stop them.Continue Reading

• iOS updates: Why are some Apple products behind on updates?

  A study by Zimperium found that more than 23% of iOS devices aren't running the latest software. Matt Pascucci explains how this is possible, even though Apple controls iOS updates.Continue Reading

• What GDPR requirements mean for U.S. companies

  The EU's General Data Protection Regulation legislation goes into effect in May 2018. Don't assume your European business is too insignificant to need to comply.Continue Reading

• John Germain lands the new CISO position at Duck Creek

  Serving the technology needs of the property and casualty insurance industry means keeping a weathered eye on risk profiles, enterprise software and emerging threats.Continue Reading

• User behavior analytics leads the security analytics charge

  Will no longer playing by the rules help companies find insider threats to prevent security attacks? As user and entity behavior analytics gets closer to SIEM tools, enterprises take notice.Continue Reading

• The tug of war between user behavior analysis and SIEM

  Information security technologies embrace user behavior analytics, and the trend is expected to continue. Should CISOs consider a standalone UBA component?Continue Reading

• What's with cybersecurity education? We ask Blaine Burnham

  When he left the NSA, Burnham helped build the security education and research programs at the Georgia Institute of Technology and other universities. What did he learn?Continue Reading

• CISOs take notice as GPS vulnerabilities raise alarms

  GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies.Continue Reading

• Use caution with OAuth 2.0 protocol for enterprise logins

  Many apps are using the OAuth 2.0 protocol for both authentication and authorization, but technically it's only a specification for delegated authorization, not for authentication.Continue Reading

• identity management (ID management)

  Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with ...Continue Reading