Manage

Manage

Learn to apply best practices and optimize your operations.

• As compliance evolves, it's time to re-address data classification

  Compliance rules like GDPR and the CCPA require a fresh look at companies' data classification policy, and particularly how it defines its wide variety of unstructured data. Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures. Continue Reading

• Automating incident response with security orchestration

  Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading

• How does BGP hijacking work and what are the risks?

  The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it. Continue Reading

• Understanding the new breed of command-and-control servers

  Command-and-control servers are now using public cloud services, social media and other resources to evade detection. What should enterprises do to combat these threats? Continue Reading

• Top 5 email security issues to address in 2019

  The top five email security issues come from a variety of places, from email phishing to account takeovers. Our security expert recommends being vigilant and poised to take action.Continue Reading

• Weighing the cost of mitigating Spectre variant 2

  Fixes for the Spectre variant 2 vulnerability affect system performance, so some in the tech sector wonder whether they're worth it. Expert Michael Cobb examines that question.Continue Reading

• Is a Mirai botnet variant targeting unpatched enterprises?

  New variants of popular botnets were found targeting IoT devices by Palo Alto Networks' Unit 42. Discover how these variants differ from their sources and what new risks they pose.Continue Reading

• Key steps to put your zero-trust security plan into action

  There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company.Continue Reading

• Why is the N-gram content search key for threat detection?

  Detected malware can now efficiently be tracked due to VirusTotal's enterprise version of its software. Discover what N-gram is and how it can be used with Nick Lewis.Continue Reading

• How did Signal Desktop expose plaintext passwords?

  The Signal Desktop application was found to be making decryption keys available in plaintext. Learn how the SQLite database and plaintext passwords were put at risk.Continue Reading

• How do trusted app stores release and disclose patches?

  A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis.Continue Reading

• How can credential stuffing attacks be detected?

  Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat.Continue Reading

• Why did a Cisco patch for Webex have to be reissued?

  Cisco's Webex Meetings platform had to be re-patched after researchers found the first one was failing. Discover what went wrong with the first patch with Judith Myerson.Continue Reading

• How did Browser Reaper cause browsers to crash?

  A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred.Continue Reading