Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Zero-trust model promises increased security, decreased risk

  The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading

• Secure code review tips: How many review rounds are needed?

  Expert Michael Cobb details how to argue for a multistep secure code review process, like Microsoft SDL, and the pros of secure coding practices. Continue Reading

• Imran Awan case shows lax security controls for IT staff

  Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Continue Reading

• What VPN alternatives should enterprises consider using?

  VPN vulnerabilities in products from popular vendors were recently found to enable serious threats. Discover how detrimental these threats are and alternatives to the use of VPNs. Continue Reading

• Emotet Trojan: How to defend against fileless attacks

  An increase in fileless malware, including PowerShell malware, was reported in McAfee Labs' December 2017 Threat Report. Discover how enterprises can defend again fileless attacks. Continue Reading

• Intel AMT flaw: How are corporate endpoints put at risk?

  A recent flaw in Intel's Advanced Management Technology enables hackers to gain access to endpoint devices. Discover how this flaw can be mitigated with expert Judith Myerson.Continue Reading

• When does the clock start for GDPR data breach notification?

  As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope.Continue Reading

• Secure DevOps: Inside the five lifecycle phases

  Secure DevOps and cloud computing are altering the design, build, deployment and operation of online systems. Learn more from Eric Johnson and Frank Kim of the SANS Institute.Continue Reading

• What will GDPR data portability mean for enterprises?

  Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises.Continue Reading

• AIR-Jumper: How can security camera lights transmit data?

  Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis.Continue Reading

• Addressing vulnerable web systems that are often overlooked

  Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws.Continue Reading

• ExpensiveWall malware: How does this SMS attack function?

  A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis.Continue Reading

• How can improper certificate pinning be stopped by the Spinner tool?

  Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool.Continue Reading

• How does a WPAD attack work and how can it be prevented?

  Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how to bolster WPAD security.Continue Reading

• Search engine poisoning: How are poisoned results detected?

  Poisoned search results have spread the Zeus Panda banking Trojan throughout Google. Learn what this means, how search engine poisoning works and what can be done to stop it.Continue Reading