Network intrusion detection and prevention (IDS-IPS)

Find the latest information on intrusion prevention systems (IPS) and network intrusion detection systems (IDS), including tools and tactics, how to manage host-based and network-based IDSes, minimizing false positives, and how to use intrusion detection methods and devices.

May 25, 2021 25 May'21
Operational technology is the new low-hanging fruit for hackers

FireEye researchers say exposed and poorly guarded industrial systems are being increasingly compromised by low-skill hackers using entry-level exploit techniques.
August 20, 2019 20 Aug'19
Why is patch management important?

Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.
August 05, 2015 05 Aug'15
Security machine learning methods needed to adapt to evolving threats

Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats.
June 03, 2015 03 Jun'15
Adversaries never sleep: unknown malware downloaded every 34 seconds

In its 2015 Security Report, Check Point Software has found adversaries are exploiting the ease of creating unknown malware to boost the chance of a successful attack, and sandboxing adoption may be the best way to mitigate risk.

Bring yourself up to speed with our introductory content

computer forensics (cyber forensics)

Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Continue Reading
Types of MDR security services: MEDR vs. MNDR vs. MXDR

Organizations considering MDR security services should look into more tightly focused options hitting the market to find the best one for their security program's needs. Continue Reading
unified threat management (UTM)

Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Threat detection and response tools evolve and mature

A variety of threat detection and response tools, such as XDR, are evolving into platforms to help enterprises share information and stay ahead of cybersecurity threats. Continue Reading
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading

Learn to apply best practices and optimize your operations.

How to achieve security observability in complex environments

Security observability is a novel approach to incident detection that goes beyond traditional monitoring. Read on to learn if this emerging strategy is right for your enterprise. Continue Reading
7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
The state of cybersecurity risk: Detection and mitigation

Hackers will always try to creep in, and many will succeed. That's why effective detection and mitigation are essential. How are enterprises faring? Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Host IDS vs. network IDS: Which is better?

Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
How to prevent port scan attacks

The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks. Continue Reading
How to detect and defend against a TCP port 445 exploit and attacks

The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks. Continue Reading