Network intrusion detection and prevention (IDS-IPS)

Find the latest information on intrusion prevention systems (IPS) and network intrusion detection systems (IDS), including tools and tactics, how to manage host-based and network-based IDSes, minimizing false positives, and how to use intrusion detection methods and devices.

August 20, 2019 20 Aug'19
Why is patch management important?

Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.
August 05, 2015 05 Aug'15
Security machine learning methods needed to adapt to evolving threats

Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats.
June 03, 2015 03 Jun'15
Adversaries never sleep: unknown malware downloaded every 34 seconds

In its 2015 Security Report, Check Point Software has found adversaries are exploiting the ease of creating unknown malware to boost the chance of a successful attack, and sandboxing adoption may be the best way to mitigate risk.
May 21, 2015 21 May'15
Too many false positives, security alerts inundate enterprise, study says

A new study shows enterprises with security analytics are confident in their threat detection capabilities, while those without are overwhelmed by copious false positives and alerts.

Bring yourself up to speed with our introductory content

unified threat management (UTM)

Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks. Continue Reading
SOAR (security orchestration, automation and response)

SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events without human assistance. Continue Reading
How to set up Palo Alto security profiles

Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Threat detection and response tools evolve and mature

A variety of threat detection and response tools, such as XDR, are evolving into platforms to help enterprises share information and stay ahead of cybersecurity threats. Continue Reading
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading

Learn to apply best practices and optimize your operations.

How to achieve security observability in complex environments

Security observability is a novel approach to incident detection that goes beyond traditional monitoring. Read on to learn if this emerging strategy is right for your enterprise. Continue Reading
7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
The state of cybersecurity risk: Detection and mitigation

Hackers will always try to creep in, and many will succeed. That's why effective detection and mitigation are essential. How are enterprises faring? Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Host IDS vs. network IDS: Which is better?

Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
How to prevent port scan attacks

The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks. Continue Reading
How to detect and defend against a TCP port 445 exploit and attacks

The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks. Continue Reading