Network intrusion detection and prevention (IDS-IPS)

Find the latest information on intrusion prevention systems (IPS) and network intrusion detection systems (IDS), including tools and tactics, how to manage host-based and network-based IDSes, minimizing false positives, and how to use intrusion detection methods and devices.

May 25, 2021 25 May'21
Operational technology is the new low-hanging fruit for hackers

FireEye researchers say exposed and poorly guarded industrial systems are being increasingly compromised by low-skill hackers using entry-level exploit techniques.
August 20, 2019 20 Aug'19
Why is patch management important?

Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.
August 05, 2015 05 Aug'15
Security machine learning methods needed to adapt to evolving threats

Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats.
June 03, 2015 03 Jun'15
Adversaries never sleep: unknown malware downloaded every 34 seconds

In its 2015 Security Report, Check Point Software has found adversaries are exploiting the ease of creating unknown malware to boost the chance of a successful attack, and sandboxing adoption may be the best way to mitigate risk.

Bring yourself up to speed with our introductory content

deep packet inspection (DPI)

Deep packet inspection (DPI) is an advanced method of examining and managing network traffic. Continue Reading
threat intelligence feed (TI feed)

A threat intelligence feed (TI feed) is an ongoing stream of data related to potential or current threats to an organization's security. Continue Reading
Snort

Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Threat detection and response tools evolve and mature

A variety of threat detection and response tools, such as XDR, are evolving into platforms to help enterprises share information and stay ahead of cybersecurity threats. Continue Reading
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading

Learn to apply best practices and optimize your operations.

How to achieve security observability in complex environments

Security observability is a novel approach to incident detection that goes beyond traditional monitoring. Read on to learn if this emerging strategy is right for your enterprise. Continue Reading
7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
The state of cybersecurity risk: Detection and mitigation

Hackers will always try to creep in, and many will succeed. That's why effective detection and mitigation are essential. How are enterprises faring? Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to defend against TCP port 445 and other SMB exploits

Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
Host IDS vs. network IDS: Which is better?

Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
How to prevent port scan attacks

The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks. Continue Reading