Tips

Tips

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.  Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.  Continue Reading

• Zero-day attacks: Addressing the Equation Group vulnerabilities

  Zero-day exploits for network routers and firewalls were released by the Shadow Brokers. Expert Kevin Beaver offers steps for enterprises to address zero-day attacks.  Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.  Continue Reading

• How limiting administrative access can protect your enterprise

  Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice.  Continue Reading

• Protecting the open source Redis tool from ransomware attacks

  Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.  Continue Reading

• How major FDIC cybersecurity issues highlight leadership failures

  A series of major FDIC cybersecurity data breaches has created a chaotic situation and highlights the importance of strong, well-intentioned security leadership in organizations.  Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.  Continue Reading

• Managed security providers: What's new?

  Managed security providers are responding rapidly to the evolving threat environment. Learn how an MSSP enhances corporate security and how to determine which services you need.  Continue Reading

• How identity management systems strengthen cybersecurity readiness

  Identity management is a core component of cybersecurity readiness, but there are many layers and complexities behind it. Expert Peter Sullivan explains the basics of IAM.  Continue Reading

• How to use threat intelligence metrics to attain relevant data

  Threat intelligence services can be valuable, but enterprises must first determine the right threat intelligence metrics. Char Sample explains the best ways to achieve this.  Continue Reading

• Data obfuscation techniques: Best practices and design approaches

  Expert Ajay Kumar revisits the topic of data obfuscation techniques and explores the architectures, approaches and best practices for protecting enterprise data.  Continue Reading

• Automated patching technology: What enterprises should consider

  Enterprises are moving in the direction of using automated patching systems for increased security. Expert Kevin Beaver explains the benefits and drawbacks of such technology.  Continue Reading

• How data obfuscation techniques can help protect enterprises

  Data obfuscation techniques can help enterprises protect corporate information and limit risks of data exposure or leaks. Expert Ajay Kumar explains how these techniques work.  Continue Reading

• Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?

  HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.  Continue Reading