Tips

Tips

• Wireshark tutorial: How to use Wireshark to sniff network traffic

  Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection.  Continue Reading

• 5 enterprise patch management best practices

  It might not be the most exciting of responsibilities, but the value of enterprise patch management cannot be denied. Review these best practices to build a smooth patching process.  Continue Reading

• How to start building a DevSecOps model

  To help transition to a DevSecOps model to protect enterprises, security teams need to identify key stakeholders, provide examples of specific company security events and work toward creating crossover teams.  Continue Reading

• SD-WAN security benefits go beyond the obvious

  SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise.  Continue Reading

• 3 ways to shore up third-party risk management programs

  A new Nemertes research study shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams.  Continue Reading

• Which is better: anomaly-based IDS or signature-based IDS?

  Even as vendors improve IDS by incorporating both anomaly-based IDS and signature-based IDS, understanding the difference will aid intrusion protection decisions.  Continue Reading

• The benefits of IAM can far outweigh the costs

  Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network.  Continue Reading

• Office 365 security challenges and how to solve them

  To understand the Office 365 threat landscape, take stock of the application features and programs available based on the organization's license level of the subscription.  Continue Reading

• Boost application security in DevOps with DevSecOps

  Without DevSecOps, application security can end up on the back burner during application development. Learn how DevSecOps can bake security back into the process.  Continue Reading

• How to beef up Office 365 email security features

  Companies looking to fortify their Office 365 email security can assess options from a variety of third-party vendors. Find out which features are the most important.  Continue Reading

• Building the best incident response framework for your enterprise

  Understanding the incident response framework standards and how to build the best framework for your organization is essential to preventing threats and mitigating cyber incidents.  Continue Reading

• How to prevent cybersecurity attacks using this 4-part strategy

  It can be daunting to defend an enterprise against cyberattacks, but these four defensive moves can help fortify and repel whatever comes your way.  Continue Reading

• Strategies to mitigate cybersecurity incidents need holistic plans

  Every organization needs strategies to mitigate cybersecurity incidents, but what areas should the strategies address? Find out what experts suggest to protect the entire organization.  Continue Reading

• How to retool incident response best practices for the digital age

  As companies become more cloud- and mobile-centric, they need to reassess their incident response best practices and automate as much as possible.  Continue Reading

• CERT vs. CSIRT vs. SOC: What's the difference?

  What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization.  Continue Reading

• Incident response: How to implement a communication plan

  Communication is critical to an effective incident response plan. Here are five best practices an organization can use to gather and share information.  Continue Reading

• Where does IMAP security fall short, and how can it be fixed?

  Legacy email protocols like IMAP are prime targets for hackers. Fix IMAP security with better configuration, more encryption and multifactor authentication mandates.  Continue Reading

• IPsec vs. SSL VPN: Comparing speed, security risks and technology

  IPsec VPNs and SSL VPNs both encrypt network data, but they do it differently. Learn about the differences and how to determine the right solution for your organization.  Continue Reading

• What identity governance tools can do for your organization

  Learn how to evaluate available security tools that manage the governance of your users' identity and access to company systems and data.  Continue Reading

• 4 steps to critical infrastructure protection readiness

  Government and private industry share responsibility for critical infrastructure and key resources protection. Follow four steps to understand and know who you're gonna call to protect CIKR.  Continue Reading

• The case for continuous security monitoring

  When done correctly, continuous security monitoring provides real-time visibility into an organization's IT environment. Here are the best practices for building a CSM program.  Continue Reading

• 5 ways to achieve a risk-based security strategy

  Learn five steps to implement a risk-based security strategy that naturally delivers compliance as a consequence of an improved security posture.  Continue Reading

• Zero-trust security model means more than freedom from doubt

  A zero-trust security model has a catchy name, but the methodology means more than not trusting any person or device on the network. What you need to know.  Continue Reading

• Top 7 IT security frameworks and standards explained

  Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization.  Continue Reading

• How to find an MSP to protect you from outsourcing IT risks

  Check out what questions to ask MSPs to make sure they have the right security systems in place to protect your organization against outsourcing IT risks.  Continue Reading

• How do buffer overflow attacks work?

  Buffer overflow attacks are simple exploits that can give an attacker control over a program or process. Learn how these attacks work and how to make sure they don't happen to you.  Continue Reading

• 2019's top email security best practices for employees

  Attackers exploit email every day to break into your network, but you can reduce risk for everyone by promoting these email security strategies for employees.  Continue Reading

• Endpoint security tools get an essential upgrade

  Malware, APTs and other threats are getting smarter, but so are endpoint detection and response products. Learn what the latest versions can do to keep threats away.  Continue Reading

• Building a cybersecurity awareness training program

  Cybersecurity awareness training programs are sometimes perceived as an extraneous waste of time and energy, but are essential to building a strong security culture.  Continue Reading

• How to perform a building security assessment

  There are four major systems to review in a building security assessment. Learn what they are and how to review their potential cyber and physical risks.  Continue Reading

• How to conduct a security risk review on a large building

  Assessors cannot dive into a security risk review of a large building; they have to prepare and strategize ahead of time. Learn how to get ready for this type of security assessment.  Continue Reading

• How can organizations build cybersecurity awareness among employees?

  A high level of cybersecurity awareness among employees is essential to protect corporate data. To build this awareness, start with a strong cybersecurity culture.  Continue Reading

• 2019's top 5 free enterprise network intrusion detection tools

  Snort is one of the industry's top network intrusion detection tools, but plenty of other open source alternatives are available. Discover new and old favorites for packet sniffing and more.  Continue Reading

• Implementing the top 6 email security best practices for employees

  The list of email security best practices for employees can get long. To include the necessary options, check out the six essentials. Where does your organization stand?  Continue Reading

• How to improve application security testing when it falls short

  Application security testing is a critical component of enterprise security. Find out what steps you can take to make sure your testing procedures fit the bill.  Continue Reading

• The top 3 email security threats and how to defuse them

  Understanding the nature of the top 3 email security threats -- malware, phishing and spoofed domains -- can help reduce their impact.  Continue Reading

• Top risks of deploying zero-trust cybersecurity model

  Adopting a zero-trust model for cybersecurity brings many benefits -- but also risks. Find out why a zero-trust approach to security is not a panacea.  Continue Reading

• Identity and access management trends show new access roles

  Identity and access management trends reflect a changing cybersecurity landscape. Learn how IAM is changing and what you should do before buying an IAM tool.  Continue Reading

• AI, machine learning in cybersecurity focused on behavior

  Artificial intelligence, and machine learning in particular, is being fruitfully employed in IT security tools. Learn where this advanced technology works best now.  Continue Reading

• A look at security threats to critical infrastructure

  Threats to critical infrastructure, like Operation Sharpshooter, should motivate CI sectors to take cybersecurity seriously. Learn about the threats and how to defend against them.  Continue Reading

• Top 5 reasons for a zero-trust approach to network security

  As network perimeters disintegrate and enterprises adopt cloud computing, discover the top reasons organizations are opting for a zero-trust approach to network security.  Continue Reading

• Simplify incident response for zero-day vulnerability protection and beyond

  Protection against a zero-day vulnerability and other cyber-risks is complicated, but simplifying cybersecurity incident management could be the key to protecting online assets.  Continue Reading

• 4 steps to ensure virtual machine security in cloud computing

  Enterprises are now operating in a cloud-virtual world. Understanding four steps to ensure virtual machine security in cloud computing environments is crucial.  Continue Reading

• Four container security vulnerabilities and how to avoid them

  Find out how container security best practices can address the four most common types of container and orchestrator vulnerabilities. Then mitigate threats with the right processes and tools.  Continue Reading

• How to secure network devices in a hostile world

  Find out how to secure network devices by locking down the biggest, riskiest holes to protect them from exploits long before some or all of the network crashes.  Continue Reading

• 8 ways to protect building management systems

  Security threats to building management systems can come from numerous sources. Expert Ernie Hayden outlines these potential threats and how to protect against them.  Continue Reading

• How automated patch management using SOAR can slash risk

  Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management.  Continue Reading

• Automating incident response with security orchestration

  Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks.  Continue Reading

• How does BGP hijacking work and what are the risks?

  The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it.  Continue Reading

• Find out whether secure email really protects user data in transit

  Outside of user perceptions, how safe is secure email in terms of protecting users' data in transit? Our expert explains how much the SSL and TLS protocols can protect email.  Continue Reading

• Plugging the cybersecurity skills gap with security automation

  Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder.  Continue Reading

• An introduction to building management system vulnerabilities

  Understanding what a building management system is and does is important for organizations to have stronger security postures. Expert Ernie Hayden examines the BMS and its flaws.  Continue Reading

• 5 common web application vulnerabilities and how to avoid them

  Common web application vulnerabilities continue to confound enterprises. Here's how to defend against them and stop enabling exploits.  Continue Reading

• Nine email security features to help prevent phishing attacks

  Check out nine email security features that can help protect you from phishing attacks. First, make sure they're enabled on your email system configuration, and if not, start your wish list.  Continue Reading

• How bellwether cybersecurity technologies predict success

  Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why.  Continue Reading

• The developer's role in application security strategy

  Developers often pay lip service about being integral to application security, but they usually don't consider vulnerabilities until much too late in the dev process.  Continue Reading

• Understanding the new breed of command-and-control servers

  Command-and-control servers are now using public cloud services, social media and other resources to evade detection. What should enterprises do to combat these threats?  Continue Reading

• Top 5 email security issues to address in 2019

  The top five email security issues come from a variety of places, from email phishing to account takeovers. Our security expert recommends being vigilant and poised to take action.  Continue Reading

• Weighing the cost of mitigating Spectre variant 2

  Fixes for the Spectre variant 2 vulnerability affect system performance, so some in the tech sector wonder whether they're worth it. Expert Michael Cobb examines that question.  Continue Reading

• Key steps to put your zero-trust security plan into action

  There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company.  Continue Reading

• Microsegmentation security: Your key to zero trust

  Zero trust is the path forward to secure corporate IT assets. Learn how to put into place a zero-trust security model with a microsegmentation strategy.  Continue Reading

• Vet third-party apps to reduce supply chain threats

  Enterprises are more vulnerable than ever before to supply chain threats from third-party apps and modules. Last fall's compromised NPM package is one cautionary tale.  Continue Reading

• 5-step checklist for web application security testing

  This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws.  Continue Reading

• More Ghostscript vulnerabilities, more PostScript problems

  Researchers keep finding PostScript interpreter bugs. Find out how a new Ghostscript vulnerability enables remote code execution against web services and Linux desktop users.  Continue Reading

• How to create a more effective application security program

  To mitigate software-related security risks, fine-tune your application security program to get the right people involved, document your standards and manage your weak points.  Continue Reading

• Steps to improve an application environment and fix flaws

  Eliminating application security flaws from an enterprise's server can be a complex task. Learn steps to take in order to improve application security with expert Kevin Beaver.  Continue Reading

• How to comply with the California privacy act

  Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law.  Continue Reading

• How a Windows antimalware tool helps endpoint security

  The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it.  Continue Reading

• The evolution of the Let's Encrypt certificate authority

  Certificate authorities work differently since the open source Let's Encrypt project went into effect. Expert Fernando Gont explains how both CAs and Let's Encrypt operate.  Continue Reading

• Cybersecurity maturity model lays out four readiness levels

  To assess cybersecurity maturity, Nemertes Research developed a four-point scale to determine a company's ability to effectively detect, understand and contain breaches.  Continue Reading

• How to perform an ICS risk assessment in an industrial facility

  An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.  Continue Reading

• Updating TLS? Use cryptographic entropy for more secure keys

  Cryptographic entropy is necessary to secure session encryption keys in TLS 1.2, but RSA key transport is not supported in TLS 1.3. Discover the causes for concern with Judith Myerson.  Continue Reading

• Key customer identity access management features to consider

  Evaluating customer identity access management products is complicated but necessary. Learn what’s new and what you need most right now.  Continue Reading

• CIAM vs. IAM: The key differences 'customer' makes

  Find out everything you need to know about the nuances that differentiate customer IAM from traditional IAM so that you can implement the CIAM system at your organization.  Continue Reading

• How NIST is preparing to defend against quantum attacks

  The NSA has begun the transition from ECC to new algorithms to resist quantum attacks. Learn about the threat posed by quantum computing from expert Michael Cobb.  Continue Reading

• What Moody's cyber-risk ratings mean for enterprises

  Moody's announced it will soon begin composing cyber-risk ratings for enterprises. Kevin McDonald explores the move and what it could mean for enterprises and the infosec industry.  Continue Reading

• How to ensure your enterprise doesn't have compromised hardware

  Enterprise protections are crucial in order to guarantee the safety of your hardware. Discover best practices to guard your enterprise's hardware with Nick Lewis.  Continue Reading

• For effective customer IAM, bundle security and performance

  CIAM can verify identity, manage access and deliver a smooth experience for customers. Get an expert's insights on how to tackle customer IAM now.  Continue Reading

• How a flaw in Apple DEP misuses an MDM server

  Hackers are able to enroll their devices in an organization's MDM server via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks.  Continue Reading

• How the SHA-3 competition declared a winning hash function

  NIST tested competing hash functions over a period of five years for the SHA-3 algorithm competition. Learn the details of what they discovered from Judith Myerson.  Continue Reading

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture.  Continue Reading

• Testing applications in production vs. non-production benefits

  To ensure proper application security testing, production and non-production systems should both be tested. In this tip, expert Kevin Beaver weighs the pros and cons.  Continue Reading

• How supply chain security has evolved over two decades

  Both physical and cyber supply chain security are critically important. Expert Ernie Hayden outlines the recent history of supply chain defenses and what enterprises need to know.  Continue Reading

• Is network traffic monitoring still relevant today?

  An increase in DNS protocol variants has led to a higher demand for network traffic monitoring. The SANS Institute's Johannes Ullrich explains what this means for enterprises.  Continue Reading

• How bring-your-own-land attacks are challenging enterprises

  FireEye researchers developed a new technique called bring your own land, which involves attackers creating their own tools. Discover more about how this works with Nick Lewis.  Continue Reading

• Zero-trust security means new thinking plus practical steps

  Implementing a security policy that, essentially, trusts no one and nothing doesn't have to be overwhelming if you understand the basics behind the security model.  Continue Reading

• How to configure browsers to avoid web cache poisoning

  Web cache poisoning poses a serious threat to web browser security. Learn how hackers can exploit unkeyed inputs for malicious use with expert Michael Cobb.  Continue Reading

• Insider threat protection: Strategies for enterprises

  Insider threats pose a serious risk to enterprises. Peter Sullivan explains how enterprises can use background checks and risk assessments for insider threat protection.  Continue Reading

• Why entropy sources should be added to mobile application vetting

  NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made.  Continue Reading

• How testing perspectives helps find application security flaws

  Application security testing requires users to test from all the right perspectives. Discover testing techniques that help find application security flaws with expert Kevin Beaver.  Continue Reading

• How deception technologies improve threat hunting, response

  Deception tech tools enable more effective threat hunting and incident response. Learn how these tools can give security pros an edge in defending their company systems and data.  Continue Reading

• NIST incident response plan: 4 steps to better incident handling

  The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step.  Continue Reading

• Enterprises should reconsider SMS-based 2FA use after breach

  A Reddit breach was triggered by threat actors intercepting SMS messages used to authenticate employees to access sensitive data. Learn why enterprises should reconsider SMS for 2FA.  Continue Reading

• How to protect enterprise ICS networks with firewalls

  ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected.  Continue Reading

• The implications of the NetSpectre vulnerability

  The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe.  Continue Reading

• How entropy sources interact with security and privacy plans

  NIST published a draft of its 'Risk Management Framework for Information Systems and Organizations.' Learn what this report entails, as well as how entropy source controls play a key role.  Continue Reading

• Give your SIEM system a power boost with machine learning

  The enterprise SIEM is still essential to IT defenses, but the addition of AI, in the form of machine learning capabilities, gives it even more potential power.  Continue Reading

• Prepping your SIEM architecture for the future

  Is your SIEM ready to face the future? Or is it time for a major tune-up or at least some tweaks around the edges? Learn how to approach your SIEM assessment and updates.  Continue Reading

• Picking the right focus for web application security testing

  Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas.  Continue Reading

• How Shodan helps identify ICS cybersecurity vulnerabilities

  Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security.  Continue Reading