Tips

Tips

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.  Continue Reading

• DNS reverse address mapping: Exploiting the scanning technique

  Scanning IPv6 addresses can be made easy with DNS reverse mapping. In part two of this series, expert Fernando Gont explains how this technique can be exploited and mitigated.  Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn.  Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.  Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.  Continue Reading

• How to organize an enterprise cybersecurity team effectively

  The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group.  Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.  Continue Reading

• The consequences of removing PPTP support from iOS 10

  Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.  Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.  Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.  Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.  Continue Reading

• How to develop a strategic security plan for enterprises

  Developing a strategic security plan for an enterprise can be a complicated task. Expert Ernie Hayden provides an overview to help CISOs make an effective plan.  Continue Reading

• Big data frameworks: Making their use in enterprises more secure

  Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis.  Continue Reading

• Stop app attacks with a web application firewall

  Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF.  Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.  Continue Reading

• Insider threat detection tools that sniff out dangers from within

  Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.  Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.  Continue Reading

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.  Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.  Continue Reading

• Zero-day attacks: Addressing the Equation Group vulnerabilities

  Zero-day exploits for network routers and firewalls were released by the Shadow Brokers. Expert Kevin Beaver offers steps for enterprises to address zero-day attacks.  Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.  Continue Reading

• How limiting administrative access can protect your enterprise

  Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice.  Continue Reading

• Protecting the open source Redis tool from ransomware attacks

  Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.  Continue Reading

• How major FDIC cybersecurity issues highlight leadership failures

  A series of major FDIC cybersecurity data breaches has created a chaotic situation and highlights the importance of strong, well-intentioned security leadership in organizations.  Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.  Continue Reading

• Managed security providers: What's new?

  Managed security providers are responding rapidly to the evolving threat environment. Learn how an MSSP enhances corporate security and how to determine which services you need.  Continue Reading

• How identity management systems strengthen cybersecurity readiness

  Identity management is a core component of cybersecurity readiness, but there are many layers and complexities behind it. Expert Peter Sullivan explains the basics of IAM.  Continue Reading

• How to use threat intelligence metrics to attain relevant data

  Threat intelligence services can be valuable, but enterprises must first determine the right threat intelligence metrics. Char Sample explains the best ways to achieve this.  Continue Reading

• Data obfuscation techniques: Best practices and design approaches

  Expert Ajay Kumar revisits the topic of data obfuscation techniques and explores the architectures, approaches and best practices for protecting enterprise data.  Continue Reading

• Automated patching technology: What enterprises should consider

  Enterprises are moving in the direction of using automated patching systems for increased security. Expert Kevin Beaver explains the benefits and drawbacks of such technology.  Continue Reading

• How data obfuscation techniques can help protect enterprises

  Data obfuscation techniques can help enterprises protect corporate information and limit risks of data exposure or leaks. Expert Ajay Kumar explains how these techniques work.  Continue Reading

• Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?

  HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it.  Continue Reading

• How a hybrid whitelisting-blacklisting approach can help enterprises

  Allowing known good applications and data isn't enough for enterprises. Beth Musumeci explains why a hybrid whitelisting-blacklisting approach is the best option for security.  Continue Reading

• How military cybersecurity skills can help fill the security hiring gap

  The security industry continues to struggle to hire, but candidates with military cybersecurity skills can help. Expert Mike O. Villegas talks about the benefits of hiring veterans.  Continue Reading

• Advanced security analytics safeguards the enterprise

  Advanced security analytics uses information gathered from SIEMs and other security tools to safeguard the enterprise. Learn how advanced analytics works and what's coming next.  Continue Reading

• Behavioral threat assessment means real-time threat detection

  Real-time behavioral threat analytics is the next frontier in security. Learn how a behavioral threat assessment tool can protect your enterprise systems and data.  Continue Reading

• How to craft an effective DevSecOps process with your team

  Switching to a DevSecOps model in software development offers many benefits, but combining security and DevOps takes knowledge, forethought and planning.  Continue Reading

• Information security risk management: Understanding the components

  An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness.  Continue Reading

• MAC address randomization schemes: Examining the pros and cons

  MAC address randomization schemes can be beneficial and challenging. Fernando Gont explains what enterprises need to know about randomizing MAC addresses.  Continue Reading

• Preventing Microsoft's Authenticode from spreading stealth malware

  A Microsoft Authenticode vulnerability allowed malicious code to sneak through without invalidating a file's digital signature. Expert Nick Lewis explains how to address this flaw.  Continue Reading

• MAC address randomization: Understanding the security benefits

  MAC address randomization can be used to strengthen privacy and security for enterprises. Fernando Gont explains how it works and how it's used by popular operating systems.  Continue Reading

• How more than 100 malicious Tor nodes were identified

  Researchers identified 110 malicious Tor HSDirs that were found snooping information. Expert Kevin Beaver discusses the takeaways from this research for enterprises.  Continue Reading

• Preventing privilege creep: How to keep access and roles aligned

  Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned.  Continue Reading

• Preventing and responding to a healthcare ransomware infection

  The healthcare industry is a target for ransomware infections. Expert Ernie Hayden explains how organizations can take steps to prevent and respond to these attacks.  Continue Reading

• To find the best endpoint security tools, focus on these features

  Finding the best endpoint security for your enterprise is a complex, ever-changing task. Learn what features tools offer now to protect endpoints touching the enterprise systems.  Continue Reading

• Ransomware attacks: Why healthcare data is at risk

  Ransomware attacks on healthcare data are on the rise. Expert Ernie Hayden explains why healthcare organizations are a target and the effects of these attacks.  Continue Reading

• Runtime application self-protection basics, pros and cons

  Learn the basics of runtime application self-protection and the key benefits and drawbacks to this approach to building security into applications as they execute.  Continue Reading

• How to use hashcat to address authentication vulnerabilities

  Authentication vulnerabilities are a constant problem, but testing tools like hashcat can make a significant difference. Expert Joe Granneman discusses hashcat and password cracking.  Continue Reading

• Improve endpoint security protection with advanced tools and techniques

  Better endpoint security protection is possible with NAC, DLP and other tools and techniques. Learn how they fit together to improve enterprise endpoint protection.  Continue Reading

• How to handle out-of-band management for network infrastructure

  Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.  Continue Reading

• Building an information security architecture step by step

  Achieving cybersecurity readiness requires a solid information security architecture. Expert Peter Sullivan explains the core building blocks that enterprises need to build one.  Continue Reading

• Is the open source architecture beneficial or a security vulnerability?

  The open source architecture has its detractors in terms of its security, but Apple's unencrypted iOS 10 kernel raises new questions. Expert Michael Cobb explains the pros and cons.  Continue Reading

• Getting runtime application self-protection launched

  A runtime application self-protection tool only sounds complicated. Buying and using a RASP tool, though, may prove a surprisingly simple way to amp up your application security.  Continue Reading

• Major password breaches: How can enterprises manage user risk?

  With the large number of password breaches happening, enterprises should look into new methods of protecting their resources. Expert Nick Lewis explains how to reduce user risk.  Continue Reading

• Threat monitoring: Why watching the dark web is crucial

  Enterprises should broaden their threat monitoring to include dark web sites. Expert Matt Pascucci explains why it's important, and what enterprises can learn from the dark web.  Continue Reading

• Why HIPAA controls don't do enough for privacy and security

  HIPAA controls have failed to keep up with the health industry, but that may not be a bad thing. Expert Mike Chapple discusses the shortcomings in HIPAA privacy and security.  Continue Reading

• Network security alerts: Managing and overcoming obstacles

  Network security alerts are high in number and low in accuracy. Expert Kevin Beaver explains strategies security professionals can develop to overcome these obstacles to improving security.  Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.  Continue Reading

• How to build a cybersecurity plan for enterprise

  A cybersecurity action plan is a crucial part of achieving a state of cybersecurity readiness. Expert Peter Sullivan explains what goes into these plans and how to get one started.  Continue Reading

• Improving Android device security for enterprises with Android N

  Android device security is getting a boost with its newest version, Android N. Expert Michael Cobb explains the effects on enterprise users, and the changes in encryption.  Continue Reading

• Planning for an IPv6 attack: DDoS, neighbor discovery threats and more

  An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses.  Continue Reading

• How to handle a problematic cybersecurity expert on your team

  Sometimes hiring a cybersecurity expert to help your security team isn't all it's cracked up to be. Expert Mike O. Villegas explains what CISOs should do when this happens.  Continue Reading

• What CISOs need to incorporate into cloud service-level agreements

  CISOs may be unfamiliar with cloud service-level agreements, but they're still a necessary part of enterprise security. Expert Mike O. Villegas has some tips to build cloud SLAs.  Continue Reading

• Discover SIEM capabilities for real-time analysis

  Learn what SIEM capabilities aid the real-time analysis of collected information and security alarms, allowing for prompt detection of actual or potential attacks.  Continue Reading

• SIEM analysis interfaces for security professionals

  SIEM systems aren't infallible, so it's essential to effective SIEM analysis that it has an interface that eases security professionals' assessment and interpretation tasks.  Continue Reading

• Basic SIEM analytics steps to know

  Even basic SIEM analytics can get complicated. Learn three fundamental steps to take that will help you get the most out of your security information and event management tool.  Continue Reading

• DDoS attacks on your DNS provider: Developing a response strategy

  Learn from DNS provider NS1's experience with a DDoS attack. Expert Kevin Beaver has tips on developing a mitigation response for a DNS outage in your own enterprise.  Continue Reading

• How Brexit affects data privacy regulations between the US and U.K.

  The U.K.'s decision to leave the European Union means the U.S. might need new data privacy regulations. Expert Mike Chapple explains what Brexit means for Privacy Shield and GDPR.  Continue Reading

• Achieving cybersecurity readiness: What enterprises should know

  Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness.  Continue Reading

• Putting IPv6 vulnerabilities under the microscope

  Examining IPv6 vulnerabilities prior to deployment is crucial for enterprises. Expert Judith Myerson explains the risks of older gear, unpatched IPv6 ND flaws and other issues.  Continue Reading

• Vulnerabilities in antivirus tools: What does it mean for enterprises?

  Discoveries of vulnerabilities in antivirus tools, such as Symantec Antivirus, have put their abilities into question. Expert Nick Lewis explains how it affects enterprises.  Continue Reading

• How infosec professionals can improve their careers through writing

  Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it.  Continue Reading

• Preventing various types of DDoS attacks on your enterprise's systems

  The types of DDoS attacks organizations face have grown and size of these attacks has increased. Expert Michael Cobb explains how to secure systems against common DDoS methods.  Continue Reading

• Government cybersecurity problems can teach enterprises what to do

  The U.S. government's cybersecurity problems are in the spotlight, so enterprises should learn from them. Expert Mike Chapple looks at the lessons organizations can learn.  Continue Reading

• How to mitigate bit flipping flaw caused by Rowhammer exploits

  A Rowhammer attack on DRAM can induce bit flipping, putting data security at risk. Expert Michael Cobb explains the flaw and what preventive actions enterprises can take.  Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.  Continue Reading

• Information security culture: How enterprises can build and improve it

  Creating and fostering an information security culture isn't easy. Guest contributor Lance Hayden explains how to do it and how to identify signs of improvement.  Continue Reading

• How to address key SSL security issues and vulnerabilities

  As SSL technology evolves and changes, new vulnerabilities begin to cause problems. Expert Rob Shapland explains how security professionals can overcome these SSL security issues.  Continue Reading

• How tabletop exercises can help uncover hidden security risks

  A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.  Continue Reading

• The problem with Badlock and branded vulnerability marketing

  Branded vulnerability marketing, such as in the case of Badlock, can raise challenges for responsible disclosure. Expert Nick Lewis explains the problems it creates.  Continue Reading

• Rule 41: Why security and privacy experts are wary

  The U.S. Supreme Court proposed changes to the FRCP, including to Rule 41. Expert Mike Chapple looks at Rule 41 and why it matters to security and privacy experts.  Continue Reading

• How CMMI models compare and map to the COBIT framework

  Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another.  Continue Reading

• Defense-in-depth strategy: Growing cyberthreat intelligence

  Cybersecurity defense in depth needs to learn from the military strategy it originated from. Expert Peter Sullivan explains where cybersecurity should not deviate.  Continue Reading

• Why a federal CISO is necessary for the U.S. government

  President Obama's proposed 2017 budget includes a much bigger focus on cybersecurity and calls for the creation of a federal CISO position. Expert Mike Villegas discusses the role.  Continue Reading

• Update your IAM strategy for integration with new technology

  Revise your enterprise's IAM strategy for better integration with emerging technologies, such as cloud services and software-defined everything. Expert Johna Till Johnson explains.  Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.  Continue Reading

• A safe password system? Here's how

  News of the death of the password system is premature, despite the security vulnerabilities of this authentication method. Learn how to create a safe password system.  Continue Reading

• How encryption legislation could affect enterprises

  The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.  Continue Reading

• Removing malware: What are the best methods?

  When removing malware for client devices, how can security teams decide if the infection is truly gone? Expert Nick Lewis explains the cleanup process and the best practices.  Continue Reading

• Open source Web apps: Spotting security flaws

  Don't assume that your open source Web apps are secure. Expert Kevin Beaver explains the common vulnerabilities and how to include these systems in your security testing.  Continue Reading

• How IAM can address unstructured content security risks

  The amount of enterprise unstructured content is growing every year. Expert Sean Martin explains why IAM is an important component of unstructured data management and security.  Continue Reading

• How to resolve a Web application security vulnerability

  Web application security vulnerabilities can exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this.  Continue Reading

• Hacking back: A viable strategy or a major risk?

  Many organizations are now hacking back at attackers, in an active cyberdefense move. Expert Peter Sullivan explains the possible outcomes and drawbacks of taking action.  Continue Reading

• Why a cap-less cybersecurity budget could harm security

  An unlimited cybersecurity budget may sound like a dream, but in reality it could do more harm than good for an enterprise. Expert Mike O. Villegas explains.  Continue Reading

• Software-defined network security: A 'no-touch' approach

  One way to achieve software-defined network security is to implement a no-touch approach to networking administration. Learn how it can be done, and what needs to change before it’s possible.  Continue Reading

• Breaking down the DROWN attack and SSLv2 vulnerability

  A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take.  Continue Reading

• PCI DSS 3.2 marks the end of an era, not of the standard

  Does PCI DSS 3.2 mark the end of major updates to payment security compliance standards? Expert Mike Chapple discusses the update and what it means for organizations.  Continue Reading

• Where DLP technology is headed, and should you follow?

  DLP technology has evolved to include use with cloud applications and threat intelligence feeds. Expert Kevin Beaver delves into new DLP methods enterprises should consider.  Continue Reading

• Machine learning applications: Mitigating the risks

  Machine learning applications are beneficial to enterprises, but there are also several risks involved. Expert Judith Myerson explains five ways to combat them.  Continue Reading

• Developing a security incident response policy: Avoiding pitfalls

  Does your enterprise have an effective incident response policy? Expert Kevin Beaver explains some of the mistakes that security managers should be avoiding.  Continue Reading