Tips

Tips

• Considerations for developing a cyber threat intelligence team

  The use of a cyber threat intelligence team can greatly help organizations. Learn the best practices for team location and selection from expert Robert M. Lee.  Continue Reading

• Make your incident response policy a living document

  Effective incident response policies must be detailed, comprehensive and regularly updated -- and then 'embedded in the hearts and minds' of infosec team members.  Continue Reading

• Prevent a network security attack by isolating the infrastructure

  It may sound like network security basics, but don't underestimate the power of proper segmentation and isolation as an effective way to protect your enterprise network from attack.  Continue Reading

• How the Docker REST API can be turned against enterprises

  Security researchers discovered how threat actors can use the Docker REST API for remote code execution attacks. Michael Cobb explains this threat to Docker containers.  Continue Reading

• Understanding data manipulation attacks in enterprise security

  When it comes to protecting data, ransomware isn't the only thing that should worry enterprises. Nick Lewis explains the threat of data manipulation attacks and how to stop them.  Continue Reading

• Securing endpoints with supplementary tools protects data

  Learn how network access control (NAC), data loss prevention (DLP) and robust data destruction tools secure the data in your corporate endpoints against data loss.  Continue Reading

• What a data protection officer can offer enterprises subject to GDPR

  The EU GDPR requires that organizations appoint a data protection officer, but is that really necessary for security? Expert Francoise Gilbert examines the compliance requirement.  Continue Reading

• How to balance organizational productivity and enterprise security

  It's no secret that enterprise security and organizational productivity can often conflict. Peter Sullivan looks at the root causes and how to address the friction.  Continue Reading

• The HTML5 vulnerabilities enterprises need to know

  Adobe Flash's end of life is coming, but there are some HTML5 vulnerabilities enterprises should be aware of before making the switch. Expert Judith Myerson outlines the risks.  Continue Reading

• After Stuxnet: Windows Shell flaw still most abused years later

  A Windows Shell flaw used by the Stuxnet worm continues to pose problems years after it was patched. Nick Lewis explains how the flaw exposes enterprise security shortcomings.  Continue Reading

• How DNS TXT records can be used against enterprises

  A domain name system is a widely used protocol, but new research shows how threat actors can use DNS TXT records for cyberattacks. Nick Lewis explains this new DNS threat.  Continue Reading

• Why DevOps security must be on infosecs' priority list

  In the rush to implement DevOps, security is too often overlooked. But DevSecOps is essential in these hack-filled days. Learn how to add security to software development.  Continue Reading

• How NotPetya ransomware used legitimate tools to move laterally

  WannaCry and NotPetya ransomware woke enterprises up to an expanded threat landscape. Expert Michael Cobb explains these threats and what enterprises can do to stop them.  Continue Reading

• What to do when cybersecurity breaches seem inevitable

  The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach.  Continue Reading

• Cryptography attacks: The ABCs of ciphertext exploits

  Encryption is used to protect data from peeping eyes, making cryptographic systems an attractive target for attackers. Here are 18 types of cryptography attacks to watch out for.  Continue Reading

• The difference between security assessments and security audits

  Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences.  Continue Reading

• Destruction of service: How ransomware attacks have changed

  New ransomware variants have introduced another threat to enterprises. Rob Shapland explains what destruction of service attacks are and how organizations should prepare for them.  Continue Reading

• Common web application login security weaknesses and how to fix them

  Flawed web application login security can leave an enterprise vulnerable to attacks. Expert Kevin Beaver reviews the most common mistakes and how to fix them.  Continue Reading

• Security teams must embrace DevOps practices or get left behind

  DevOps practices can help improve enterprise security. Frank Kim of the SANS Institute explains how infosec teams can embrace them.  Continue Reading

• How to use data encryption tools and techniques effectively

  Data protection does not have a one-size-fits-all solution. Understand which encryption tools and methods best fit different scenarios.  Continue Reading

• Applying a hacker mindset to application security

  It can be beneficial to think like a black hat. Expert Kevin Beaver explains why enterprise security teams should apply a hacker mindset to their work and how it can help.  Continue Reading

• Are biometric authentication methods and systems the answer?

  Biometric authentication methods, like voice, fingerprint and facial recognition systems, may be the best replacement for passwords in user identity and access management.  Continue Reading

• Why data fidelity is crucial for enterprise cybersecurity

  Cybersecurity teams can't be effective if they don't trust their data. Expert Char Sample explains the importance of data fidelity and the threat of cognitive hacking.  Continue Reading

• What you need to know about setting up a SOC

  Setting up a SOC is different for every enterprise, but there are some fundamental steps with which to start. Expert Steven Weil outlines the basics for a security operations center.  Continue Reading

• IPv6 addresses: Stability concerns and usage advice

  Enterprises can deploy IPv6 addresses to improve privacy and security, but there are stability and usage considerations. Expert Fernando Gont explains what they are.  Continue Reading

• Vendor-neutral certification guide for infosec professionals

  The vendor-neutral certification landscape features over 100 certs designed for infosec pros who want to advance their careers and apply their knowledge for current and future employers.  Continue Reading

• SHA-1 collision: How the attack completely breaks the hash function

  Google and CWI researchers have successfully developed a SHA-1 attack where two pieces of data create the same hash value -- or collide. Expert Michael Cobb explains how this attack works.  Continue Reading

• IPv6 addresses: Security recommendations for usage

  IPv6 addresses can be used in a number of ways that can strengthen information security. Expert Fernando Gont explains the basics of IPv6 address usage for enterprises.  Continue Reading

• Applying cybersecurity readiness to today's enterprises

  How prepared is your organization for a cyberattack? Expert Peter Sullivan outlines the seven steps enterprises need to take in order to achieve cybersecurity readiness.  Continue Reading

• Tools to transfer large files: How to find and buy the best

  Need to transfer files within headquarters or between branches? Managed file transfer tools now offer some interesting new features.  Continue Reading

• Why security incident management is paramount for enterprises

  Enterprises aren't truly prepared for cyber threats unless they have proper security incident management in place. Expert Peter Sullivan explains what enterprises need to know.  Continue Reading

• How to detect preinstalled malware in custom servers

  Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues.  Continue Reading

• Cybersecurity readiness: The importance of continuous network monitoring

  Continuous network monitoring and traffic analysis are crucial ingredients for cybersecurity readiness. Expert Peter Sullivan explains what enterprise security teams need to know.  Continue Reading

• Tactics for security threat analysis tools and better protection

  Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool.  Continue Reading

• How WannaCry malware affects enterprises' ICS networks

  WannaCry malware has been plaguing organizations across the world. Expert Ernie Hayden explains how this ransomware threatens ICS networks and their security.  Continue Reading

• Incorporating static source code analysis into security testing

  Static source code analysis, along with dynamic analysis and pen testing, can help strengthen your application security. Expert Kevin Beaver goes over the features to look out for.  Continue Reading

• IT security governance fosters a culture of shared responsibility

  Effective information security governance programs require a partnership between executive leadership and IT. All parties work toward a common goal of protecting the enterprise.  Continue Reading

• How to use an interface identifier to check for IPv6 network updates

  To find out if your IPv6 network has been updated to RFC 7217, you can perform a test using the interface identifier. Expert Fernando Gont explains how to do this.  Continue Reading

• How the use of invalid certificates undermines cybersecurity

  Symantec and other trusted CAs were found using bad certificates, which can create huge risk for internet users. Expert Michael Cobb explains how these incidents can be prevented.  Continue Reading

• Information privacy and security requires a balancing act

  Maintaining information privacy and security seem to be separate challenges, but in reality, each is integral to the other. Expert Kevin Beaver explains how to work toward both.  Continue Reading

• IPv6 update: A look at the security and privacy improvements

  The recent IPv6 update from the IETF introduces new security and privacy recommendations. Expert Fernando Gont explains these changes and what they mean for organizations.  Continue Reading

• To secure Office 365, take advantage of controls Microsoft offers

  Securing Office 365 properly requires addressing upfront any specific risks of a particular environment and taking advantage of the many security controls Microsoft offers.  Continue Reading

• Office 365 security features: As good as it gets?

  Online and application security is never perfect, but Office 365 security features come close. Here's an overview of how Microsoft installed security in its popular suite.  Continue Reading

• Address Office 365 security concerns while enjoying its benefits

  Office 365 security concerns should worry you but not dampen your enthusiasm for the platform's potential benefits for your business. Here's what you need to consider upfront.  Continue Reading

• Guide to vendor-specific IT security certifications

  The abundance of vendor-specific information technology security certifications can overwhelm any infosec professional. Expert Ed Tittel helps navigate the crowded field.  Continue Reading

• Embedded malware: How OLE objects can harbor threats

  Nation-states have been carrying out attacks using RTF files with embedded malware. Expert Nick Lewis explains how OLE technology is used and how to protect your enterprise.  Continue Reading

• How mobile application assessments can boost enterprise security

  Mobile application assessments can help enterprises decide which apps to allow, improving security. Christopher Crowley of the SANS Institute discusses how to use app assessments.  Continue Reading

• WannaCry ransomware threat exposes enterprise security shortcomings

  Expert Rob Shapland explains how a confluence of weaknesses in enterprise security led to the WannaCry ransomware threat generating maximum devastation.  Continue Reading

• Triple DES: How strong is the data encryption standard?

  Expert Jon Callas explains how strong the Triple DES symmetric encryption algorithm actually is and offers guidance on how it compares to other widely used block ciphers.  Continue Reading

• How SSH key management and security can be improved

  The widespread use of SSH keys is posing security risks for enterprises due to poor tracking and management. Expert Michael Cobb explains how some best practices can regain control over SSH.  Continue Reading

• Cognitive hacking: Understanding the threat of bad data

  Bad data can create more than just 'fake news.' Expert Char Sample explains how cognitive hacking and weaponized information can undermine enterprise security.  Continue Reading

• What the end of hot patching mobile apps means for enterprise security

  Apple now restricts mobile app developers from using hot patching, as the technique can change app behavior after it is reviewed. Expert Kevin Beaver goes over enterprise concerns.  Continue Reading

• Why WPA2-PSK can be a security risk even with an uncracked key

  WPA2-PSK is a popular way to bolster wireless security, but it's not perfect. Expert Joseph Granneman explains WPA2 and other aspects of the complicated history of Wi-Fi security.  Continue Reading

• Applying the new FDA medical device guidance to infosec programs

  New FDA medical device guidance demonstrates the need for better cybersecurity during manufacturing and use. Expert Nick Lewis explains how enterprises can use the recommendations.  Continue Reading

• Avoid privilege creep from the software development team

  Too often, privilege creep occurs via the software development team, the result of pressure to update or launch apps. Learn what tools and tactics can counter privilege creep.  Continue Reading

• How to identify and address overlooked web security vulnerabilities

  Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them.  Continue Reading

• ISAOs: The benefits of sharing security information

  ISAOs are a good way for organizations to share information about security threats. Expert Steven Weil explains what these organizations are and their attributes.  Continue Reading

• Improving the cybersecurity workforce with full spectrum development

  Eric Patterson, executive director of the SANS Technology Institute, explains why it's time to rethink educational development to strengthen the cybersecurity workforce.  Continue Reading

• The security pros and cons of using a free FTP tool

  A free FTP tool can help move enterprise files to a managed file transfer service, but there are security factors to consider. Expert Judith Myerson explains what they are.  Continue Reading

• Preparing enterprise systems for the scriptless Linux exploit

  The scriptless Linux exploit deviates from usual methods that security tools recognize as attacks. Expert Nick Lewis explains how the exploit works and how to prevent it.  Continue Reading

• Incorporating user behavior analytics into enterprise security programs

  User behavior analytics can be used for a number of different objectives within an enterprise. Expert Ajay Kumar examines some of the most important features and capabilities.  Continue Reading

• Dedicated security teams: The pros and cons of splitting focus areas

  Could using dedicated security teams that focus on one area of risk help reduce the attack surface for enterprises? Expert Steven Weil looks at the pros and cons of that approach.  Continue Reading

• Totally automatic: Improve DevOps and security in three key steps

  Concerned about DevOps security? Learn three key steps to embedding security into the software development process, including how to improve automation.  Continue Reading

• User behavior analytics: Building a business case for enterprises

  User behavior analytics can be beneficial to enterprises, but there are complexities involved. Expert Ajay Kumar explains what companies should know about this new technology.  Continue Reading

• 1024-bit encryption keys: How 'trapdoored' primes have caused insecurity

  Encryption algorithms using 1024-bit keys are no longer secure, due to the emergence of 'trapdoored' primes. Expert Michael Cobb explains how the encryption backdoor works.  Continue Reading

• DLP systems: Spotting weaknesses and improving management

  DLP systems are becoming a necessity, but their weaknesses need to be tightened to ensure enterprise asset security. Expert Kevin Beaver explains what areas to focus on.  Continue Reading

• Android VPN apps: How to address privacy and security issues

  New research on Android VPN apps revealed the extent of their privacy and security flaws. Expert Kevin Beaver explains how IT professionals can mitigate the risks.  Continue Reading

• Enterprise SSO: The promise and the challenges ahead

  It was inevitable that enterprise SSO would encounter the cloud. Learn how to adjust your company's approach to single sign-on so it keeps working well.  Continue Reading

• Is encryption one of the required HIPAA implementation specifications?

  When it comes to encryption, the HIPAA implementation specifications are complicated. Expert Joseph Granneman explains whether it's required or addressable.  Continue Reading

• Using IPv6 atomic fragments for a denial-of-service attack

  IPv6 atomic fragments can be dangerous for enterprises. Expert Fernando Gont explains their relation to a new denial-of-service attack vector and how to mitigate the threat.  Continue Reading

• Reporting ransomware attacks to the FBI: Pros and cons

  Reporting ransomware attacks to law enforcement can pose potential risks to the targeted organization. Expert Mike O. Villegas discusses the key aspects of disclosing an attack.  Continue Reading

• How a single ICMPv6 packet can cause a denial-of-service attack

  Expert Fernando Gont explains how Internet Control Message Protocol version 6 can be used by threat actors to stage a simple, yet effective, denial-of-service attack.  Continue Reading

• IoT development and implementation: Managing enterprise security

  The CSA's guidelines for secure IoT development can give enterprises an idea of how to evaluate IoT products. Expert Nick Lewis explains the steps enterprises should take.  Continue Reading

• Why authorization management is paramount for cybersecurity readiness

  After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work.  Continue Reading

• What to consider about signatureless malware detection

  Endpoint security is changing into signatureless malware detection and protection. Expert Matthew Pascucci discusses the transition away from signatures.  Continue Reading

• DNS reverse address mapping: Exploiting the scanning technique

  Scanning IPv6 addresses can be made easy with DNS reverse mapping. In part two of this series, expert Fernando Gont explains how this technique can be exploited and mitigated.  Continue Reading

• Intrusion response plans: Tales from front-line IT support

  The right intrusion response training can make all the difference in data breach prevention. Expert Joe Granneman provides a real-world example from which enterprises can learn.  Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.  Continue Reading

• What global threat intelligence can and can't do for security programs

  Global threat intelligence is a valuable complement to a company's security program, but it can't replace security measures like training and internally collected data.  Continue Reading

• How to organize an enterprise cybersecurity team effectively

  The structure of an enterprise's cybersecurity team is important for ensuring it's as effective as possible. Expert Steven Weil outlines strategies for setting up a security group.  Continue Reading

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.  Continue Reading

• The consequences of removing PPTP support from iOS 10

  Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.  Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.  Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.  Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.  Continue Reading

• How to develop a strategic security plan for enterprises

  Developing a strategic security plan for an enterprise can be a complicated task. Expert Ernie Hayden provides an overview to help CISOs make an effective plan.  Continue Reading

• Big data frameworks: Making their use in enterprises more secure

  Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis.  Continue Reading

• Stop app attacks with a web application firewall

  Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF.  Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.  Continue Reading

• Insider threat detection tools that sniff out dangers from within

  Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.  Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.  Continue Reading

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.  Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.  Continue Reading

• Zero-day attacks: Addressing the Equation Group vulnerabilities

  Zero-day exploits for network routers and firewalls were released by the Shadow Brokers. Expert Kevin Beaver offers steps for enterprises to address zero-day attacks.  Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.  Continue Reading

• How limiting administrative access can protect your enterprise

  Limiting administrative access can strengthen an enterprise's security posture significantly. Expert Joe Granneman discusses why this is such an important practice.  Continue Reading

• Protecting the open source Redis tool from ransomware attacks

  Duo Labs discovered a flaw in the Redis tool that led to Fairware ransomware attacks on Linux servers. Expert Nick Lewis explains the security measures that enterprises can take.  Continue Reading

• How major FDIC cybersecurity issues highlight leadership failures

  A series of major FDIC cybersecurity data breaches has created a chaotic situation and highlights the importance of strong, well-intentioned security leadership in organizations.  Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.  Continue Reading

• Managed security providers: What's new?

  Managed security providers are responding rapidly to the evolving threat environment. Learn how an MSSP enhances corporate security and how to determine which services you need.  Continue Reading