Tips
Tips
-
Top benefits of an integrated endpoint security suite
When implementing endpoint security, is it better to buy standalone products or an endpoint security suite? Expert Karen Scarfone discusses the top benefits of integrated endpoint protection. Continue Reading
-
Detecting backdoors: The Apple backdoor that never was?
The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference. Continue Reading
-
Investing in endpoint security software: Final considerations
Before investing in an endpoint security software product, be sure your enterprise asks itself these six critical questions. Continue Reading
-
Ten questions to ask endpoint security vendors
Evaluating endpoint security vendors and their products can be a challenging task. Expert Karen Scarfone outlines 10 must-ask questions to start your list. Plus, check out a list of comprehensive endpoint security vendors Continue Reading
-
A first look at Windows 10 security features
In a preview of Windows 10 security features, expert Michael Cobb discusses three improvements that will boost enterprise security. Continue Reading
-
IPv6 extension headers and security: Analyzing the risk
IPv6 security expert Fernando Gont explains why IPv6 extension headers can inadvertently subvert security controls or foster denial-of-service conditions. Continue Reading
-
Using secure network tiers to bolster network security rules
If your enterprise struggles to manage network security rules effectively, expert Eric Cole explains why a tiered network may simplify rules management and protect sensitive assets. Continue Reading
-
Malware defense: How to detect and mitigate advanced evasion techniques
Expert Nick Lewis explores a number of techniques used by advanced malware to evade detection and explains how to detect and mitigate the threats. Continue Reading
-
Finding an enterprise SIEM: What problems are you trying to solve?
Purchasing a SIEM system isn't as easy as picking a product off of the shelf. Expert Adrian Lane explains how your enterprise can figure out exactly what it needs from a SIEM, making the evaluating process a lot simpler. Continue Reading
-
10 good security habits for keeping your organization secure
Enterprises that succeed in information security share a number of good security habits. Expert Steven Weil reviews the top ten best practices that are essential to success. Continue Reading
-
Understanding security flaws in IPv6 addressing schemes
Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks. Continue Reading
-
Basing incident response management on NIST SP 800-61
Incident response management can trip up both government agencies and enterprises alike. Expert Joseph Granneman looks at incident response techniques based on NIST SP 800-61. Continue Reading
-
Inside the four main elements of DLP tools
Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
-
Does your enterprise need a data loss prevention system?
Not every business needs a data loss prevention system. Security expert Rich Mogull offers clues to help your organization decide if DLP will suit its business needs. Continue Reading
-
Inside DLP: Full-suite products, DLP lite, content analysis
Data loss prevention (DLP) can be a confusing technology. Security expert Rich Mogull discusses the difference between DLP and DLP lite, as well as the ins and outs of content analysis. Continue Reading
-
Evaluating DLP systems: Eight questions to ask before buying
Data loss prevention, or DLP systems are not perfect for every organization, but how will you know if it is meant for your business? Security expert Rich Mogull offers eight questions to help you decide. Continue Reading
-
The three stages of the ISO 31000 risk management process
The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework. Continue Reading
-
Data loss prevention market: DLP vendors (and the questions to ask them)
Learn more about the data loss prevention marketplace, DLP vendors and critical questions to ask when evaluating potential DLP products for your enterprise. Continue Reading
-
Exploring the top four DLP benefits for enterprises
Data loss prevention products can vary greatly, yet they all offer the same four core advantages. Rich Mogull explains the top ways DLP can benefit your enterprise. Continue Reading
-
An intro to automated penetration testing
In this exploratory article, expert Mike Chapple explains what automated penetration testing is, why it is useful and how to start building an enterprise penetration tester toolkit. Continue Reading
-
How to take a measured approach to automated penetration testing
Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains. Continue Reading
-
NIST SP800-82: The evolution of the ICS guide
Expert Ernie Hayden takes an in-depth look at the development of NIST SP800-82 since its birth, and what the standard includes in the most recent revision. Continue Reading
-
Mainframe security best practices for compliance with PCI DSS
Mainframe security is a largely overlooked topic by QSAs assessing compliance with PCI DSS, but expert Mike Villegas explains why enterprises can't ignore the key security controls to ensure mainframe compliance. Continue Reading
-
Top questions to ask mobile device management vendors
With so many mobile device management vendors and products in the marketplace, choosing one to use in your enterprise can be a challenge. Check out these 13 vendor questions that will help make the evaluation process easier. Continue Reading
-
Hacking forensics: Windows command-line tools for the modern era
It's a fact of life: Windows systems get hacked. In this tip, expert Nick Lewis discusses multiple Windows command-line tools to help enterprises discover if their system has been compromised. Continue Reading
-
Continuous monitoring: Start with basic data collection techniques
Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor. Continue Reading
-
NGFW benefits include identity awareness, secure mobile access
Security expert Diana Kelley outlines three major benefits of next-generation firewalls: their ability to thwart unknown attacks, to make decisions using identity awareness and to ensure secure access by remote and mobile users. Continue Reading
-
Evaluating next-gen firewall vendors: Top 11 must-ask questions
Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase. Continue Reading
-
Next-generation firewall benefits: Is an NGFW best for your company?
A next-generation firewall won't meet the security needs of every single organization. Before making the move to next generation, be sure your enterprise understands these key decision criteria. Continue Reading
-
Five steps for improving an authenticated vulnerability scan
Running an authenticated vulnerability scan can help detect flaws in your system, yet many organizations don't invest in this methodology. Security expert Kevin Beaver discusses five ways to get the most out of an authenticated vulnerability scan. Continue Reading
-
Amazon Fire Phone security features and pitfalls
The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings. Continue Reading
-
Next-generation tools for next-generation network security
The next-generation network -- one that must encompass the cloud, mobility and Internet of Things devices -- requires a different standard of network monitoring tools. Learn about new and improved tools that conquer those challenges. Continue Reading
-
GICSP: Deconstructing SANS Institute's new ICS security cert
A new SANS Institute certification, GICSP, could prove useful to industrial control system (ICS) security professionals. Expert Ernie Hayden explains the certification and how to prepare for the exam. Continue Reading
-
Developing a compliance awareness training program
Developing a compliance awareness training program is key to preventing accidental internal compliance breaches. Expert Mike Chapple explains the steps to follow when starting such a program. Continue Reading
-
Big data security analytics: Facebook's ThreatData framework
Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense. Continue Reading
-
Open source PCI DSS: A strategy for cheaper, easier PCI compliance
Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs. Continue Reading
-
Third-party vendor management security best practices
Third-party vendor management is important for avoiding incidents like the Target breach. Joseph Granneman offers four must-have security controls. Continue Reading
-
Are malicious mobile apps a mere inconvenience or a real threat?
How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices? Continue Reading
-
Benefits and tradeoffs: Is a UTM appliance your best bet?
Unified threat management tools offer layered security and defense against sophisticated attacks. But, there are caveats. How deep are your pockets? Continue Reading
-
What is UTM? Inside unified threat management's layered defense
Enterprise devices are under attack. A unified threat management (UTM) product can help give your company a fighting chance. Continue Reading
-
Benefits of using a UTM appliance to reduce security incidents
Unified threat management, or UTM, appliances offer four major enterprise benefits. Learn how this key tool can help reduce security incidents. Continue Reading
-
Enterprise UTM products: Five questions to ask before purchasing
Is your enterprise ready for UTM? Uncover five questions to ask prior to purchase to get the most out of the investment. Continue Reading
-
The top 10 questions you should ask potential UTM vendors
When evaluating potential UTM vendors, it's critical to know which questions to ask. Here are 10 questions about things your enterprise needs to know. Continue Reading
-
Using UTM to lower costs, reduce latency and improve security rollouts
Unified threat management appliances are critical for improving future security rollouts, reducing costs and minimizing latency. Continue Reading
-
The eight core network security capabilities of UTM appliances
Before purchasing a UTM appliance, it is critical to understand its core capabilities. Review eight core network security features of UTM products. Continue Reading
-
Scoping out the UTM market: UTM vendors at a glance
This comprehensive list of UTM vendors aims to help enterprises evaluate who's who in the UTM market. Continue Reading
-
Evaluating UTM products: Pros and cons of UTM appliances
Before you invest in a UTM product, it's critical to ensure it will fulfill your security needs. Learn the pros and cons of UTM appliances. Continue Reading
-
Does your SIEM integrate threat intelligence feeds?
New technology integrates threat intelligence and evaluates it against known system vulnerabilities for better prioritization of security controls. Continue Reading
-
Stop attackers hacking with Metasploit
Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking. Continue Reading
-
Snort OpenAppID introduction: Open source application control
The OpenAppID engine for Snort promises to enable organizations to create an open source application firewall. Kevin Beaver explores how it works. Continue Reading
-
Don't get spoofed by distributed denial-of-service attacks
Distributed denial-of-service attacks continue to use spoofing. But there are means to stop the practice. Continue Reading
-
How to avoid brand hacking and ensure enterprise social media security
Enterprise social media has revolutionized how businesses communicate with consumers. However, it has also made brand hacking an even larger concern. Continue Reading
-
Exploring logical, physical access control systems integration
Is it smart for infosec teams to push for integration of logical and physical access control systems? Learn how to make the case and where to start. Continue Reading
-
Java-based malware: Mitigating the threat of JRE vulnerabilities
Java-based malware and JRE vulnerabilities are a constant enterprise threat. Expert Nick Lewis reveals how to reduce (or at least tolerate) the risk. Continue Reading
-
Network segmentation: No-brainer or unseen network security threat?
When it comes to security, network segmentation can be a blessing or a curse. In this tip, we look at the pros and cons of this enterprise decision. Continue Reading
-
NIST cybersecurity framework analysis: Putting it to good use
Expert Ernie Hayden explains how critical infrastructure organizations can use the NIST cybersecurity framework to assess, improve infosec practices. Continue Reading
-
Why wait for FIDO? Multifactor authentication methods you can use now
FIDO-ready tech could take a while, but there are a variety of multifactor authentication methods available now to make your logins secure. Continue Reading
-
NSA TAO: What Tailored Access Operations unit means for enterprises
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses. Continue Reading
-
App security: Decompiling Android APK files
Find hidden malware or security weaknesses by decompiling Android applications into Java source code. Continue Reading
-
CryptoLocker ransomware: Why ransomware prevention is a losing battle
The CryptoLocker ransomware caught many enterprises off guard. Expert Nick Lewis explains why it's unique and the one defense strategy that works. Continue Reading
-
Changes to ISO 27001: What's new in the 2013 ISO 27001 update?
Expert Mike Chapple reviews the recent ISO 27001 update, including the three most significant changes to ISO 27001 and the effect on infosec programs. Continue Reading
-
API security: How to ensure secure API use in the enterprise
API security is a growing enterprise concern. In the wake of recent high-profile breaches, discover how to alleviate the issues of insecure APIs. Continue Reading
-
What to do when shadow IT risks move to the cloud
Shadow IT isn't new, but now it's climbed into the cloud. Get a grip on it the old-fashioned way, with discovery, monitoring and interdiction. Continue Reading
-
How descoping measures can help reduce regulatory compliance burden
Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden. Continue Reading
-
Three ways to raise infosec awareness among non-security executives
Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness. Continue Reading
-
Using Wireshark: Reviewing four key Wireshark features
Become familiar with four Wireshark features network security pros value in this packet-capturing analytics tool. Continue Reading
-
How to build an effective corporate privacy compliance program
Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements. Continue Reading
-
SHA-1 to SHA-2: The future of SSL and enterprise application security
The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails. Continue Reading
-
Smart defense is good offense: Rethink how you use your SIEM product
Learn how to improve policies and enhance monitoring to make your security information and event management (SIEM) product more effective. Continue Reading
-
Essential security analytics technology for advanced malware detection
Josh Sokol reviews the security technologies needed to support a successful security analytics program focused on advanced malware detection. Continue Reading
-
Pre-audit planning: Four keys to a successful IT security audit
One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor. Continue Reading
-
How to rank enterprise network security vulnerabilities
Risk management programs yield massive data on network security vulnerabilities. Infosec pros must rank risks before prioritizing remediation efforts. Continue Reading
-
Improve disaster preparedness with the National Mitigation Framework
Businesses can use FEMA's National Mitigation Framework to improve disaster preparedness planning. Expert Joseph Granneman explains how. Continue Reading
-
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks. Continue Reading
-
Identifying and preventing router, switch and firewall vulnerabilities
Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure. Continue Reading
-
Mitigate malicious apps with mobile device security training
Mobile device security training can help reduce the threat of malicious mobile apps by making users think twice before clicking download. Continue Reading
-
PCI DSS version 3.0: The five most important changes for merchants
PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later. Continue Reading
-
Web browser extension security: Mitigating browser plug-in threats
Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats. Continue Reading
-
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk. Continue Reading
-
CRM, ERP security best practices: How to secure aging software
Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices. Continue Reading
-
Adaptive authentication: An introduction to risk-based authentication
Enterprise use of adaptive authentication is growing internally and for Web applications. Brad Causey details the allure of risk-based authentication. Continue Reading
-
Social media regulations and compliance: What enterprises should know
Nick Hayes of Forrester Research details social media regulations and compliance issues, including five compliance areas that enterprises must manage. Continue Reading
-
Data governance 2.0: Adapting to a new data governance framework
Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details. Continue Reading
-
How threat intelligence can give enterprise security the upper hand
Expert Nick Lewis covers the benefits of threat intelligence for enterprises, plus how to integrate intel feeds with existing security programs. Continue Reading
-
VDI security: The benefits and pitfalls of virtualizing endpoints
With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details. Continue Reading
-
Use SIEM technology to identify unauthorized access attempts
Analyst Anton Chuvakin explains how to use SIEM technology to identify unauthorized access attempts that can lead to data theft. Continue Reading
-
Keys to a successful network-based malware detection deployment
Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises. Continue Reading
-
IT compliance planning: How to maintain IT compliance documentation
Documentation is a key requirement for many IT security regulations. Expert Mike Chapple offers tips for maintaining documentation the right way. Continue Reading
-
A decade later: SOX program management best practices
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice. Continue Reading
-
Why sandboxing technology is integral for advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises. Continue Reading
-
TPM security overview: Defining the benefits of TPM devices
The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security. Continue Reading
-
Security incident response procedures: When to do a system shutdown
At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown. Continue Reading
-
Open source code management: How to safely use open source libraries
Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries. Continue Reading
-
Advanced threat-detection products emerge: Benefits and challenges
Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge. Continue Reading
-
CASP certification: Does CompTIA's security certification offer value?
The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group. Continue Reading
-
Whistleblower policy: Preventing insider information leak incidents
NSA-level incidents are rare, but they do happen. Learn how to prevent a whistleblower scenario and limit the risk of insider information leaks. Continue Reading
-
Two-factor authentication options, use cases and best practices
It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer. Continue Reading
-
How to enact Apache security best practices for Web server security
With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise. Continue Reading
-
Unmanaged endpoints? Rethink the defense-in-depth security model
Today's endpoint security model is failing. What's next? Learn why endpoint defense-in-depth controls must assume the endpoint is compromised. Continue Reading
-
No firewall? How disabling the firewall can improve network security
Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security. Continue Reading