Tips

Tips

• Top benefits of an integrated endpoint security suite

  When implementing endpoint security, is it better to buy standalone products or an endpoint security suite? Expert Karen Scarfone discusses the top benefits of integrated endpoint protection.  Continue Reading

• Detecting backdoors: The Apple backdoor that never was?

  The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.  Continue Reading

• Investing in endpoint security software: Final considerations

  Before investing in an endpoint security software product, be sure your enterprise asks itself these six critical questions.  Continue Reading

• Ten questions to ask endpoint security vendors

  Evaluating endpoint security vendors and their products can be a challenging task. Expert Karen Scarfone outlines 10 must-ask questions to start your list. Plus, check out a list of comprehensive endpoint security vendors  Continue Reading

• A first look at Windows 10 security features

  In a preview of Windows 10 security features, expert Michael Cobb discusses three improvements that will boost enterprise security.  Continue Reading

• IPv6 extension headers and security: Analyzing the risk

  IPv6 security expert Fernando Gont explains why IPv6 extension headers can inadvertently subvert security controls or foster denial-of-service conditions.  Continue Reading

• Using secure network tiers to bolster network security rules

  If your enterprise struggles to manage network security rules effectively, expert Eric Cole explains why a tiered network may simplify rules management and protect sensitive assets.  Continue Reading

• Malware defense: How to detect and mitigate advanced evasion techniques

  Expert Nick Lewis explores a number of techniques used by advanced malware to evade detection and explains how to detect and mitigate the threats.  Continue Reading

• Finding an enterprise SIEM: What problems are you trying to solve?

  Purchasing a SIEM system isn't as easy as picking a product off of the shelf. Expert Adrian Lane explains how your enterprise can figure out exactly what it needs from a SIEM, making the evaluating process a lot simpler.  Continue Reading

• 10 good security habits for keeping your organization secure

  Enterprises that succeed in information security share a number of good security habits. Expert Steven Weil reviews the top ten best practices that are essential to success.  Continue Reading

• Understanding security flaws in IPv6 addressing schemes

  Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.  Continue Reading

• Basing incident response management on NIST SP 800-61

  Incident response management can trip up both government agencies and enterprises alike. Expert Joseph Granneman looks at incident response techniques based on NIST SP 800-61.  Continue Reading

• Inside the four main elements of DLP tools

  Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP.  Continue Reading

• Does your enterprise need a data loss prevention system?

  Not every business needs a data loss prevention system. Security expert Rich Mogull offers clues to help your organization decide if DLP will suit its business needs.  Continue Reading

• Inside DLP: Full-suite products, DLP lite, content analysis

  Data loss prevention (DLP) can be a confusing technology. Security expert Rich Mogull discusses the difference between DLP and DLP lite, as well as the ins and outs of content analysis.  Continue Reading

• Evaluating DLP systems: Eight questions to ask before buying

  Data loss prevention, or DLP systems are not perfect for every organization, but how will you know if it is meant for your business? Security expert Rich Mogull offers eight questions to help you decide.  Continue Reading

• The three stages of the ISO 31000 risk management process

  The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.  Continue Reading

• Data loss prevention market: DLP vendors (and the questions to ask them)

  Learn more about the data loss prevention marketplace, DLP vendors and critical questions to ask when evaluating potential DLP products for your enterprise.  Continue Reading

• Exploring the top four DLP benefits for enterprises

  Data loss prevention products can vary greatly, yet they all offer the same four core advantages. Rich Mogull explains the top ways DLP can benefit your enterprise.  Continue Reading

• An intro to automated penetration testing

  In this exploratory article, expert Mike Chapple explains what automated penetration testing is, why it is useful and how to start building an enterprise penetration tester toolkit.  Continue Reading

• How to take a measured approach to automated penetration testing

  Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains.  Continue Reading

• NIST SP800-82: The evolution of the ICS guide

  Expert Ernie Hayden takes an in-depth look at the development of NIST SP800-82 since its birth, and what the standard includes in the most recent revision.  Continue Reading

• Mainframe security best practices for compliance with PCI DSS

  Mainframe security is a largely overlooked topic by QSAs assessing compliance with PCI DSS, but expert Mike Villegas explains why enterprises can't ignore the key security controls to ensure mainframe compliance.  Continue Reading

• Top questions to ask mobile device management vendors

  With so many mobile device management vendors and products in the marketplace, choosing one to use in your enterprise can be a challenge. Check out these 13 vendor questions that will help make the evaluation process easier.  Continue Reading

• Hacking forensics: Windows command-line tools for the modern era

  It's a fact of life: Windows systems get hacked. In this tip, expert Nick Lewis discusses multiple Windows command-line tools to help enterprises discover if their system has been compromised.  Continue Reading

• Continuous monitoring: Start with basic data collection techniques

  Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor.  Continue Reading

• NGFW benefits include identity awareness, secure mobile access

  Security expert Diana Kelley outlines three major benefits of next-generation firewalls: their ability to thwart unknown attacks, to make decisions using identity awareness and to ensure secure access by remote and mobile users.  Continue Reading

• Evaluating next-gen firewall vendors: Top 11 must-ask questions

  Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase.  Continue Reading

• Next-generation firewall benefits: Is an NGFW best for your company?

  A next-generation firewall won't meet the security needs of every single organization. Before making the move to next generation, be sure your enterprise understands these key decision criteria.  Continue Reading

• Five steps for improving an authenticated vulnerability scan

  Running an authenticated vulnerability scan can help detect flaws in your system, yet many organizations don't invest in this methodology. Security expert Kevin Beaver discusses five ways to get the most out of an authenticated vulnerability scan.  Continue Reading

• Amazon Fire Phone security features and pitfalls

  The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings.  Continue Reading

• Next-generation tools for next-generation network security

  The next-generation network -- one that must encompass the cloud, mobility and Internet of Things devices -- requires a different standard of network monitoring tools. Learn about new and improved tools that conquer those challenges.  Continue Reading

• GICSP: Deconstructing SANS Institute's new ICS security cert

  A new SANS Institute certification, GICSP, could prove useful to industrial control system (ICS) security professionals. Expert Ernie Hayden explains the certification and how to prepare for the exam.  Continue Reading

• Developing a compliance awareness training program

  Developing a compliance awareness training program is key to preventing accidental internal compliance breaches. Expert Mike Chapple explains the steps to follow when starting such a program.  Continue Reading

• Big data security analytics: Facebook's ThreatData framework

  Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense.  Continue Reading

• Open source PCI DSS: A strategy for cheaper, easier PCI compliance

  Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs.  Continue Reading

• Third-party vendor management security best practices

  Third-party vendor management is important for avoiding incidents like the Target breach. Joseph Granneman offers four must-have security controls.  Continue Reading

• Are malicious mobile apps a mere inconvenience or a real threat?

  How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices?  Continue Reading

• Benefits and tradeoffs: Is a UTM appliance your best bet?

  Unified threat management tools offer layered security and defense against sophisticated attacks. But, there are caveats. How deep are your pockets?  Continue Reading

• What is UTM? Inside unified threat management's layered defense

  Enterprise devices are under attack. A unified threat management (UTM) product can help give your company a fighting chance.  Continue Reading

• Benefits of using a UTM appliance to reduce security incidents

  Unified threat management, or UTM, appliances offer four major enterprise benefits. Learn how this key tool can help reduce security incidents.  Continue Reading

• Enterprise UTM products: Five questions to ask before purchasing

  Is your enterprise ready for UTM? Uncover five questions to ask prior to purchase to get the most out of the investment.  Continue Reading

• The top 10 questions you should ask potential UTM vendors

  When evaluating potential UTM vendors, it's critical to know which questions to ask. Here are 10 questions about things your enterprise needs to know.  Continue Reading

• Using UTM to lower costs, reduce latency and improve security rollouts

  Unified threat management appliances are critical for improving future security rollouts, reducing costs and minimizing latency.  Continue Reading

• The eight core network security capabilities of UTM appliances

  Before purchasing a UTM appliance, it is critical to understand its core capabilities. Review eight core network security features of UTM products.  Continue Reading

• Scoping out the UTM market: UTM vendors at a glance

  This comprehensive list of UTM vendors aims to help enterprises evaluate who's who in the UTM market.  Continue Reading

• Evaluating UTM products: Pros and cons of UTM appliances

  Before you invest in a UTM product, it's critical to ensure it will fulfill your security needs. Learn the pros and cons of UTM appliances.  Continue Reading

• Does your SIEM integrate threat intelligence feeds?

  New technology integrates threat intelligence and evaluates it against known system vulnerabilities for better prioritization of security controls.  Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.  Continue Reading

• Snort OpenAppID introduction: Open source application control

  The OpenAppID engine for Snort promises to enable organizations to create an open source application firewall. Kevin Beaver explores how it works.  Continue Reading

• Don't get spoofed by distributed denial-of-service attacks

  Distributed denial-of-service attacks continue to use spoofing. But there are means to stop the practice.  Continue Reading

• How to avoid brand hacking and ensure enterprise social media security

  Enterprise social media has revolutionized how businesses communicate with consumers. However, it has also made brand hacking an even larger concern.  Continue Reading

• Exploring logical, physical access control systems integration

  Is it smart for infosec teams to push for integration of logical and physical access control systems? Learn how to make the case and where to start.  Continue Reading

• Java-based malware: Mitigating the threat of JRE vulnerabilities

  Java-based malware and JRE vulnerabilities are a constant enterprise threat. Expert Nick Lewis reveals how to reduce (or at least tolerate) the risk.  Continue Reading

• Network segmentation: No-brainer or unseen network security threat?

  When it comes to security, network segmentation can be a blessing or a curse. In this tip, we look at the pros and cons of this enterprise decision.  Continue Reading

• NIST cybersecurity framework analysis: Putting it to good use

  Expert Ernie Hayden explains how critical infrastructure organizations can use the NIST cybersecurity framework to assess, improve infosec practices.  Continue Reading

• Why wait for FIDO? Multifactor authentication methods you can use now

  FIDO-ready tech could take a while, but there are a variety of multifactor authentication methods available now to make your logins secure.  Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.  Continue Reading

• App security: Decompiling Android APK files

  Find hidden malware or security weaknesses by decompiling Android applications into Java source code.  Continue Reading

• CryptoLocker ransomware: Why ransomware prevention is a losing battle

  The CryptoLocker ransomware caught many enterprises off guard. Expert Nick Lewis explains why it's unique and the one defense strategy that works.  Continue Reading

• Changes to ISO 27001: What's new in the 2013 ISO 27001 update?

  Expert Mike Chapple reviews the recent ISO 27001 update, including the three most significant changes to ISO 27001 and the effect on infosec programs.  Continue Reading

• API security: How to ensure secure API use in the enterprise

  API security is a growing enterprise concern. In the wake of recent high-profile breaches, discover how to alleviate the issues of insecure APIs.  Continue Reading

• What to do when shadow IT risks move to the cloud

  Shadow IT isn't new, but now it's climbed into the cloud. Get a grip on it the old-fashioned way, with discovery, monitoring and interdiction.  Continue Reading

• How descoping measures can help reduce regulatory compliance burden

  Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden.  Continue Reading

• Three ways to raise infosec awareness among non-security executives

  Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness.  Continue Reading

• Using Wireshark: Reviewing four key Wireshark features

  Become familiar with four Wireshark features network security pros value in this packet-capturing analytics tool.  Continue Reading

• How to build an effective corporate privacy compliance program

  Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements.  Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.  Continue Reading

• Smart defense is good offense: Rethink how you use your SIEM product

  Learn how to improve policies and enhance monitoring to make your security information and event management (SIEM) product more effective.  Continue Reading

• Essential security analytics technology for advanced malware detection

  Josh Sokol reviews the security technologies needed to support a successful security analytics program focused on advanced malware detection.  Continue Reading

• Pre-audit planning: Four keys to a successful IT security audit

  One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor.  Continue Reading

• How to rank enterprise network security vulnerabilities

  Risk management programs yield massive data on network security vulnerabilities. Infosec pros must rank risks before prioritizing remediation efforts.  Continue Reading

• Improve disaster preparedness with the National Mitigation Framework

  Businesses can use FEMA's National Mitigation Framework to improve disaster preparedness planning. Expert Joseph Granneman explains how.  Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.  Continue Reading

• Identifying and preventing router, switch and firewall vulnerabilities

  Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure.  Continue Reading

• Mitigate malicious apps with mobile device security training

  Mobile device security training can help reduce the threat of malicious mobile apps by making users think twice before clicking download.  Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.  Continue Reading

• Web browser extension security: Mitigating browser plug-in threats

  Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats.  Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.  Continue Reading

• CRM, ERP security best practices: How to secure aging software

  Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices.  Continue Reading

• Adaptive authentication: An introduction to risk-based authentication

  Enterprise use of adaptive authentication is growing internally and for Web applications. Brad Causey details the allure of risk-based authentication.  Continue Reading

• Social media regulations and compliance: What enterprises should know

  Nick Hayes of Forrester Research details social media regulations and compliance issues, including five compliance areas that enterprises must manage.  Continue Reading

• Data governance 2.0: Adapting to a new data governance framework

  Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details.  Continue Reading

• How threat intelligence can give enterprise security the upper hand

  Expert Nick Lewis covers the benefits of threat intelligence for enterprises, plus how to integrate intel feeds with existing security programs.  Continue Reading

• VDI security: The benefits and pitfalls of virtualizing endpoints

  With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details.  Continue Reading

• Use SIEM technology to identify unauthorized access attempts

  Analyst Anton Chuvakin explains how to use SIEM technology to identify unauthorized access attempts that can lead to data theft.  Continue Reading

• Keys to a successful network-based malware detection deployment

  Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises.  Continue Reading

• IT compliance planning: How to maintain IT compliance documentation

  Documentation is a key requirement for many IT security regulations. Expert Mike Chapple offers tips for maintaining documentation the right way.  Continue Reading

• A decade later: SOX program management best practices

  After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.  Continue Reading

• Why sandboxing technology is integral for advanced malware detection

  Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.  Continue Reading

• TPM security overview: Defining the benefits of TPM devices

  The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security.  Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.  Continue Reading

• Open source code management: How to safely use open source libraries

  Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.  Continue Reading

• Advanced threat-detection products emerge: Benefits and challenges

  Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.  Continue Reading

• CASP certification: Does CompTIA's security certification offer value?

  The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group.  Continue Reading

• Whistleblower policy: Preventing insider information leak incidents

  NSA-level incidents are rare, but they do happen. Learn how to prevent a whistleblower scenario and limit the risk of insider information leaks.  Continue Reading

• Two-factor authentication options, use cases and best practices

  It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer.  Continue Reading

• How to enact Apache security best practices for Web server security

  With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise.  Continue Reading

• Unmanaged endpoints? Rethink the defense-in-depth security model

  Today's endpoint security model is failing. What's next? Learn why endpoint defense-in-depth controls must assume the endpoint is compromised.  Continue Reading

• No firewall? How disabling the firewall can improve network security

  Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.  Continue Reading