Tips

Tips

• Five network security lessons learned from the Sony Pictures hack

  Following the Sony Pictures hack, several of the company's network security shortcomings were revealed. Expert Kevin Beaver explains how better network security may have prevented the extent of the breach.  Continue Reading

• How to prevent firewall failures with proper testing and maintenance

  Expert Eric Cole explains how to remedy an underperforming or failing firewall with proper maintenance and testing.  Continue Reading

• Understanding footprinting as a predecessor to cyberattacks

  Footprinting can often lead to cyberattacks on an enterprise. Expert Ernie Hayden explains the footprinting technique and how it's performed.  Continue Reading

• What Apple Pay tokenization means for PCI DSS compliance

  Tokenization is a key technology underlying Apple Pay, promising to boost payment data security. Mike Chapple examines how Apple Pay's tokenization system works, and whether it will provide any PCI DSS compliance relief.  Continue Reading

• How Shellshock transformed the future of shell security

  The Shellshock Bash bug left millions of systems unsecure. Enterprise threats expert Nick Lewis discusses how the bug changed shell security for the better.  Continue Reading

• How TLS 1.3 updates aim to ensure secure Internet communications

  Following a slew of TLS vulnerabilities over the past year, the IETF is working on an updated version of the protocol. Security expert Michael Cobb discusses the changes and improvements.  Continue Reading

• SIEM systems: Using analytics to reduce false positives

  Combining data from a variety of sources with better analytics can reduce workloads.  Continue Reading

• Information security and lawyers: Three ways to be besties

  Legal teams play a key supporting role in successful information security programs. Expert Mike Chapple reviews three areas where infosec pros and lawyers should work together, and offers tips to foster effective collaboration.  Continue Reading

• Understanding FDA guidance on medical device cybersecurity

  Medical device security is a growing concern. Expert Mike Villegas shares how to make sense of the new FDA cybersecurity guidelines for medical device manufacturers.  Continue Reading

• Using intrusion detection systems for incident prevention, improving ROI

  Security expert Bill Hayes discusses the top benefits of intrusion detection systems, including identifying and preventing security incidents, protecting vulnerable assets, improving ROI and more.  Continue Reading

• Intrusion detection project design and rollout

  Evaluating intrusion detection technology requires an understanding of its capabilities. Get help with getting started on an intrusion system program design and uncover technical considerations your enterprise needs to know.  Continue Reading

• Final five considerations when evaluating intrusion detection tools

  Before making an investment in an intrusion detection and prevention system, be sure to read this list of five final considerations to keep in mind during intrusion detection system evaluation.  Continue Reading

• Introduction to intrusion detection and prevention technologies

  Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important.  Continue Reading

• Types of intrusion detection products: Suite vs. best-of-breed

  When evaluating types of intrusion detection products, it is important to distinguish whether a best-of-breed or suite-based product is the right match for your enterprise. Expert Bill Hayes offers guidance to help you decide.  Continue Reading

• Evaluating enterprise intrusion detection system vendors

  Selecting an intrusion detection and prevention system vendor can be a time-consuming task. Get help evaluating vendors and products with this list of must-ask questions. Plus, a comprehensive vendor list.  Continue Reading

• What the Community Health Systems breach can teach your organization

  The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach.  Continue Reading

• Benefits of the Cisco OpenSOC security analytics framework

  Cisco's open source security analytics framework aims to help enterprises address visibility and incident management challenges. Expert Kevin Beaver discusses OpenSOC and what to consider when integrating it into an enterprise security strategy.  Continue Reading

• How to stop card-not-present scams and keep customers happy

  Merchants need to balance buyers' online experiences and their controls for analyzing suspicious purchasing behavior to prevent card-not-present scams.  Continue Reading

• Transaction analytics tools can rescue companies from fraud

  Implementing data analytics tools to examine transactions will help companies detect fraud and prevent losses for their customers.  Continue Reading

• Four ways security compliance standards strengthen enterprise security

  Rather than approaching security compliance standards as boxes to be checked, expert Steven Weil provides four ways enterprises can use compliance standards to strengthen security programs.  Continue Reading

• SSL/TLS security: Addressing WinShock, the Schannel vulnerability

  Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks.  Continue Reading

• How emerging threat intelligence tools affect network security

  Up and coming threat intelligence tools aim to improve data security and even standardize threat intelligence across the industry. Expert Kevin Beaver explains how.  Continue Reading

• Getting to know the new GIAC certification: GCCC

  The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why.  Continue Reading

• How to evaluate IPv6 network security with SI6 Networks IPv6 Toolkit

  Some security pros underestimate the importance of IPv6 network security assessment tools. Expert Fernando Gont offers an illustrated guide on how to use SI6 Networks' free IPv6 toolkit.  Continue Reading

• DDoS mitigation: Denying denial-of-service attacks

  Employ a mix of internal and cloud-based DDoS mitigation controls to minimize business disruptions from these increasingly complex attacks.  Continue Reading

• A CISO's introduction to enterprise data governance strategy

  Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans.  Continue Reading

• Apple iOS 8 security features: What they mean for enterprise security

  Expert Lisa Phifer discusses new Apple iOS 8 security features and potential pitfalls, as well as the enterprise security ramifications of new iOS features, including Extensions, Family Sharing and Apple Pay.  Continue Reading

• What the FIDO specification means for multi-factor authentication

  Stay apprised of developments with the FIDO specification and share the joy of what FIDO authentication and freedom from passwords mean.  Continue Reading

• Mini risk assessments: Simplifying protection of critical assets

  Expert Eric Cole explains how his simplified, risk-based approach to security will help enterprises better identify -- and prevent -- the most dangerous threats.  Continue Reading

• The POODLE vulnerability and its effect on SSL/TLS security

  The POODLE vulnerability was patched in October, yet new vulnerabilities are causing concern. Expert Michael Cobb discusses how to maintain SSL/TLS security in the enterprise.  Continue Reading

• Lessons learned: Network security implications of Shellshock

  Shellshock had a tremendous impact on network security, affecting many popular vendors and products. Expert Kevin Beaver discusses what Shellshock means to network security, and the lessons that can be learned from the vulnerability.  Continue Reading

• How to increase the importance of information security in enterprises

  Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.  Continue Reading

• What is endpoint security? What benefits does it offer?

  The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.  Continue Reading

• Endpoint security software: Integrated suite or point products?

  Deciding whether your organization needs an integrated endpoint security software suite or set of point products can be challenging. Expert Karen Scarfone discusses.  Continue Reading

• Endpoint protection software features and functionality

  Learn about the different capabilities endpoint protection software often includes and the security benefits each of these capabilities have to offer.  Continue Reading

• Top benefits of an integrated endpoint security suite

  When implementing endpoint security, is it better to buy standalone products or an endpoint security suite? Expert Karen Scarfone discusses the top benefits of integrated endpoint protection.  Continue Reading

• Detecting backdoors: The Apple backdoor that never was?

  The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.  Continue Reading

• Investing in endpoint security software: Final considerations

  Before investing in an endpoint security software product, be sure your enterprise asks itself these six critical questions.  Continue Reading

• Ten questions to ask endpoint security vendors

  Evaluating endpoint security vendors and their products can be a challenging task. Expert Karen Scarfone outlines 10 must-ask questions to start your list. Plus, check out a list of comprehensive endpoint security vendors  Continue Reading

• A first look at Windows 10 security features

  In a preview of Windows 10 security features, expert Michael Cobb discusses three improvements that will boost enterprise security.  Continue Reading

• IPv6 extension headers and security: Analyzing the risk

  IPv6 security expert Fernando Gont explains why IPv6 extension headers can inadvertently subvert security controls or foster denial-of-service conditions.  Continue Reading

• Using secure network tiers to bolster network security rules

  If your enterprise struggles to manage network security rules effectively, expert Eric Cole explains why a tiered network may simplify rules management and protect sensitive assets.  Continue Reading

• Malware defense: How to detect and mitigate advanced evasion techniques

  Expert Nick Lewis explores a number of techniques used by advanced malware to evade detection and explains how to detect and mitigate the threats.  Continue Reading

• Finding an enterprise SIEM: What problems are you trying to solve?

  Purchasing a SIEM system isn't as easy as picking a product off of the shelf. Expert Adrian Lane explains how your enterprise can figure out exactly what it needs from a SIEM, making the evaluating process a lot simpler.  Continue Reading

• 10 good security habits for keeping your organization secure

  Enterprises that succeed in information security share a number of good security habits. Expert Steven Weil reviews the top ten best practices that are essential to success.  Continue Reading

• Understanding security flaws in IPv6 addressing schemes

  Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.  Continue Reading

• Basing incident response management on NIST SP 800-61

  Incident response management can trip up both government agencies and enterprises alike. Expert Joseph Granneman looks at incident response techniques based on NIST SP 800-61.  Continue Reading

• Inside the four main elements of DLP tools

  Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP.  Continue Reading

• Does your enterprise need a data loss prevention system?

  Not every business needs a data loss prevention system. Security expert Rich Mogull offers clues to help your organization decide if DLP will suit its business needs.  Continue Reading

• Inside DLP: Full-suite products, DLP lite, content analysis

  Data loss prevention (DLP) can be a confusing technology. Security expert Rich Mogull discusses the difference between DLP and DLP lite, as well as the ins and outs of content analysis.  Continue Reading

• Evaluating DLP systems: Eight questions to ask before buying

  Data loss prevention, or DLP systems are not perfect for every organization, but how will you know if it is meant for your business? Security expert Rich Mogull offers eight questions to help you decide.  Continue Reading

• The three stages of the ISO 31000 risk management process

  The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.  Continue Reading

• Data loss prevention market: DLP vendors (and the questions to ask them)

  Learn more about the data loss prevention marketplace, DLP vendors and critical questions to ask when evaluating potential DLP products for your enterprise.  Continue Reading

• Exploring the top four DLP benefits for enterprises

  Data loss prevention products can vary greatly, yet they all offer the same four core advantages. Rich Mogull explains the top ways DLP can benefit your enterprise.  Continue Reading

• An intro to automated penetration testing

  In this exploratory article, expert Mike Chapple explains what automated penetration testing is, why it is useful and how to start building an enterprise penetration tester toolkit.  Continue Reading

• How to take a measured approach to automated penetration testing

  Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains.  Continue Reading

• NIST SP800-82: The evolution of the ICS guide

  Expert Ernie Hayden takes an in-depth look at the development of NIST SP800-82 since its birth, and what the standard includes in the most recent revision.  Continue Reading

• Mainframe security best practices for compliance with PCI DSS

  Mainframe security is a largely overlooked topic by QSAs assessing compliance with PCI DSS, but expert Mike Villegas explains why enterprises can't ignore the key security controls to ensure mainframe compliance.  Continue Reading

• Top questions to ask mobile device management vendors

  With so many mobile device management vendors and products in the marketplace, choosing one to use in your enterprise can be a challenge. Check out these 13 vendor questions that will help make the evaluation process easier.  Continue Reading

• Hacking forensics: Windows command-line tools for the modern era

  It's a fact of life: Windows systems get hacked. In this tip, expert Nick Lewis discusses multiple Windows command-line tools to help enterprises discover if their system has been compromised.  Continue Reading

• Continuous monitoring: Start with basic data collection techniques

  Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor.  Continue Reading

• NGFW benefits include identity awareness, secure mobile access

  Security expert Diana Kelley outlines three major benefits of next-generation firewalls: their ability to thwart unknown attacks, to make decisions using identity awareness and to ensure secure access by remote and mobile users.  Continue Reading

• Evaluating next-gen firewall vendors: Top 11 must-ask questions

  Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase.  Continue Reading

• Next-generation firewall benefits: Is an NGFW best for your company?

  A next-generation firewall won't meet the security needs of every single organization. Before making the move to next generation, be sure your enterprise understands these key decision criteria.  Continue Reading

• Five steps for improving an authenticated vulnerability scan

  Running an authenticated vulnerability scan can help detect flaws in your system, yet many organizations don't invest in this methodology. Security expert Kevin Beaver discusses five ways to get the most out of an authenticated vulnerability scan.  Continue Reading

• Amazon Fire Phone security features and pitfalls

  The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings.  Continue Reading

• Next-generation tools for next-generation network security

  The next-generation network -- one that must encompass the cloud, mobility and Internet of Things devices -- requires a different standard of network monitoring tools. Learn about new and improved tools that conquer those challenges.  Continue Reading

• GICSP: Deconstructing SANS Institute's new ICS security cert

  A new SANS Institute certification, GICSP, could prove useful to industrial control system (ICS) security professionals. Expert Ernie Hayden explains the certification and how to prepare for the exam.  Continue Reading

• Developing a compliance awareness training program

  Developing a compliance awareness training program is key to preventing accidental internal compliance breaches. Expert Mike Chapple explains the steps to follow when starting such a program.  Continue Reading

• Big data security analytics: Facebook's ThreatData framework

  Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense.  Continue Reading

• Open source PCI DSS: A strategy for cheaper, easier PCI compliance

  Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs.  Continue Reading

• Third-party vendor management security best practices

  Third-party vendor management is important for avoiding incidents like the Target breach. Joseph Granneman offers four must-have security controls.  Continue Reading

• Are malicious mobile apps a mere inconvenience or a real threat?

  How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices?  Continue Reading

• Benefits and tradeoffs: Is a UTM appliance your best bet?

  Unified threat management tools offer layered security and defense against sophisticated attacks. But, there are caveats. How deep are your pockets?  Continue Reading

• What is UTM? Inside unified threat management's layered defense

  Enterprise devices are under attack. A unified threat management (UTM) product can help give your company a fighting chance.  Continue Reading

• Benefits of using a UTM appliance to reduce security incidents

  Unified threat management, or UTM, appliances offer four major enterprise benefits. Learn how this key tool can help reduce security incidents.  Continue Reading

• Enterprise UTM products: Five questions to ask before purchasing

  Is your enterprise ready for UTM? Uncover five questions to ask prior to purchase to get the most out of the investment.  Continue Reading

• The top 10 questions you should ask potential UTM vendors

  When evaluating potential UTM vendors, it's critical to know which questions to ask. Here are 10 questions about things your enterprise needs to know.  Continue Reading

• Using UTM to lower costs, reduce latency and improve security rollouts

  Unified threat management appliances are critical for improving future security rollouts, reducing costs and minimizing latency.  Continue Reading

• Scoping out the UTM market: UTM vendors at a glance

  This comprehensive list of UTM vendors aims to help enterprises evaluate who's who in the UTM market.  Continue Reading

• The eight core network security capabilities of UTM appliances

  Before purchasing a UTM appliance, it is critical to understand its core capabilities. Review eight core network security features of UTM products.  Continue Reading

• Evaluating UTM products: Pros and cons of UTM appliances

  Before you invest in a UTM product, it's critical to ensure it will fulfill your security needs. Learn the pros and cons of UTM appliances.  Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.  Continue Reading

• Snort OpenAppID introduction: Open source application control

  The OpenAppID engine for Snort promises to enable organizations to create an open source application firewall. Kevin Beaver explores how it works.  Continue Reading

• Don't get spoofed by distributed denial-of-service attacks

  Distributed denial-of-service attacks continue to use spoofing. But there are means to stop the practice.  Continue Reading

• Exploring logical, physical access control systems integration

  Is it smart for infosec teams to push for integration of logical and physical access control systems? Learn how to make the case and where to start.  Continue Reading

• Java-based malware: Mitigating the threat of JRE vulnerabilities

  Java-based malware and JRE vulnerabilities are a constant enterprise threat. Expert Nick Lewis reveals how to reduce (or at least tolerate) the risk.  Continue Reading

• Network segmentation: No-brainer or unseen network security threat?

  When it comes to security, network segmentation can be a blessing or a curse. In this tip, we look at the pros and cons of this enterprise decision.  Continue Reading

• NIST cybersecurity framework analysis: Putting it to good use

  Expert Ernie Hayden explains how critical infrastructure organizations can use the NIST cybersecurity framework to assess, improve infosec practices.  Continue Reading

• Why wait for FIDO? Multifactor authentication methods you can use now

  FIDO-ready tech could take a while, but there are a variety of multifactor authentication methods available now to make your logins secure.  Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.  Continue Reading

• App security: Decompiling Android APK files

  Find hidden malware or security weaknesses by decompiling Android applications into Java source code.  Continue Reading

• CryptoLocker ransomware: Why ransomware prevention is a losing battle

  The CryptoLocker ransomware caught many enterprises off guard. Expert Nick Lewis explains why it's unique and the one defense strategy that works.  Continue Reading

• Changes to ISO 27001: What's new in the 2013 ISO 27001 update?

  Expert Mike Chapple reviews the recent ISO 27001 update, including the three most significant changes to ISO 27001 and the effect on infosec programs.  Continue Reading

• API security: How to ensure secure API use in the enterprise

  API security is a growing enterprise concern. In the wake of recent high-profile breaches, discover how to alleviate the issues of insecure APIs.  Continue Reading

• How descoping measures can help reduce regulatory compliance burden

  Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden.  Continue Reading

• Three ways to raise infosec awareness among non-security executives

  Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness.  Continue Reading

• Using Wireshark: Reviewing four key Wireshark features

  Become familiar with four Wireshark features network security pros value in this packet-capturing analytics tool.  Continue Reading

• How to build an effective corporate privacy compliance program

  Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements.  Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.  Continue Reading