Tips

Tips

• Evaluating UTM products: Pros and cons of UTM appliances

  Before you invest in a UTM product, it's critical to ensure it will fulfill your security needs. Learn the pros and cons of UTM appliances.  Continue Reading

• Does your SIEM integrate threat intelligence feeds?

  New technology integrates threat intelligence and evaluates it against known system vulnerabilities for better prioritization of security controls.  Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.  Continue Reading

• Snort OpenAppID introduction: Open source application control

  The OpenAppID engine for Snort promises to enable organizations to create an open source application firewall. Kevin Beaver explores how it works.  Continue Reading

• Don't get spoofed by distributed denial-of-service attacks

  Distributed denial-of-service attacks continue to use spoofing. But there are means to stop the practice.  Continue Reading

• How to avoid brand hacking and ensure enterprise social media security

  Enterprise social media has revolutionized how businesses communicate with consumers. However, it has also made brand hacking an even larger concern.  Continue Reading

• Exploring logical, physical access control systems integration

  Is it smart for infosec teams to push for integration of logical and physical access control systems? Learn how to make the case and where to start.  Continue Reading

• Java-based malware: Mitigating the threat of JRE vulnerabilities

  Java-based malware and JRE vulnerabilities are a constant enterprise threat. Expert Nick Lewis reveals how to reduce (or at least tolerate) the risk.  Continue Reading

• Network segmentation: No-brainer or unseen network security threat?

  When it comes to security, network segmentation can be a blessing or a curse. In this tip, we look at the pros and cons of this enterprise decision.  Continue Reading

• NIST cybersecurity framework analysis: Putting it to good use

  Expert Ernie Hayden explains how critical infrastructure organizations can use the NIST cybersecurity framework to assess, improve infosec practices.  Continue Reading

• Why wait for FIDO? Multifactor authentication methods you can use now

  FIDO-ready tech could take a while, but there are a variety of multifactor authentication methods available now to make your logins secure.  Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.  Continue Reading

• App security: Decompiling Android APK files

  Find hidden malware or security weaknesses by decompiling Android applications into Java source code.  Continue Reading

• CryptoLocker ransomware: Why ransomware prevention is a losing battle

  The CryptoLocker ransomware caught many enterprises off guard. Expert Nick Lewis explains why it's unique and the one defense strategy that works.  Continue Reading

• Changes to ISO 27001: What's new in the 2013 ISO 27001 update?

  Expert Mike Chapple reviews the recent ISO 27001 update, including the three most significant changes to ISO 27001 and the effect on infosec programs.  Continue Reading

• API security: How to ensure secure API use in the enterprise

  API security is a growing enterprise concern. In the wake of recent high-profile breaches, discover how to alleviate the issues of insecure APIs.  Continue Reading

• What to do when shadow IT risks move to the cloud

  Shadow IT isn't new, but now it's climbed into the cloud. Get a grip on it the old-fashioned way, with discovery, monitoring and interdiction.  Continue Reading

• How descoping measures can help reduce regulatory compliance burden

  Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden.  Continue Reading

• Three ways to raise infosec awareness among non-security executives

  Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness.  Continue Reading

• Using Wireshark: Reviewing four key Wireshark features

  Become familiar with four Wireshark features network security pros value in this packet-capturing analytics tool.  Continue Reading

• How to build an effective corporate privacy compliance program

  Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements.  Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.  Continue Reading

• Smart defense is good offense: Rethink how you use your SIEM product

  Learn how to improve policies and enhance monitoring to make your security information and event management (SIEM) product more effective.  Continue Reading

• Essential security analytics technology for advanced malware detection

  Josh Sokol reviews the security technologies needed to support a successful security analytics program focused on advanced malware detection.  Continue Reading

• Pre-audit planning: Four keys to a successful IT security audit

  One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor.  Continue Reading

• How to rank enterprise network security vulnerabilities

  Risk management programs yield massive data on network security vulnerabilities. Infosec pros must rank risks before prioritizing remediation efforts.  Continue Reading

• Improve disaster preparedness with the National Mitigation Framework

  Businesses can use FEMA's National Mitigation Framework to improve disaster preparedness planning. Expert Joseph Granneman explains how.  Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.  Continue Reading

• Identifying and preventing router, switch and firewall vulnerabilities

  Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure.  Continue Reading

• Mitigate malicious apps with mobile device security training

  Mobile device security training can help reduce the threat of malicious mobile apps by making users think twice before clicking download.  Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.  Continue Reading

• Web browser extension security: Mitigating browser plug-in threats

  Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats.  Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.  Continue Reading

• CRM, ERP security best practices: How to secure aging software

  Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices.  Continue Reading

• Adaptive authentication: An introduction to risk-based authentication

  Enterprise use of adaptive authentication is growing internally and for Web applications. Brad Causey details the allure of risk-based authentication.  Continue Reading

• Social media regulations and compliance: What enterprises should know

  Nick Hayes of Forrester Research details social media regulations and compliance issues, including five compliance areas that enterprises must manage.  Continue Reading

• Data governance 2.0: Adapting to a new data governance framework

  Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details.  Continue Reading

• How threat intelligence can give enterprise security the upper hand

  Expert Nick Lewis covers the benefits of threat intelligence for enterprises, plus how to integrate intel feeds with existing security programs.  Continue Reading

• VDI security: The benefits and pitfalls of virtualizing endpoints

  With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details.  Continue Reading

• Use SIEM technology to identify unauthorized access attempts

  Analyst Anton Chuvakin explains how to use SIEM technology to identify unauthorized access attempts that can lead to data theft.  Continue Reading

• Keys to a successful network-based malware detection deployment

  Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises.  Continue Reading

• IT compliance planning: How to maintain IT compliance documentation

  Documentation is a key requirement for many IT security regulations. Expert Mike Chapple offers tips for maintaining documentation the right way.  Continue Reading

• A decade later: SOX program management best practices

  After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.  Continue Reading

• Why sandboxing technology is integral for advanced malware detection

  Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.  Continue Reading

• TPM security overview: Defining the benefits of TPM devices

  The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security.  Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.  Continue Reading

• Open source code management: How to safely use open source libraries

  Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.  Continue Reading

• Advanced threat-detection products emerge: Benefits and challenges

  Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.  Continue Reading

• CASP certification: Does CompTIA's security certification offer value?

  The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group.  Continue Reading

• Whistleblower policy: Preventing insider information leak incidents

  NSA-level incidents are rare, but they do happen. Learn how to prevent a whistleblower scenario and limit the risk of insider information leaks.  Continue Reading

• Two-factor authentication options, use cases and best practices

  It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer.  Continue Reading

• How to enact Apache security best practices for Web server security

  With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise.  Continue Reading

• No firewall? How disabling the firewall can improve network security

  Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.  Continue Reading

• Understanding logic bomb attacks: Examples and countermeasures

  In light of the attacks on South Korean organizations, expert Nick Lewis defines logic bomb attacks and offers other examples and countermeasures.  Continue Reading

• PCI e-commerce compliance guidelines for third-party payment processors

  Expert Mike Chapple details the PCI SSC's third-party processor rules and how to outsource card processing and stay PCI DSS compliant.  Continue Reading

• How key MDM features affect mobile security policy management

  As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly.  Continue Reading

• Intro to two-factor authentication in Web authentication scenarios

  The Web's top brands are implementing two-factor authentication for consumer Web authentication. Learn 2FA benefits, burdens and how to get started.  Continue Reading

• How to reduce IT security risk with IT asset management

  IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk.  Continue Reading

• Using network flow analysis to improve network security visibility

  To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.  Continue Reading

• Exploit kits evolved: How to defend against the latest attack toolkits

  Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits.  Continue Reading

• A HIPAA compliance checklist for corporate mergers and acquisitions

  Learn about the important HIPAA compliance best practices that can help maintain compliance before and after a corporate merger or acquisition.  Continue Reading

• SIEM best practices for advanced attack detection

  SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step.  Continue Reading

• How to use compliance automation to reduce compliance risk

  Tony UcedaVelez offers tips for automating compliance tasks to reduce IT security and compliance risk while easing the pain of arduous compliance audits.  Continue Reading

• The evolution of threat detection and management

  Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses.  Continue Reading

• Antimalware software introduction: Business benefits and drawbacks

  Mike Rothman discusses how antimalware software has evolved to develop various business and technology issues, but also still holds many benefits.  Continue Reading

• How to configure a VLAN to achieve the benefits of VLAN security

  Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.  Continue Reading

• Stopping privilege creep: Limiting user privileges with access reviews

  Most enterprises suffer from privilege creep among long-time employees. Peter Gregory explains how to limit user privileges with access reviews and automation.  Continue Reading

• NoSQL security: Do NoSQL database security features stack up to RDBMS?

  With NoSQL databases increasingly being used to tackle big data challenges, expert Michael Cobb examines NoSQL security in comparison to RDBMS.  Continue Reading

• DLP management tools and reporting: Key considerations

  When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.  Continue Reading

• Using DLP tools for data leakage alerting and preventive actions

  When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.  Continue Reading

• DLP monitoring: Defining policies to monitor data

  DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.  Continue Reading

• Effective DLP products need data discovery and data fingerprinting

  Effective DLP products must be able to handle data discovery to identify and monitor sensitive data. Learn why these features matter.  Continue Reading

• Assumption of breach: How a new mindset can help protect critical data

  By adopting the assumption-of-breach security model, CISOs and security pros can better protect critical data. Expert Ernie Hayden explains.  Continue Reading

• Cyberwar calls for software and system investment, not hacking back

  Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection.  Continue Reading

• Understanding PCI mobile payment processing security guidelines

  Mike Chapple discusses the new PCI Mobile Payment Acceptance Security Guidelines and the mobile payment processing implications for merchants.  Continue Reading

• Improving enterprise email security: Systems and tips

  Enterprise email security has become more vital than ever due to increased attacks and threats. This tip details systems that can improve protection.  Continue Reading

• Defending against watering hole attacks: Consider using a secure VM

  Expert Nick Lewis analyzes the techniques employed by watering hole attacks and discusses how to use a secure VM to defend enterprises against them.  Continue Reading

• Low-cost methods for secure, large file transfer

  Transferring large files safely can be a costly process. Matt Pascucci offers low-cost options for secure, large file transfers in the enterprise.  Continue Reading

• Analysis: Inside the new PCI DSS risk assessment

  Mike Chapple outlines the recommendations in the PCI DSS Risk Assessment Guidelines and explains how they can make a compliance program stronger.  Continue Reading

• Gigabit Wi-Fi security: Is the new 802.11ac standard worth an upgrade?

  Will Gigabit Wi-Fi significantly alter network security, or will it mean business as usual? Expert Brad Casey discusses the new 802.11ac standard.  Continue Reading

• Software patching 2.0: Cutting costs with virtual patching, automation

  Struggling to bring the cost of the patch management process down? Expert Michael Cobb suggests virtual patching and automated tools can play a role.  Continue Reading

• How to negate business logic attack risk: Improve security in the SDLC

  Expert Nick Lewis details the threat posed by business logic attacks and how stressing the importance of security in the SDLC can reduce that threat.  Continue Reading

• Defense-in-depth security: How to establish an ultra-redundant network

  Matthew Pascucci discusses layered security, explaining how to apply defense-in-depth principles toward an ultra-redundant network security posture.  Continue Reading

• SSL certificate management: Avoiding common mistakes

  Errors are bound to occur when SSL certificate management is handled manually. Learn how to avoid these common mistakes.  Continue Reading

• BYOD platform support: Why an iOS and Android strategy makes sense

  All BYOD platform options come with cost and risk. Craig Mathias explains why an iOS and Android BYOD program is viable for most organizations.  Continue Reading

• How a next-generation firewall prevents application-layer attacks

  Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks.  Continue Reading

• BYOD security: How to remotely wipe iPhone and Android devices

  Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.  Continue Reading

• Windows Server 2012 security: Is it time to upgrade?

  Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.  Continue Reading

• Overview: New PCI mobile application development guidelines

  The PCI SSC recently released mobile application development security guidelines. Mike Chapple outlines the document and highlights key takeaways.  Continue Reading

• How to avoid security issues with VPN leaks on dual-stack networks

  The ongoing transition to IPv6 has revealed security issues with VPN leaks on dual-stack networks. Fernando Gont explains and offers mitigations.  Continue Reading

• How to secure Java amid growing Java security vulnerabilities

  Constant Java security vulnerabilities plague Oracle and enterprises alike. Expert Nick Lewis offers tips on how to use Java and the JRE securely.  Continue Reading

• PCI validation: Requirements for merchants covered by PCI DSS

  Mike Chapple details the PCI validation requirements for merchants covered by PCI DSS.  Continue Reading

• After antimalware: Moving toward endpoint antivirus alternatives

  Is it time to "cut the cord" with endpoint antimalware? Matthew Pascucci discusses possible antivirus alternatives.  Continue Reading

• Secure Web gateway overview: Implementation best practices

  In this secure Web gateway overview, learn how to implement, configure and maintain a Web security gateway to support other security devices.  Continue Reading

• Aligning enterprise identity and access management with CIO priorities

  Randall Gamby says aligning enterprise identity and access management with business and CIO priorities demands a more strategic approach to IAM.  Continue Reading

• How to begin corporate security awareness training for executives

  Expert Ernie Hayden provides advice for enterprises that are establishing security awareness training for their security-unaware executives.  Continue Reading

• Security big data: Preparing for a big data collection implementation

  Learn how security big data initiatives support enterprise information security and how to prepare for a big data collection implementation.  Continue Reading

• Options for mitigating digital security certificate problems

  Is your enterprise struggling with digital security certificate problems? Expert Nick Lewis discusses mitigations for digital certificate attacks.  Continue Reading

• How to comply with updated NIST incident response guidelines

  NIST recently updated its incident response guidelines. Find out how to comply with these changes and incorporate them into an incident response plan.  Continue Reading

• Under the Surface: How Windows tablet security meets BYOD challenges

  Expert Michael Cobb says the forthcoming Windows tablet security features on Microsoft's Surface could help meet enterprise BYOD challenges.  Continue Reading