Michael Cobb

CISSP-ISSAP

Michael Cobb, CISSP-ISSAP, is a renowned security author with over 20 years of experience in the IT industry. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. He has also been a Microsoft Certified Database Manager and registered consultant with the CESG Listed Advisor Scheme (CLAS). Mike has a passion for making IT security best practices easier to understand and achievable.

Michael Cobb’s Most Recent Content

Search Security

Security log management tips and best practices
09 Jul 2025
Search Security

12 smart contract vulnerabilities and how to mitigate them
26 Jun 2025
Search Security

What is a cyberattack? 16 common types and how to prevent them
23 Jun 2025
Search Security

Symmetric vs. asymmetric encryption: Understand key differences
10 Jun 2025
Search App Architecture

13 API security best practices to protect your business
20 Mar 2025
Search Security

What is a buffer overflow? How do these types of attacks work?
17 Mar 2025
Search Security

What is Kerberos and how does it work?
10 Mar 2025
Search Security

What is the RSA algorithm?
11 Feb 2025
Search Security

What is physical security and how does it work?
07 Feb 2025
Search Security

What is a certificate revocation list (CRL) and how is it used?
31 Jan 2025
Search Security

What is biometric verification?
31 Jan 2025
Search Security

What is DOS (Disk Operating System)?
31 Jan 2025
Search Security

What is threat modeling?
23 Jan 2025
Search Security

What is SSL (Secure Sockets Layer)?
23 Jan 2025
Search Security

What is a private key?
21 Jan 2025
Search Security

How to recover from a DDoS attack
04 Dec 2024
Search Security

10 API security testing tools to mitigate risk
04 Nov 2024
Search Security

API security testing checklist: 7 key steps
01 Nov 2024
Search Security

What is two-factor authentication (2FA)?
28 Oct 2024
Search Security

DDoS mitigation: How to stop DDoS attacks
25 Oct 2024
Search Security

How to detect DDoS attacks
22 Oct 2024
WhatIs

What is threat intelligence?
10 Oct 2024
Search Security

What is cybercrime and how can you prevent it?
03 Sep 2024
Search Security

What is SSH (Secure Shell) and How Does It Work?
29 Jul 2024
Search Security

How to implement an attack surface management program
24 Jul 2024
Search Security

How to protect port 139 from SMB attacks
19 Jul 2024
Search Security

What dangling pointers are and how to avoid them
18 Jul 2024
Search Security

Port scan attacks: What they are and how to prevent them
20 Jun 2024
Search Security

What is Data Encryption Standard (DES)?
02 May 2024
Search Security

Stateful vs. stateless firewalls: Understanding the differences
18 Apr 2024
Search Security

Key software patch testing best practices
15 Apr 2024
Search App Architecture

OAuth (Open Authorization)
12 Apr 2024
Search Security

Agent vs. agentless security: Learn the differences
25 Mar 2024
Search Storage

cloud encryption
14 Mar 2024
Search Security

asymmetric cryptography
12 Mar 2024
Search Security

The differences between inbound and outbound firewall rules
07 Mar 2024
Search Security

Advanced Encryption Standard (AES)
20 Feb 2024
Search Security

encryption
07 Feb 2024
Search Security

Close security gaps with attack path analysis and management
06 Feb 2024
Search Networking

5G security: Everything you should know for a secure network
05 Jan 2024
Search Security

How to protect your organization from IoT malware
15 Nov 2023
Search Security

Why fourth-party risk management is a must-have
13 Oct 2023
Search CIO

ISO 31000 vs. COSO: Comparing risk management standards
15 Aug 2023
Search Security

The history, evolution and current state of SIEM
12 Jul 2023
Search Security

How API gateways improve API security
26 Jun 2023
Search Security

Use IoT hardening to secure vulnerable connected devices
16 Jun 2023
Search Security

Risk assessment vs. threat modeling: What's the difference?
15 Jun 2023
Search Security

Top breach and attack simulation use cases
24 May 2023
Search Security

How to fix the top 5 API vulnerabilities
11 Apr 2023
Search Security

What is Triple DES and why is it being disallowed?
09 Jan 2023
Search Security

Trojan horse
02 Dec 2022
Search Security

Industrial control system security needs ICS threat intelligence
17 Nov 2022
Search Security

6 ways to prevent privilege escalation attacks
24 Oct 2022
Search Security

data masking
13 Sep 2022
Search Security

How to conduct a secure code review
24 Aug 2022
Search Security

What is identity sprawl and how can it be managed?
18 Aug 2022
Search Security

Data masking vs. data encryption: How do they differ?
02 Aug 2022
Search Security

How micropatching could help close the security update gap
16 May 2022
Search IoT

man-in-the-middle attack (MitM)
28 Apr 2022
Search Security

How endpoint encryption works in a data security strategy
15 Mar 2022
Search Security

Privacy-enhancing technology types and use cases
25 Feb 2022
Search Security

How to use PKI to secure remote network access
23 Feb 2022
Search Security

Protect APIs against attacks with this security testing guide
28 Jan 2022
Search Security

What is shellcode and how is it used?
25 Jan 2022
Search Security

smart card
29 Dec 2021
Search Security

How to mitigate Log4Shell, the Log4j vulnerability
21 Dec 2021
Search Security

7 best practices to ensure GDPR compliance
04 Nov 2021
Search Security

Is bitcoin safe? How to secure your bitcoin wallet
06 Aug 2021
Search Security

How to prevent software piracy
15 Jul 2021
Search Security

How to implement machine identity management for security
12 Jul 2021
Search Security

How to get started with security chaos engineering
15 Jun 2021
Search Security

The top 6 SSH risks and how regular assessments cut danger
10 Jun 2021
Search Security

ethical hacker
21 May 2021
Search Security

6 SSH best practices to protect networks from attacks
16 Apr 2021
Search Security

How to manage third-party risk in the supply chain
25 Feb 2021
Search Security

How to prevent supply chain attacks: Tips for suppliers
24 Feb 2021
Search Security

How to achieve security observability in complex environments
23 Feb 2021
Search Security

How to address and prevent security alert fatigue
10 Feb 2021
Search Security

Using content disarm and reconstruction for malware protection
09 Feb 2021
Search Security

Extended detection and response tools take EDR to next level
14 Jan 2021
Search Security

Weighing remote browser isolation benefits and drawbacks
24 Nov 2020
Search Security

Oversee apps with these 3 application security testing tools
29 Sep 2020
Search Security

Format-preserving encryption use cases, benefits, alternative
22 Sep 2020
Search Security

3 steps to secure codebase updates, prevent vulnerabilities
15 Sep 2020
Search Security

10 RDP security best practices to prevent cyberattacks
18 Aug 2020
Search Security

How to send secure email attachments
05 Aug 2020
Search Security

The case for cybersecurity by design in application software
03 Aug 2020
Search Security

How to fortify IoT access control to improve cybersecurity
01 Jun 2020
Search Security

The risks and effects of spyware
06 May 2020
Search Security

SSL certificate best practices for 2020 and beyond
29 Apr 2020
Search Security

Updating the data discovery process in the age of CCPA
11 Mar 2020
Search Security

5G network slicing security benefits IoT, mobile
10 Mar 2020
Search Security

How to use TODO comments for secure software development
27 Feb 2020
Search Security

Windows IIS server hardening checklist
27 Feb 2020
Search Security

AI and machine learning in cybersecurity: Trends to watch
06 Jan 2020
Search Security

Comparing Diffie-Hellman vs. RSA key exchange algorithms
20 Nov 2019
Search Security

Zero-trust framework creates challenges for app dev
11 Nov 2019
Search Security

What it takes to be a DevSecOps engineer
12 Sep 2019
Search Security

DevOps security checklist requires proper integration
16 Aug 2019
Search Security

How to start building a DevSecOps model
05 Aug 2019

1
2
3

Close