Bookshelf
-
Incident response for web application attacks
Web app security is like learning to ride a bike -- expect to struggle before getting it right. But don't be disheartened; learn from prior incidents to improve controls. Continue Reading
-
How to use IoT for marketing
IoT devices can track people's fitness routines and monitor manufacturing equipment, but they also offer valuable customer data for personalized outreach. Continue Reading
-
Symmetric key encryption algorithms and security: A guide
Scrambling plaintext into ciphertext is essential to ensure data cannot be read or used by the wrong people. Learn the basics of symmetric key encryption algorithms here. Continue Reading
-
Noninvasive data governance offers friendly approach
Data governance doesn't need to be a burden on employees. A noninvasive approach formalizes existing responsibilities as components of a governance program. Continue Reading
-
Why data-driven operations must measure data culture
Many organizations know what data culture is, but measuring culture levels and identifying necessary improvements is another challenge. Continue Reading
-
Diversity in leadership: Forge your own success
Eugina Jordan is a CMO in tech who wrote a leadership book for underrepresented professionals who want to become corporate leaders. Here, she answers four questions about the book. Continue Reading
-
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
-
Types of cybersecurity controls and how to place them
A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset. Continue Reading
-
Equipment to include in a computer forensic toolkit
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit. Continue Reading
-
In defense of a digital circular economy
Digital tech can potentially help companies follow the circular economy model, but critics point out possible issues as well, including continuing demand for plastics. Learn more. Continue Reading
-
How to define cyber-risk appetite as a security leader
In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading
-
API security maturity model to assess API security posture
As API use proliferates, attackers are targeting them to exploit networks and data. This six-domain API security maturity model can assess weaknesses and vulnerabilities. Continue Reading
-
How to address the challenges of AI-driven digital twins
The market for AI-driven digital twins is growing, with potential to accelerate climate action. IT leaders implementing digital twin tech should use these tips to succeed. Continue Reading
-
What business leaders should know about EU AI Act compliance
AI compliance expert Arnoud Engelfriet shares key takeaways from his book 'AI and Algorithms,' describing the EU AI Act's effects on innovation, risk management and ethical AI. Continue Reading
-
Technical sales rise when you tap into soft skills
Evgeniy Kharam published a book exploring soft skills in technical sales to improve sales success and minimize turnover. In this Q&A, you'll find key takeaways from the book. Continue Reading
-
Best practices for Cisco pyATS test scripts
Test scripts are the heart of any job in pyATS. Best practices for test scripts include proper structure, API integration and the use of Python libraries to enhance testing. Continue Reading
-
How to become a cybersecurity architect
From help desk support personnel to network admin, learn about the multiple paths that can lead to becoming an effective and knowledgeable cybersecurity architect. Continue Reading
-
Knowledge management metrics: How to track KM effectiveness
Measuring knowledge management effectiveness requires quantitative and qualitative data. Metrics like the balanced scorecard method can help organizations improve their strategies. Continue Reading
-
Best practices for getting started with MLOps
As AI and machine learning become increasingly popular in enterprises, organizations need to learn how to set their initiatives up for success. These MLOps best practices can help. Continue Reading
-
3 Keycloak authorization strategies to secure app access
Keycloak, an open source IAM tool, offers authorization methods, including RBAC, GBAC and OAuth 2.0, that limit what users can access. Continue Reading
-
The importance of ethics in information management
Advancements in data collection and processing may tempt information management professionals to use as much customer data as possible. Yet, more data use means less privacy. Continue Reading
-
The need for common sense in AI systems
Building explainable and trustworthy AI systems is paramount. To get there, computer scientists Ron Brachman and Hector Levesque suggest infusing common sense into AI development. Continue Reading
-
8 practice network hardware questions for CCST exam
Prepare for the CCST Networking exam with this network hardware quiz from Chapter 10 of 'Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide.' Continue Reading
-
Introduction to network hardware components
This excerpt from 'Cisco Certified Support Technician CCST Networking 100-150 Official Cert Guide' provides beginners with knowledge and best practices on network hardware. Continue Reading
-
Best practices to install network hardware
Network practitioners might get tangled in the confusion of wires, switches and other hardware components. A networking expert offers best practices for network hardware. Continue Reading
-
Why noninvasive data governance is the best approach to use
Organizations typically approach data governance with top-down or traditional approaches. Consultant Robert Seiner discusses what makes his noninvasive approach the best option. Continue Reading
-
The reality behind bypassing EDR attempts
Attackers have their work cut out for them when it comes to bypassing EDR. Learn about the difficulty of EDR evasion and how to ensure EDR tools catch all threats. Continue Reading
-
How EDR systems detect malicious activity
Endpoint detection and response tools help SOCs separate benign events from malicious activity. Learn how this EDR function works. Continue Reading
-
How to solve 2 MFA challenges: SIM swapping and MFA fatigue
While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them. Continue Reading
-
5 MFA implementation tips for organizations
Organizations need to protect user accounts from malicious attackers. IAM expert Marco Fanti offers tips organizations can use when implementing MFA. Continue Reading
-
Explore real-world examples of AI implementation success
In 'All-In on AI,' authors Davenport and Mittal explore AI implementation examples from organizations that already made the AI leap with success. Read this book excerpt to learn more. Continue Reading
-
How do LLMs like ChatGPT work?
AI expert Ronald Kneusel explains how transformer neural networks and extensive pretraining enable large language models like GPT-4 to develop versatile text generation abilities. Continue Reading
-
Demystifying AI with a machine learning expert
In this interview, author Ronald Kneusel discusses his new book 'How AI Works,' the recent generative AI boom and tips for those looking to enter the AI field. Continue Reading
-
How to create a SOAR playbook in Microsoft Sentinel
Using automation through tools such as SOAR and SIEM can improve incident response alert efficiency. One automated feature analysts can use is the SOAR playbook. Continue Reading
-
How SOAR helps improve MTTD and MTTR metrics
By automating initial incident response tasks, SOAR can help SOC analysts improve MTTD and MTTR metrics and ensure they focus on true positive alerts. Continue Reading
-
Toward justice and sustainability in the tech industry
In this excerpt from his book 'Insolvent,' author and professor Christoph Becker outlines why and how to reorient the tech sector toward social justice and sustainability. Continue Reading
-
The role of tech in climate change and climate justice
In this interview, Insolvent author Christoph Becker discusses tech's complex effects on climate and society and the need to center social justice and sustainability in computing. Continue Reading
-
Build a natural language processing chatbot from scratch
In this excerpt from the book 'Natural Language Processing in Action,' you'll walk through the steps of creating a simple chatbot to understand how to start building NLP pipelines. Continue Reading
-
Q&A: How to start learning natural language processing
In this Q&A, 'Natural Language Processing in Action' co-author Hobson Lane discusses how to start learning NLP, including benefits and challenges of building your own pipelines. Continue Reading
-
MS-700 practice exam tests Teams phone system knowledge
This practice test for the MS-700 Managing Microsoft Teams exam quizzes readers on how to manage the Teams phone system, from call queues to Direct Routing. Continue Reading
-
Prepare for Teams admin certification with MS-700 study guide
Learn the administrative responsibilities for the Teams phone system in this excerpt from 'MS-700 Managing Microsoft Teams Exam Guide.' Continue Reading
-
Q&A: Expert tips for running machine learning in production
In this interview, 'Designing Machine Learning Systems' author Chip Huyen shares advice and best practices for building and maintaining ML systems in real-world contexts. Continue Reading
-
Compare machine learning vs. software engineering
Although machine learning has a lot in common with traditional programming, the two disciplines have several key differences, author and computer scientist Chip Huyen explains. Continue Reading
-
How to use dynamic reverse engineering for embedded devices
In this excerpt from 'Practical Hardware Pentesting,' read step-by-step instructions on how to find vulnerabilities on IoT devices using dynamic reverse engineering. Continue Reading
-
Adopt embedded penetration testing to keep IoT devices secure
Regular embedded penetration testing can help discover vulnerabilities before attackers do. The author of 'Practical Hardware Pentesting' explains. Continue Reading
-
Cloud data warehouse book challenges data assumptions
Dr. Barry Devlin's book lays out the principles of cloud data warehousing and challenges data managers to evaluate what they need when choosing a data warehouse approach. Continue Reading
-
Evaluate cloud data warehouses based on data, outcomes
Organizations must focus on data and desired outcomes -- and question their assumptions -- when evaluating cloud data warehouse needs, according to industry expert Dr. Barry Devlin. Continue Reading
-
The need to demystify software testing for developers
With how quickly demands for functionality can change in today's dynamic application environments, the case for developers to learn core testing skills could be stronger than ever. Continue Reading
-
How to map security gaps to the Mitre ATT&CK framework
Mapping security gaps to the Mitre ATT&CK framework enables SOC teams to prioritize, remediate and eliminate vulnerabilities before malicious actors exploit them. Continue Reading
-
Get started: Threat modeling with the Mitre ATT&CK framework
The Mitre ATT&CK framework may seem daunting at first, but it is a key tool that helps SOC teams conduct threat modeling. Learn how to get started. Continue Reading
-
How AI in marketing can empower creativity
'Marketing Artificial Intelligence' co-author Paul Roetzer explains why and how AI can change marketing and gives insight into how marketing professionals can prepare. Continue Reading
-
7 essential goal achievement tips for project managers
Great explorers had to achieve goals and manage their teams through complexity and into the unknown just as project managers must do today. Learn from one such explorer. Continue Reading
-
Attack surface reduction rules for Microsoft productivity apps
Attack surface reduction rules in Microsoft Defender for Endpoint help prevent apps from launching executable files and scripts, running suspicious scripts and more. Continue Reading
-
Manage security posture with Microsoft Defender for Endpoint
Organizations need to implement security posture management to ensure their cybersecurity strategy can address malicious actions inside and out. Continue Reading
-
4 important skills of a knowledge management leader
KM programs need a leader who can motivate employees to change their routines. This leader needs a long-term mindset and the ability to translate KM ideas into business language. Continue Reading
-
What does a knowledge management leader do?
Knowledge management teams often include IT professionals and content writers. But at the head, they need a central leader to make connections and guide people. Continue Reading
-
How to use Wfuzz to find web application vulnerabilities
By learning how to use Wfuzz for web application fuzz testing, bug bounty hunters can automate vulnerability discovery. Learn more in this excerpt from 'Bug Bounty Bootcamp.' Continue Reading
-
How to become a bug bounty hunter: Getting started
Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter. Continue Reading
-
Security experts share cloud auditing best practices
A cloud audit allows organizations to assess cloud vendor performance. Auditing experts Shinesa Cambric and Michael Ratemo talk about the role of compliance in auditing. Continue Reading
-
How to implement principle of least privilege in Azure AD
Restricting users' permissions in Microsoft Azure AD to only what they need to complete their job helps secure and reduce the cloud attack surface. Continue Reading
-
How to start handling Azure network security
Before adopting Microsoft Azure, it's important to consider how to secure the cloud network. That's where network security groups and Azure Firewall come in. Continue Reading
-
Practice Microsoft SC-100 exam questions with answers
Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam. Continue Reading
-
How to use Azure AD Connect synchronization for hybrid IAM
Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
-
How to prepare for the Microsoft Cybersecurity Architect exam
Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more. Continue Reading
-
Extend collaboration tools with 'Google Workspace User Guide'
Collaboration tools are key as businesses shift to hybrid work. Google Workspace supports productivity with Google Classroom, Marketplace apps and Google Assistant. Continue Reading
-
How tech leaders can develop an IT sustainability plan
Sustainability is on many tech leaders' minds, but knowing where to start can be daunting. CIO Niklas Sundberg shares his experience building an IT sustainability plan. Continue Reading
-
ICS kill chain: Adapting the cyber kill chain to ICS environments
As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
-
An intro to the IDMZ, the demilitarized zone for ICSes
Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
-
Reinforce industrial control system security with ICS monitoring
Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
-
How account-based marketing can improve personalization
An ABM strategy can help B2B marketers personalize marketing efforts for top prospects. An ABM strategy includes an ideal customer profile, personalized messaging and a CRM system. Continue Reading
-
Advice for marketing personalization
Business professionals have become numb to the plethora of marketing emails they receive every day. However, personalized messaging can grab their attention. Continue Reading
-
Book excerpt: Data mesh increases data access and value
Zhamak Dehghani, a pioneer in data mesh technology, discusses how the concept decentralizes data to improve data-related decision-making and value in her book. Continue Reading
-
How to apply and edit Wireshark display filters
Wireshark display filters enable users to narrow the scope of a network traffic scan. Use this tutorial to apply and edit display filters to make detailed network sniffing easier. Continue Reading
-
Customize workflows with Wireshark profiles
Wireshark has a variety of uses, which is why creating multiple personalized Wireshark profiles is important. Learn about Wireshark profiles, how to share them and more. Continue Reading
-
Digital transformations require empathy
Agility, experimentation and empathy are critical drivers to a successful digital transformation. Learn why IT leaders should focus on these three critical skills. Continue Reading
-
9 practice questions on twisted-pair network cables
Take this practice quiz on twisted-pair cables, sampled from 'Networking Essentials: A CompTIA Network+ N10-008 Textbook,' to test your understanding for the certification exam. Continue Reading
-
An introduction to twisted-pair cable wiring
This excerpt from 'Networking Essentials: A CompTIA Network+ N10-008 Textbook' provides an overview of twisted-pair network cables and acts as a study tool for the exam. Continue Reading
-
Considerations for configuring twisted-pair cables
In this Q&A, author Jeffrey Beasley discusses what students who plan to take the CompTIA Network+ exam should know about twisted-pair cables, from configuration to troubleshooting. Continue Reading
-
How AI serves as a cornerstone of Industry 4.0
For manufacturing environments to be included in Industry 4.0, they must adopt up-to-date technologies to improve operations. AI should be foremost among them. Continue Reading
-
How companies can avoid a poor candidate experience
In a competitive job market, companies must learn how to avoid a poor candidate experience. Here are some best practices to follow. Continue Reading
-
10 open source coding books to read in 2023
Open source technology and programming languages are the foundation of modern software development. Use these books to take advantage of all that open source software has to offer. Continue Reading
-
How recruiters can reject candidates respectfully
How recruiters reject job candidates can make a huge difference in a candidate's feelings towards a company. Learn some ways that recruiters can improve the rejection process. Continue Reading
-
Inside the PEIR purple teaming model
Want to try purple team exercises but aren't sure how to do so? Try the 'Prepare, Execute, Identify and Remediate' purple teaming model. Continue Reading
-
Understanding purple teaming benefits and challenges
Blue teams and red teams are coming together to form purple teams to improve their organization's security posture. What does this mean for the rivals? And how does it work? Continue Reading
-
4 types of employee reactions to a digital transformation
The success of a digital transformation project depends on employee buy-in. Discover how organizations can address employee reactions to digital transformation. Continue Reading
-
10 important components of SDN controllers
SDN controller features include modularity, APIs, clustering and GUIs. Read more in this chapter excerpt from 'SDN-Supported Edge-Cloud Interplay for Next Generation Internet of Things.' Continue Reading
-
When REST API design goes from helpful to harmful
REST may be a somewhat non-negotiable standard in web API development, but has it fostered overreliance? Learn why other design styles could -- and should -- get an equal chance. Continue Reading
-
FinOps model eases cloud billing complexities
Cloud cost management is a top priority on admin's minds. FinOps expert Mike Fuller talks about cloud billing challenges and how to overcome them in this Q&A. Continue Reading
-
How common is commonsense AI?
'Machines like Us' co-author Ron Brachman explains what it would take to build common sense into AI systems and the benefits of doing so. Continue Reading
-
How to configure Windows privacy settings with Intune
To personalize UX, Windows devices aren't shy about collecting user data. This isn't ideal for enterprise security. Discover how to lock down privacy settings with Intune. Continue Reading
-
Windows security tips for the enterprise
Securing a Windows environment is no easy feat. Read up on low-hanging fruit to quickly address, as well as top tips from two security practitioners to get started. Continue Reading
-
Understanding Azure Virtual Desktop management and storage
In this Q&A, author Ryan Mangan discusses best practices for Azure Virtual Desktop management, the importance of storage and more from his book, 'Mastering Azure Virtual Desktop.' Continue Reading
-
8 coding books to read in 2023
Coding books are a great learning resource for developers of all skill levels and backgrounds, offering authoritative and comprehensive coverage of a specific topic area. Continue Reading
-
Test your Azure Virtual Desktop storage management skills
Use these questions to test how well you know the best practices for managing Azure Virtual Desktop storage. Continue Reading
-
Cisco collaboration study guide for 350-801 CLCOR exam
Learn the basics of Cisco collaboration products and how to deploy collaboration tools in this excerpt from 'CCNP and CCIE Collaboration Core CLCOR 350-801 Official Cert Guide.' Continue Reading
-
Cisco collaboration 350-801 CLCOR practice test questions
This 350-801 CLCOR practice test for the CCNP and CCIE certifications quizzes readers on Cisco collaboration technologies, from endpoints to applications. Continue Reading
-
IT influences shift to net positive enterprise
In this Q&A, business sustainability expert Andrew Winston discusses why companies need to become net positive by contributing more than they take. Continue Reading
-
Understanding malware analysis and its challenges
Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
-
Why is malware analysis important?
Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
-
How to efficiently measure customer loyalty
Most organizations don't measure customer loyalty often or thoroughly enough to improve CX. This book excerpt explores tips and suggestions to measure loyalty more efficiently. Continue Reading
