SearchSecurity
New & Notable
Get Started
How to write an information security policy, plus templates
Infosec policies are key to any enterprise security program. Read up on types of security policies and how to write one, and download free templates to start the drafting process.
Get Started
How to build a security champions program
Security champions are key to promoting and creating a security-first company. Learn how to build a security champions program using these four steps.
News
Log4Shell vulnerability continues to menace developers
Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers.
Problem Solve
Use microsegmentation to mitigate lateral attacks
Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement.
Trending Topics
-
Data security and privacy News
Samsung breached, Nvidia hackers claim responsibility
Samsung said Galaxy device source code was stolen, but no employee or customer personal information was taken by the attackers, who appear to be with the Lapsus$ ransomware group.
-
Threats and vulnerabilities News
Log4Shell vulnerability continues to menace developers
Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers.
-
Identity and access management Evaluate
Use digital identity proofing to verify account creation
Validating users during account creation with identity proofing helps prevent data breaches but isn't without challenges. Discover how it works and concerns to address.
-
Security analytics and automation Manage
How AI can help security teams detect threats
AI and machine learning are reshaping modern threat detection. Learn how they help security teams efficiently and accurately detect malicious actors.
-
Network security Problem Solve
Use microsegmentation to mitigate lateral attacks
Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement.
-
Security operations and management Get Started
How to write an information security policy, plus templates
Infosec policies are key to any enterprise security program. Read up on types of security policies and how to write one, and download free templates to start the drafting process.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Top DevSecOps certifications and trainings
Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle.
-
Use digital identity proofing to verify account creation
-
Implement API rate limiting to reduce attack surfaces
-
API security methods developers should use
-
-
Problem Solve
Use microsegmentation to mitigate lateral attacks
Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement.
-
Top cybersecurity leadership challenges and how to solve them
-
Protect APIs against attacks with this security testing guide
-
How to mitigate Log4Shell, the Log4j vulnerability
-
-
Manage
How to stop malicious or accidental privileged insider attacks
How many permissions or privileges a user has will affect how big of an insider threat they are. Discover the issues surrounding privileged users and how to curtail these threats.
-
4 tips for selecting cybersecurity insurance
-
Pave a path to cybersecurity and physical security convergence
-
Crosswalk cloud compliance to ensure consistency
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
How to write an information security policy, plus templates
Infosec policies are key to any enterprise security program. Read up on types of security policies and how to write one, and download free templates to start the drafting process.
-
Get Started
screened subnet
A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces.
-
Get Started
How to build a security champions program
Security champions are key to promoting and creating a security-first company. Learn how to build a security champions program using these four steps.
Multimedia
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Threat detection and response
Cyber insurance war exclusions loom amid Ukraine crisis
Changes in insurance exemptions for acts of war reflect an increase in damages caused to enterprises related to state-sponsored cyber attacks.
-
Threats and vulnerabilities
Log4Shell vulnerability continues to menace developers
Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers.
-
Threats and vulnerabilities
Researchers disclose new Spectre V2 vulnerabilities
The Spectre class of data disclosure vulnerabilities is once again at the security forefront after researchers discovered a new variant of the side-channel attack.
SearchSecurity Definitions
- screened subnet
- metamorphic and polymorphic malware
- security identifier (SID)
- Internet Key Exchange (IKE)
- Shared Key Authentication (SKA)
- passphrase
- security clearance
- Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)