SearchSecurity
New & Notable
News
Twitter fined $150M for misusing 2FA data
The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.
Evaluate
Top 4 source code security best practices
Software supply chain attacks are on the rise. Follow these source code best practices to protect both in-house and third-party code.
News
'Pantsdown' BMC vulnerability still present in Quanta servers
Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks.
News
Verizon DBIR: Stolen credentials led to nearly 50% of attacks
The 2022 Verizon Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations.
Trending Topics
-
Data security and privacy News
Twitter fined $150M for misusing 2FA data
The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.
-
Threats and vulnerabilities News
'Pantsdown' BMC vulnerability still present in Quanta servers
Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks.
-
Identity and access management News
MFA technology is rapidly evolving -- are mandates next?
The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join?
-
Security analytics and automation News
Government officials: AI threat detection still needs humans
At the Ai4 Cybersecurity Summit, infosec professionals from CISA and the state of Tennessee discussed the promise and potential obstacles of AI for threat detection.
-
Network security News
Verizon DBIR: Stolen credentials led to nearly 50% of attacks
The 2022 Verizon Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations.
-
Security operations and management News
RSA Conference 2022: Adjusting to ongoing transformation
SearchSecurity will be at the RSA conference, ready to provide pre-conference coverage, breaking news and analysis from the world's biggest infosec event.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Top 4 source code security best practices
Software supply chain attacks are on the rise. Follow these source code best practices to protect both in-house and third-party code.
-
Why using ransomware negotiation services is worth a try
-
ESG analysts discuss how to manage compliance, data privacy
-
Apple, Microsoft, Google expand FIDO2 passwordless support
-
-
Problem Solve
Prepare for deepfake phishing attacks in the enterprise
Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector.
-
Case study: Why it's difficult to attribute nation-state attacks
-
Tips for using a threat profile to prevent nation-state attacks
-
Top 7 enterprise cybersecurity challenges in 2022
-
-
Manage
How to counter insider threats in the software supply chain
Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain.
-
5 steps to ensure a successful access management strategy
-
3 ways to apply security by design in the cloud
-
How to implement an attack surface management program
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
How to conduct a cyber-war gaming exercise
A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed.
-
Get Started
man in the browser (MitB)
Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.
-
Get Started
Zero trust vs. zero-knowledge proof: What's the difference?
Zero-knowledge proofs can help companies implement a zero-trust framework. Learn about the two concepts and how they come together to better secure networks.
Multimedia
-
News
View All -
Threat detection and response
U.S. Senate report calls out lack of ransomware reporting
The Senate Committee on Homeland Security published a report that points to a lack of ransomware reporting as a major issue in defending the U.S. from cyber attacks.
-
Data security and privacy
Twitter fined $150M for misusing 2FA data
The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.
-
Threats and vulnerabilities
'Pantsdown' BMC vulnerability still present in Quanta servers
Eclypsium found that a critical security flaw first disclosed in 2019 remains exposed in many internet-facing servers, leaving networks at risk for remote code execution attacks.
SearchSecurity Definitions
- Sender Policy Framework (SPF)
- security information management (SIM)
- WLAN Authentication and Privacy Infrastructure (WAPI)
- mail bomb