SearchSecurity
New & Notable
Problem Solve
Prepare for deepfake phishing attacks in the enterprise
Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector.
News
Developers targeted by poisoned Python library
A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances.
News
MFA technology is rapidly evolving -- are mandates next?
The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join?
Evaluate
Why using ransomware negotiation services is worth a try
If stakeholders decide to pay ransomware demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout.
Trending Topics
-
Data security and privacy Evaluate
ESG analysts discuss how to manage compliance, data privacy
ESG analysts offer three recommendations for effective data governance: good C-level and IT leadership, visibility into cloud infrastructure and understanding cloud architecture.
-
Threats and vulnerabilities Evaluate
Why using ransomware negotiation services is worth a try
If stakeholders decide to pay ransomware demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout.
-
Identity and access management News
MFA technology is rapidly evolving -- are mandates next?
The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join?
-
Security analytics and automation News
Government officials: AI threat detection still needs humans
At the Ai4 Cybersecurity Summit, infosec professionals from CISA and the state of Tennessee discussed the promise and potential obstacles of AI for threat detection.
-
Network security News
Verizon DBIR: Ransomware dominated threat landscape in 2021
Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected.
-
Security operations and management News
RSA Conference 2022: Adjusting to ongoing transformation
SearchSecurity will be at the RSA conference, ready to provide pre-conference coverage, breaking news and analysis from the world's biggest infosec event.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Why using ransomware negotiation services is worth a try
If stakeholders decide to pay ransomware demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout.
-
ESG analysts discuss how to manage compliance, data privacy
-
Apple, Microsoft, Google expand FIDO2 passwordless support
-
How cryptocurrencies enable attackers and defenders
-
-
Problem Solve
Case study: Why it's difficult to attribute nation-state attacks
If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware.
-
Tips for using a threat profile to prevent nation-state attacks
-
Top 7 enterprise cybersecurity challenges in 2022
-
6 types of insider threats and how to prevent them
-
-
Manage
How to counter insider threats in the software supply chain
Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain.
-
5 steps to ensure a successful access management strategy
-
3 ways to apply security by design in the cloud
-
How to implement an attack surface management program
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
How to conduct a cyber-war gaming exercise
A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed.
-
Get Started
man in the browser (MitB)
Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.
-
Get Started
Zero trust vs. zero-knowledge proof: What's the difference?
Zero-knowledge proofs can help companies implement a zero-trust framework. Learn about the two concepts and how they come together to better secure networks.
Multimedia
-
News
View All -
Application and platform security
Developers targeted by poisoned Python library
A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances.
-
Identity and access management
MFA technology is rapidly evolving -- are mandates next?
The evolving landscapes of both the modern workplace and cyberthreats have paved the way for some organizations to require multifactor authentication protection. Will others join?
-
Network security
Verizon DBIR: Ransomware dominated threat landscape in 2021
Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected.
SearchSecurity Definitions
- Sender Policy Framework (SPF)
- security information management (SIM)
- WLAN Authentication and Privacy Infrastructure (WAPI)
- mail bomb