SearchSecurity
New & Notable
News
Risk & Repeat: Uber and Rockstar Games hacked
This podcast episode discusses recent hacks against Uber and Rockstar Games, the techniques of the attackers and the possible connection to the Lapsus$ cybercrime group.
Evaluate
10 security-by-design principles to include in the SDLC
Security is rarely a priority in the SDLC, but it should be. Adhere to these security-by-design principles for secure software and learn the importance of threat modeling.
News
15-year-old Python vulnerability poses supply chain threat
Trellix researchers issued a call for help to patch a vulnerable software module, which was found in more than 300,000 open source GitHub repositories.
News
Cybercriminals launching more MFA bypass attacks
New research from Okta shows that cybercrime groups have stepped up their attacks on multifactor authentication systems in an effort to thwart account security measures.
Trending Topics
-
Data Security & Privacy News
Risk & Repeat: Uber and Rockstar Games hacked
This podcast episode discusses recent hacks against Uber and Rockstar Games, the techniques of the attackers and the possible connection to the Lapsus$ cybercrime group.
-
Threats & Vulnerabilities News
Transparency, disclosure key to fighting ransomware
Current and former CISA members say the best methods for curbing ransomware attacks are organizations reporting attacks and assisting in investigations.
-
IAM News
Cybercriminals launching more MFA bypass attacks
New research from Okta shows that cybercrime groups have stepped up their attacks on multifactor authentication systems in an effort to thwart account security measures.
-
Analytics & Automation Evaluate
Compare SAST vs. DAST vs. SCA for DevSecOps
SAST, DAST and SCA DevSecOps tools can automate code security testing. Discover what each testing method does, and review some open source options to choose from.
-
Network Security Get Started
How to create and add an SPF record for email authentication
Learn how to create Sender Policy Framework records to list authenticated mail servers for an email domain to fight spam, phishing, email forgery and other malicious email.
-
Operations & Management News
Cobalt Strike gets emergency patch
The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
10 security-by-design principles to include in the SDLC
Security is rarely a priority in the SDLC, but it should be. Adhere to these security-by-design principles for secure software and learn the importance of threat modeling.
-
Discover the benefits and challenges of bug bounty programs
-
How SOCs can identify the threat actors behind the threats
-
The ultimate guide to cybersecurity planning for businesses
-
-
Problem Solve
How data security posture management complements CSPM
Data security posture management can provide comprehensive defense-in-depth security for cloud data. Find out more about how DSPM policies move with the data.
-
How to conduct a secure code review
-
3 threats dirty data poses to the enterprise
-
Key software patch testing best practices
-
-
Manage
Use shadow IT discovery to find unauthorized devices and apps
Shadow IT may be convenient for users, but it isn't for IT -- especially where security is concerned. Shadow IT discovery finds unmanaged devices and apps.
-
How to connect cyber-risk and climate risk strategies
-
5 ways to improve your cloud security posture
-
7 CISO succession planning best practices
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
Android System WebView
Android System WebView is a system component for the Android operating system (OS) that allows Android apps to display web content directly inside an application.
-
Get Started
How DKIM records reduce email spoofing, phishing and spam
Learn how implementing DomainKeys Identified Mail helps protect against phishing, spam and email forgery by digitally signing outgoing messages.
-
Get Started
Cybersecurity career path: 5-step guide to success
Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity.
Multimedia
-
News
View All -
Application and platform security
Malicious NPM package discovered in supply chain attack
Threat actors are circulating a look-alike version of the Material Tailwind NPM package to infect developers for supply chain malware attacks, according to ReversingLabs.
-
Application and platform security
15-year-old Python vulnerability poses supply chain threat
Trellix researchers issued a call for help to patch a vulnerable software module, which was found in more than 300,000 open source GitHub repositories.
-
Identity and access management
Cybercriminals launching more MFA bypass attacks
New research from Okta shows that cybercrime groups have stepped up their attacks on multifactor authentication systems in an effort to thwart account security measures.