New & Notable
Evaluate
Key cybersecurity takeaways from AWS re:Invent
Security was strongly emphasized throughout the AWS re:Invent user conference, with product updates to help companies secure data as they build apps and scale in the cloud.
Evaluate
Assess security posture with the Cloud Security Maturity Model
The Cloud Security Maturity Model enables organizations to assess their cloud security posture and optimize it as they continue their cloud journey.
Evaluate
How organizations can learn from cloud security breaches
Research shed light on cloud security breaches. It's time to learn from the past and mitigate these attacks in the future with strong cloud security and posture management.
Evaluate
Amazon IAM announcements at re:Invent 2023
At AWS re:Invent 2023, Amazon announced several new features around machine and human identities designed to improve identity and access management.
Trending Topics
-
Data Security & Privacy News
Ransomware ramps up against private sector in November
Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations.
-
Threats & Vulnerabilities Evaluate
How organizations can learn from cloud security breaches
Research shed light on cloud security breaches. It's time to learn from the past and mitigate these attacks in the future with strong cloud security and posture management.
-
IAM Evaluate
Amazon IAM announcements at re:Invent 2023
At AWS re:Invent 2023, Amazon announced several new features around machine and human identities designed to improve identity and access management.
-
Analytics & Automation News
JPMorgan Chase CISO explains why he's an 'AI optimist'
Pat Opet, CISO at JPMorgan Chase & Co., discussed how the financial services giant invests in cybersecurity and where generative AI could provide game-changing benefits.
-
Network Security Evaluate
5 network security predictions for 2024
Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence.
-
Operations & Management Manage
7 key OT security best practices
Keeping operational technology secure requires vigilance and effort, especially as OT increasingly converges with IT. These cybersecurity best practices can help.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Kali vs. ParrotOS: 2 versatile Linux distros for security pros
Network security doesn't always require expensive software. Two Linux distributions -- Kali Linux and ParrotOS -- can help enterprises fill in their security gaps.
-
Key cybersecurity takeaways from AWS re:Invent
-
Assess security posture with the Cloud Security Maturity Model
-
How organizations can learn from cloud security breaches
-
-
Problem Solve
How to solve 2 MFA challenges: SIM swapping and MFA fatigue
While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them.
-
8 ways to cope with cybersecurity budget cuts
-
Top 7 cloud misconfigurations and best practices to avoid them
-
Top 10 tips for employees to prevent phishing attacks
-
-
Manage
How EDR systems detect malicious activity
Endpoint detection and response tools help SOCs separate benign events from malicious activity. Learn how this EDR function works.
-
The reality behind bypassing EDR attempts
-
7 key OT security best practices
-
5 MFA implementation tips for organizations
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
APT
An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period.
-
Get Started
Mitre ATT&CK framework
The Mitre ATT&CK (pronounced miter attack) framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyber adversaries to help organizations strengthen their cybersecurity strategies.
-
Get Started
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.
Multimedia
-
News
View All -
Threats and vulnerabilities
Forescout uncovers 21 Sierra Wireless router vulnerabilities
Forescout is urging enterprises to patch software for affected OT/IoT routers as attackers increasingly target edge devices to gain network access to critical infrastructure.
-
Application and platform security
Exposed Hugging Face API tokens jeopardized GenAI models
Lasso Security discovered more than 1,600 exposed Hugging Face API tokens provided access to generative AI and large-language models contained in hundreds of repositories.
-
Data security and privacy
Ransomware ramps up against private sector in November
Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations.
Security Definitions
- advanced persistent threat (APT)
- Mitre ATT&CK framework
- timing attack
- privileged identity management (PIM)
- possession factor
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- What is cyber hygiene and why is it important?
- cardholder data environment (CDE)