Features

Features

• How to develop a data breach response plan: 5 steps

  A data breach response plan outlines how a business will react to a breach. Follow these five steps, and use our free template to develop your organization's plan.  Continue Reading

• How to secure data at rest, in use and in motion

  With internal and external cyber threats on the rise, check out these tips to best protect and secure data at rest, in use and in motion.  Continue Reading

• How to create a data security policy, with template

  Are you looking to create or update your organization's data security policy? Learn about the key elements of a data security policy, and use our free template to get started.  Continue Reading

• VMDR: Inside vulnerability management, detection and response

  VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool?  Continue Reading

• Cyber-war game case study: Preparing for a ransomware attack

  In this real-world cyber-war game case study, an exercise on ransomware preparedness helped a company discover shortcomings in its incident response plan.  Continue Reading

• Clearing up cybersecurity architecture confusion, challenges

  There's no lack of cybersecurity frameworks, but there is a lack of resources to help small and midsize organizations build a cybersecurity architecture -- until now.  Continue Reading

• 4 criteria to measure cybersecurity goal success

  Measuring the success of cybersecurity goals is challenging because they are components of larger goals and often probabilistic rather than deterministic.  Continue Reading

• Top 7 types of data security technology

  These seven types of data security technologies -- from encryption to masking -- will better protect customer and enterprise data from inappropriate and unauthorized access and use.  Continue Reading

• How to write a cybersecurity job posting

  Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting.  Continue Reading

• How to define cyber-risk appetite as a security leader

  In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite.  Continue Reading

• A 'CISO evolution' means connecting business value to security

  As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite.  Continue Reading

• How to find your niche in cybersecurity

  It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry.  Continue Reading

• How to determine out-of-scope bug bounty assets

  What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.'  Continue Reading

• An enterprise bug bounty program vs. VDP: Which is better?

  Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground.  Continue Reading

• Publicly disclosed U.S. ransomware attacks database

  Each day SearchSecurity looks for every publicly available instance of a ransomware attack in the U.S. and compiles this data into a list to keep readers updated on recent threats.  Continue Reading

• 3 types of PKI certificates and their use cases

  Public key infrastructure helps authenticate senders via cryptography and digital certificates. Learn about three types of PKI certificates and their use cases.  Continue Reading

• Using SSH tunneling for good and evil

  Secure Shell tunneling takes the secure application protocol to the next level for bypassing firewalls and creating secure connections everywhere.  Continue Reading

• How ransomware kill chains help detect attacks

  Reconstructing cyber attacks is a key step in incident response. Learn how ransomware kill chains can help security teams detect and mitigate the consequences of an attack.  Continue Reading

• How to improve cyber attack detection using social media

  Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how.  Continue Reading

• How to design architecture for enterprise wireless security

  Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture.  Continue Reading

• Implementing wireless security in the enterprise

  Learn how to properly secure your enterprise wireless network while considering UX, zero trust and commonly overlooked architectural mistakes.  Continue Reading

• Apple, Microsoft, Google expand FIDO2 passwordless support

  Achieving true passwordless experiences begins with companies working together to adopt standards that enable customers to use multiple devices seamlessly, regardless of OS.  Continue Reading

• Case study: Scaling DevSecOps at Comcast

  Comcast's DevSecOps transformation started small but quickly gained steam, resulting in 85% fewer security incidents in production. Learn more in this case study.  Continue Reading

• Cyber-war gaming: A cybersecurity tabletop exercise

  Based off military war games, cyber-war gaming examines a company's security posture. Learn how it works, the readiness needed, who should be involved and more.  Continue Reading

• Do phishing simulations work? Sometimes

  Phishing simulations are becoming increasingly popular to pinpoint which employees fall victim to scams, but their effectiveness and morality have been called into question.  Continue Reading

• Case study: Why it's difficult to attribute nation-state attacks

  If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware.  Continue Reading

• Tips for using a threat profile to prevent nation-state attacks

  Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile.  Continue Reading

• How to conduct Linux privilege escalations

  Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts.  Continue Reading

• Why companies should focus on preventing privilege escalation

  If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them.  Continue Reading

• An introduction to binary diffing for ethical hackers

  Binary diffing is a useful tool in the ethical hacker's arsenal. This excerpt teaches aspiring penetration testers and red teamers how to get started.  Continue Reading

• Unethical vulnerability disclosures 'a disgrace to our field'

  The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says.  Continue Reading

• Study attests: Cloud apps, remote users add to data loss

  A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic.  Continue Reading

• How secure are one-time passwords from attacks?

  Adding an additional authentication layer makes it harder for attackers to get into accounts, but not all authentication factors are equal -- especially when it comes to OTPs.  Continue Reading

• How effective is security awareness training? Not enough

  Annual security awareness trainings do little to improve security. Learn why they aren't helpful, and discover steps to improve your organization's training program.  Continue Reading

• How to implement OpenID Connect for single-page applications

  The OpenID Connect authentication protocol can be used to secure a variety of applications. This excerpt teaches developers how it works with single-page applications.  Continue Reading

• How to use OpenID Connect for authentication

  OpenID Connect has become a trusted protocol to connect with identity providers. Explore how to use it for IAM, common threats to be aware of and how to connect to multiple IdPs.  Continue Reading

• The importance of HR's role in cybersecurity

  HR teams must keep security top of mind when hiring and onboarding employees and enforcing data privacy policies. Get advice on the procedures and mechanisms to do so.  Continue Reading

• Why CISOs need to understand the business

  While CISOs need technical skills, business skills help them push their team's agenda and get the support and funding they need to protect their company.  Continue Reading

• Cryptocurrency cyber attacks on the rise as industry expands

  Consumers, businesses and governments are finding new ways to use cryptocurrency, but a recent string of cyber attacks has highlighted security risks and shortcomings.  Continue Reading

• Use digital identity proofing to verify account creation

  Validating users during account creation with identity proofing helps prevent data breaches but isn't without challenges. Discover how it works and concerns to address.  Continue Reading

• How to stop malicious or accidental privileged insider attacks

  How many permissions or privileges a user has will affect how big of an insider threat they are. Discover the issues surrounding privileged users and how to curtail these threats.  Continue Reading

• Tips for creating a cybersecurity resume

  Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume.  Continue Reading

• How to manage imposter syndrome in cybersecurity

  The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice.  Continue Reading

• Implement API rate limiting to reduce attack surfaces

  Rate limiting can help developers prevent APIs from being overwhelmed with requests, thus preventing denial-of-service attacks. Learn how to implement rate limiting here.  Continue Reading

• API security methods developers should use

  Developers can reduce the attack surface by implementing security early in the API development process and knowing methods to secure older APIs that can't be deprecated.  Continue Reading

• Pros and cons of manual vs. automated penetration testing

  Automated penetration testing capabilities continue to improve, but how do they compare to manual pen testing? Get help finding which is a better fit for your organization.  Continue Reading

• A day in the life of a cybersecurity manager

  The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule.  Continue Reading

• Top cybersecurity leadership challenges and how to solve them

  Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda.  Continue Reading

• How to prepare for malicious insider threats

  Stopping malicious insider threats is just as important as preventing external ones. Uncover what to look for and strategies to prevent insider threats before they cause damage.  Continue Reading

• Include defensive security in your cybersecurity strategy

  Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help.  Continue Reading

• 4 data privacy predictions for 2022 and beyond

  Data privacy will continue to heat up in 2022. From regulations to staffing to collaboration, will these data privacy predictions come to fruition in the next 12 months and beyond?  Continue Reading

• Nmap use cases, tools and product comparisons

  Nmap is historically known for port scanning, but thanks to several subprojects, its use cases have expanded. Learn how Nmap is used, along with other comparable tools.  Continue Reading

• How to use Nmap to scan for open ports

  One of Nmap's primary functions is conducting port scans. In this walkthrough, learn how to launch a default scan, along with other options that affect Nmap port scan behavior.  Continue Reading

• Enterprises reluctant to report cyber attacks to authorities

  Despite some successful law enforcement operations, including the seizure of a ransom payment, infosec experts say many enterprises are still unlikely to report cyber attacks.  Continue Reading

• Is quantum computing ready to disrupt cybersecurity?

  Quantum computing isn't here yet, but now is the time for companies to start considering how it may affect their business -- both negatively and positively -- in the next decade.  Continue Reading

• Editor's picks: Top cybersecurity articles of 2021

  As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more.  Continue Reading

• Types of cybersecurity controls and how to place them

  A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset.  Continue Reading

• Top infosec best practices, challenges and pain points

  Weak infosec practices can have irrevocable consequences. Read up on infosec best practices and challenges, as well as the importance of cybersecurity controls and risk management.  Continue Reading

• GDPR as we enter 2022: Challenges, enforcement and fines

  Take a look at where GDPR stands as it reaches its fourth birthday, including enforcement and fine changes, current challenges, how COVID-19 affected it and more.  Continue Reading

• Is a passwordless future getting closer to reality?

  Industry analysts offer predictions on the future of passwordless authentication and whether we'll ever truly get rid of one of security's weakest links.  Continue Reading

• Passwordless authentication issues to address before adoption

  The technology for passwordless authentication exists, but challenges remain. Companies must grapple with differing use cases, legacy software, adoption costs and more.  Continue Reading

• Elastic Stack Security tutorial: How to create detection rules

  This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data.  Continue Reading

• Elastic Security app enables affordable threat hunting

  New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers.  Continue Reading

• The components and objectives of privacy engineering

  Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives.  Continue Reading

• The intersection of privacy by design and privacy engineering

  Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how.  Continue Reading

• Ultimate guide to secure remote access

  This comprehensive secure remote access guide outlines the strategies, tools and best practices to provide anywhere access while protecting data, systems and users.  Continue Reading

• Tools to conduct security chaos engineering tests

  Security teams are becoming curious about how chaos engineering can benefit them. Read about the security chaos engineering tools available for early adopters.  Continue Reading

• API security strategies must evolve to include API protection

  An API security strategy must include the ability to protect APIs post-deployment, but questions abound about ownership, which tools to use and how to get started.  Continue Reading

• Why chaos engineering testing makes sense for cybersecurity

  Using the concept of chaos engineering, teams can determine whether systems perform as intended in time of need. But how does it relate to security?  Continue Reading

• Amid explosive growth, API security a growing concern

  APIs are expanding exponentially across the technology landscape and creating a vast attack surface that enterprise security teams are struggling to understand and defend.  Continue Reading

• 5 cybersecurity personality traits for a successful career

  In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates.  Continue Reading

• How to start a career in cybersecurity from the human side

  Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security.  Continue Reading

• How to use Python for privilege escalation in Windows

  Penetration testers can use Python to write scripts and services to discover security vulnerabilities. In this walkthrough, learn how to escalate privileges in Windows.  Continue Reading

• Why hackers should learn Python for pen testing

  The authors of 'Black Hat Python' explain the importance of learning Python for pen testing, how it helps create scripts to hack networks and endpoints, and more.  Continue Reading

• How to use Ghidra for malware analysis, reverse-engineering

  The Ghidra malware analysis tool helps infosec beginners learn reverse-engineering quickly. Get help setting up a test environment and searching for malware indicators.  Continue Reading

• Get started with the Ghidra reverse-engineering framework

  Malware analysts use Ghidra to examine code to better understand how it works. Learn what to expect from the reverse-engineering framework, how to start using it and more.  Continue Reading

• 10 CCPA enforcement cases from the law's first year

  It's been more than a year since CCPA enforcement began, and organizations started hearing from the California attorney general. Explore 10 early cases of alleged noncompliance.  Continue Reading

• 6 reasons unpatched software persists in the enterprise

  Patching is like flossing -- everyone knows they should do it, yet too few do it often and well. Explore why unpatched software is still ubiquitous, despite the risks.  Continue Reading

• How to prepare for the CIPP/US exam

  The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams.  Continue Reading

• Experts debate XDR market maturity and outlook

  Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go.  Continue Reading

• SolarWinds CEO: Breach transparency 'painful' but necessary

  SolarWinds CEO Sudhakar Ramakrishna discusses his company's ongoing breach investigation, shares lessons learned from the attack and cautions IT pros on zero trust.  Continue Reading

• Why companies should use AI for fraud management, detection

  AI is involved in many cybersecurity processes. Now it's making inroads in fraud management and detection. The benefits, however, are not without AI's nagging bias challenge.  Continue Reading

• 17 ransomware removal tools to protect enterprise networks

  Check out this list of ransomware removal platforms to detect possible security threats, block attacks, and erase any malware lingering on devices and enterprise networks.  Continue Reading

• Malware analysis for beginners: Getting started

  With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst.  Continue Reading

• Top static malware analysis techniques for beginners

  Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage.  Continue Reading

• How privacy engineers promote innovation and trust

  Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust.  Continue Reading

• The differences between open XDR vs. native XDR

  With extended detection and response, security teams get improved threat analytics and response capabilities. Here's what they need to know to choose the right type of XDR.  Continue Reading

• How to prepare for the CompTIA CySA+ exam

  The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more.  Continue Reading

• Keycloak tutorial: How to secure different application types

  IT pros and developers can secure applications with the open source IAM tool Keycloak. When you don't need to worry about passwords, it reduces the potential attack surface.  Continue Reading

• Secure applications with Keycloak authentication tool

  As we look toward the future of authentication, open source tools, such as Keycloak, provide companies a way to secure applications to its specific needs.  Continue Reading

• Cybersecurity investments surge in 2021 as VCs go all in

  Venture capital firms have flooded the cybersecurity market this year with investment dollars for young startups and established vendors alike. What's behind this surge?  Continue Reading

• 5 IAM trends shaping the future of security

  The importance of identity and access management cannot be denied. However, the same old tools can't properly secure today's complex environments. These IAM trends are here to help.  Continue Reading

• What is the BISO role and is it necessary?

  Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units.  Continue Reading

• Common Linux vulnerabilities admins need to detect and fix

  Server admins need to prepare for a variety of common Linux vulnerabilities, from software and hardware vulnerabilities to employee-created ones and even digital espionage.  Continue Reading

• How to implement Linux security best practices

  When setting up security for a company's infrastructure, admins need to focus on backups, patch management and regular vulnerability scans.  Continue Reading

• What are cloud containers and how do they work?

  Containers in cloud computing have evolved from a security buzzword. Deployment of cloud containers is now an essential element of IT infrastructure protection.  Continue Reading

• 10 identity and access management tools to protect networks

  IAM tools keep enterprises safe by ensuring only authorized users can access sensitive data and applications. Read this in-depth product overview of top tools on the market.  Continue Reading

• How to get started with security chaos engineering

  Introducing security chaos engineering: the latest methodology security teams can implement to proactively discover vulnerabilities or weaknesses in a company's system.  Continue Reading

• How cloud adoption is shaping digital identity trends in 2021

  Expert Carla Roncato explains what organizations need to know about emerging digital identity and security trends for the cloud, including CASB, CIEM and zero trust.  Continue Reading

• Hackers vs. lawyers: Security research stifled in key situations

  The age-old debate between sharing information or covering legal liability is a growing issue in everything from bug bounties to disclosing ransomware attacks.  Continue Reading