Evaluate

Evaluate

Weigh the pros and cons of technologies, products and projects you are considering.

• Can a new DHS cybersecurity strategy help the private sector?

  The U.S. Department of Homeland Security outlines federal plans to improve public and private cybersecurity, but analysts advise caution over strategies that can't be mandated. Continue Reading

• 6 AIOps security use cases to safeguard the cloud

  Explore six AIOps security use cases in cloud environments, such as threat intelligence analysis and malware detection, as well as expert advice on implementation considerations. Continue Reading

• Implement Kubernetes for multi-cloud architecture security

  Uncover how orchestration tools benefit multi-cloud environments, and get help selecting the right deployment model for Kubernetes in multi-cloud architectures. Continue Reading

• Endpoint security vs. network security: Why both matter

  As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading

• 3 ransomware distribution methods popular with attackers

  To prevent cyber attacks, understanding how they work is half the battle. Explore the most common ransomware distribution methods in this excerpt of 'Preventing Ransomware.' Continue Reading

• Malware researcher speculates on the future of ransomware

  Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals.Continue Reading

• 5 cyber threat intelligence feeds to evaluate

  Cyber threat intelligence feeds help organizations up their security game. While the 'best' feeds vary depending on a company's needs, here are five leading services to consider.Continue Reading

• SolarWinds fallout has enterprise CISOs on edge

  As investigators uncover more about the massive SolarWinds hack, enterprise CISOs' concerns about digital supply chain security grow.Continue Reading

• Using content disarm and reconstruction for malware protection

  Content disarm and reconstruction is a modern approach to removing malicious code from files, key to detecting and thwarting successful phishing and malware attacks.Continue Reading

• The security battle over entitlements and permissions creep

  IT must continually keep track of entitlements and permissions for all their cloud services, with methods such as CI/CD tools, increased visibility and continuous monitoring.Continue Reading

• 2021 cybersecurity predictions: Oh, where cybersecurity may go

  Jonathan Meyers sees 2021 bringing cybersecurity challenges to the forefront, like more cyberattacks on local governments, BYOD security issues and AI and ML overhype.Continue Reading

• Select a customer IAM architecture to boost business, security

  Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your organization's needs? Read on for help deciding.Continue Reading

• Extended detection and response tools take EDR to next level

  Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints.Continue Reading

• Biometric security technology could see growth in 2021

  Enterprise use of biometrics for security may see an uptick by organizations looking to defend themselves from attacks, but they must weigh the concerns against the benefits.Continue Reading

• Editor's picks: Top cybersecurity articles of 2020

  As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months.Continue Reading

• What is SecOps? Everything you need to know

  SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC.Continue Reading

• Technology a double-edged sword for U.S. election security

  Technologies were weaponized to undermine the 2020 U.S. presidential election, but IT systems have also helped to identify fraud and verify results in a hotly contested election.Continue Reading

• How cloud-based SIEM tools benefit SOC teams

  It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure.Continue Reading

• Counter threats with these top SecOps software options

  SecOps tools offer many capabilities to address common threats enterprises face, including domain name services, network detection and response, and anti-phishing.Continue Reading

• SASE model drives improved cloud and work-from-home security

  Find out how the Secure Access Service Edge model provides increased work-from-home security and cloud access outside of the traditional enterprise data center access model.Continue Reading

• Weighing remote browser isolation benefits and drawbacks

  Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach.Continue Reading

• Compare 5 SecOps certifications and training courses

  Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat monitoring and incident response.Continue Reading

• Cyber insurance explained, from selection to post-purchase

  Before you sign on the dotted line, make sure you understand what cyber insurance can and can't do -- and what type of policy will do the most for you.Continue Reading

• Choosing between proxy vs. API CASB deployment modes

  Curious how to choose the right CASB deployment mode for your organization? Before you buy, compare how proxy vs. API CASB architectures work to secure SaaS applications.Continue Reading

• How to use the Mitre ATT&CK framework for cloud security

  Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure.Continue Reading

• Using SDP as a VPN alternative to secure remote workforces

  Software-defined perimeter has been touted as a VPN alternative for secure remote access. How do you know if SDP or a traditional VPN is right for your company?Continue Reading

• Weighing the future of firewalls in a zero-trust world

  Cybersecurity pros have been predicting the firewall's demise for years, yet the device is still with us. But does it have a place in zero-trust networks? One analyst says yes.Continue Reading

• AI in security analytics is the enhancement you need

  AI-powered analytics is critical to an effective, proactive security strategy. Learn how AI-enabled tools work and what your organization needs to do to reap their benefits.Continue Reading

• AI in cybersecurity ups your odds against persistent threats

  AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle.Continue Reading

• Security automation tools and analytics reshape SecOps efforts

  To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change.Continue Reading

• Zero-trust network policies should reflect varied threats

  Role-based access systems create enormous pools of responsibility for administrators. Explore how to eliminate these insecure pools of trust with zero-trust network policies.Continue Reading

• Zero-trust methodology's popularity a double-edged sword

  The authors of 'Zero Trust Networks' discuss how the zero-trust methodology's popularity produces both vendor hype and renewed attention to critical areas of security weakness.Continue Reading

• Why SASE should be viewed as an evolution, not revolution

  The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals.Continue Reading

• Evaluating SOC automation benefits and limitations

  Security operations center automation can help address the security skills gap by scaling critical analyst responsibilities. But an overreliance on AI introduces other risks.Continue Reading

• How enterprise cloud VPN protects complex IT environments

  Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment.Continue Reading

• The Ghidra Book interview with co-author Kara Nance

  Ghidra has had a huge impact on the reverse-engineering community. Kara Nance, co-author of The Ghidra Book, discusses this impact as the open source tool has evolved.Continue Reading

• Weighing double key encryption challenges, payoffs

  Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges?Continue Reading

• Explore self-sovereign identity use cases and benefits

  The future of digital identity may look a lot like how we identify ourselves in real life. Learn more about self-sovereign identity use cases and features in this excerpt.Continue Reading

• Oversee apps with these 3 application security testing tools

  Unsecured applications can have dire consequences for enterprises. Discover how top app security testing tools on the market today protect apps and enhance developer productivity.Continue Reading

• Cybersecurity testing essentials for mergers and acquisitions

  Before moving forward with an M&A, conduct some cybersecurity testing to ensure your company knows how the acquired company protects data, employees and customers.Continue Reading

• An inside look at the CCSP cloud security cert

  Get insights into the Certified Cloud Security Professional cert, cloud infrastructure and platform benefits and risks, and more from the author of a CCSP exam guide.Continue Reading

• How cloud security posture management protects multi-cloud

  Improve control plane security at your organization by integrating a cloud security posture management tool into your existing multi-cloud strategy.Continue Reading

• Site-to-site VPN security benefits and potential risks

  Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk.Continue Reading

• Infrastructure as code's security risks and rewards

  Infrastructure as code can yield some exciting security benefits for enterprises, but they each come with drawbacks. Learn more about the most critical IaC security impacts.Continue Reading

• Cybersecurity new normal needs change in process, CISOs say

  As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal.Continue Reading

• How security champions can help, despite working remotely

  By effectively using collaboration tools, security champions can still spread a company's security message even as most offices stay closed and employees work remotely.Continue Reading

• What cybersecurity teams can learn from COVID-19

  Nabil Hannan examines key similarities between medical and computer viruses that cybersecurity teams can use to keep businesses protected effectively.Continue Reading

• Security team analyzes data breach costs for better metrics

  Security researchers discuss their findings on misleading and incorrect data breach cost metrics and share how breach reporting and information sharing can help all organizations.Continue Reading

• The case for cybersecurity by design in application software

  Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it.Continue Reading

• 7 security awareness statistics to keep you up at night

  As if protecting corporate systems and data wasn't hard enough, beware of another potential foe: those well-meaning but woefully uninformed staff members.Continue Reading

• Importance of cybersecurity awareness never greater

  Security awareness is more essential than ever, but in a world of increasingly sophisticated threats, making it a reality requires more than set-it-and-forget-it training.Continue Reading

• As network security analysis proves invaluable, NDR market shifts

  IT infrastructure threat detection and response have emerged as critical elements of enterprise cybersecurity as network security analysis proves invaluable to protecting data.Continue Reading

• The importance of security, data encryption for cloud

  As more companies migrate to the cloud, they need to also invest in cybersecurity for their cloud computing, such as through better encryption and authentication tools.Continue Reading

• Cloud workload protection platform security benefits, features

  VMs and cloud environments make the task of protecting workloads more difficult than ever. Can a cloud workload protection platform help your organization solve the problem?Continue Reading

• Zero-trust framework ripe for modern security challenges

  What is zero-trust security, and why deploy it now? Analysts explain its importance in the current IT era and how to get started with evaluation and implementation.Continue Reading

• Post-pandemic cybersecurity: Lessons learned

  Pandemic lockdowns provided companies with valuable cybersecurity experience. Here's how to make sure post-pandemic cybersecurity operations are prepared for a second wave.Continue Reading

• To face modern threats, using AI for cybersecurity a necessity

  As cyberattacks grow in complexity, using AI for cybersecurity is required to stay ahead of threats. Here's how to integrate AI into security processes and avoid potential risk.Continue Reading

• How cyber warfare laws limit risk on a digital battleground

  Retired Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book.Continue Reading

• The future of cyber warfare requires infosec's attention

  The future of cyber warfare places enterprise security and survivability in the crosshairs. Learn more about cyber warfare threats and capabilities and how infosec can prepare.Continue Reading

• Why COVID-19 won't stop cybersecurity jobs and recruitment

  The economy is struggling, and many careers are taking hits, but cybersecurity jobs and careers will likely stay in demand as companies need to keep data and customers safe.Continue Reading

• Privacy-preserving machine learning assuages infosec fears

  Implementing privacy-preserving machine learning controls, such as federated learning and homomorphic encryption, can address top cloud security and privacy concerns. Learn how.Continue Reading

• Istio service mesh security benefits microservices, developers

  Learn more about Istio service mesh security features and how the open source technology can enable developers to better run, control and secure a distributed microservices architecture.Continue Reading

• Unpack the use of AI in cybersecurity, plus pros and cons

  The use of AI in cybersecurity is now under renewed scrutiny as its popularity rises. Discover the pros and cons of machine learning and AI for incident response.Continue Reading

• Benefits of open source container vulnerability scanning

  Containers have revolutionized app development but pose many security challenges. Uncover how container vulnerability scanning can help and why to consider open source tools.Continue Reading

• SASE adoption accelerating as workforce goes remote

  Experts suggest enterprises should consider SASE adoption for network security as the remote workforce grows in order to reduce cost and complexity.Continue Reading

• Top 6 cloud security analytics use cases

  Security analytics use cases vary from fraud detection to threat intelligence analysis. Learn how deploying this technology in the cloud can improve enterprise infosec programs.Continue Reading

• Top 3 advantages of smart cards -- and potential disadvantages

  As smart card adoption increases, it is prudent to take a closer look at how this technology can improve data security. Here, read more about the benefits of smart cards.Continue Reading

• Is VPN split tunneling worth the security risks?

  Enabling VPN split tunneling may increase speed and decrease bandwidth use and costs, but it also increases the number of security vulnerabilities faced.Continue Reading

• Risk & Repeat: When will mobile voting be ready?

  This week's Risk & Repeat podcast examines the rise of mobile voting apps and how security experts have expressed concerns about the risks deploying the technology for elections.Continue Reading

• CCSK cert guide author's insights into cloud security credential

  The author of a Certificate of Cloud Security Knowledge exam guide offers insights into certifications, top considerations for those pursuing the CCSK and more.Continue Reading

• Comparing single cloud vs. multi-cloud security challenges

  A multi-cloud environment is not inherently more secure than a single cloud. Learn how to choose between single cloud vs. multi-cloud for your organization from a security perspective.Continue Reading

• Compare the top cloud-based IoT security platforms to protect devices

  IoT security tools can protect widely used computing devices that pose cybersecurity risks in the current remote work era. Explore the leading cloud-based options here.Continue Reading

• How data loss prevention strategies benefit from UBA

  Data loss prevention strategies require unique insight into user activity. Can user behavior analytics capabilities benefit threat management and breach detection?Continue Reading

• How can security benefit from cyberthreat intelligence?

  Cyberthreat intelligence is essential to understand common external-facing risks. Learn how to find the right threat intelligence feed and how the data can benefit cybersecurity.Continue Reading

• Why developers need to know the Spring Security framework

  The Spring Security framework is a reliable way for Java developers to secure applications. However, proper implementation is critical to prevent the most common vulnerabilities.Continue Reading

• Utilize SMB security tools to work from home safely

  With the global pandemic forcing enterprise workers home, SMB security tools can provide necessary protection for newly built home offices in order to keep business moving.Continue Reading

• Bot management drives ethical data use, curbs image scraping

  Bot management tools can help enterprises combat bad bots, prevent web and image scraping, and ensure ethical data use -- all while maintaining a positive end-user experience.Continue Reading

• AI pen testing promises, delivers both speed and accuracy

  AI is making many essential cybersecurity tasks more effective and efficient. AI-enabled penetration testing, or BAS, technologies are a case in point.Continue Reading

• SASE identity policies enhance security and access control

  Will the Secure Access Service Edge model be the next big thing in network security? Learn how SASE's expanded definition of identity is fundamental to this emerging access model.Continue Reading

• 4 essential AI-enabled security concerns for buyers and vendors

  Experts offer four concerns for enterprises and vendors to discuss in order to deploy and run AI-based cybersecurity tools.Continue Reading

• Will nonprofit's evolution of zero trust secure consumer data?

  An Australian nonprofit aims to deliver an improved security protocol through what it calls a 'true zero-trust custody layer.' Will the protocol improve consumer data protection?Continue Reading

• AI Security Alliance urges clarity for buying AI security tools

  Vendors and customers must be aware of potential gaps between expectations and reality in the sale or purchase of AI cybersecurity products, an AI security expert advises.Continue Reading

• Analyzing the top 2019 data breach disclosures: Hindsight in 2020

  Make 2020 the year your company keep its resolution to avoid a data breach. Experts offer lessons learned from the top 2019 data breaches to help stay secure in the year ahead.Continue Reading

• The future of facial recognition after the Clearview AI data breach

  The company that controversially scrapes data from social media sites for law enforcement clients announced a data breach. What does it mean for the future of facial recognition?Continue Reading

• 5G network slicing security benefits IoT, mobile

  The fifth generation of mobile cellular technology offers a unique benefit its predecessors don't: network slicing. Learn more about these virtual slices and their security benefits.Continue Reading

• Cyberinsurance coverage reflects a changing threat landscape

  A constant deluge of data breach disclosures has prompted an increase in cybersecurity insurance coverage adoption. Learn how a policy can enhance an enterprise risk management program.Continue Reading

• Good cybersecurity thesis topics for a master's degree

  Writing a master's thesis? A strong topic positions you for academic and professional success, while a weak one promises to make an already intensive process arduous at best.Continue Reading

• Who wins the security vs. privacy debate in the age of AI?

  When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate.Continue Reading

• Fighting PCI non-compliance could require new frameworks, zero trust

  Falling PCI DSS compliance rates could force the PCI Security Standards Council to be more open to other regulatory frameworks and make enterprises aim higher in terms of data security. Could zero trust be part of the solution?Continue Reading

• Benefits of cloud data discovery tools and services multiply

  With multi-cloud and privacy regulations becoming the new normal, infosec teams need data discovery tools and services to keep up. Learn more about available cloud options.Continue Reading

• Risk & Repeat: More McAfee executives depart

  This week's Risk & Repeat podcast discusses the revelation that more executives have left McAfee amid the unexpected departure of longtime CEO Chris Young last month.Continue Reading

• Risk & Repeat: 2019 data breaches in review

  This week's Risk & Repeat podcast looks at some of the biggest data breach disclosures from the second half of 2019 and discusses the trends around these incidents.Continue Reading

• 2 components of detection and threat intelligence platforms

  Deploying threat detection and intelligence platforms is one of the smartest ways to protect your organization's valuable assets. Make sure you know how to choose the best tool.Continue Reading

• Cisco CISO says today's enterprise must take chances

  Cisco CISO Steve Martino talks about taking chances, threats, how the security leader's role is changing and what really works when it comes to keeping the company secure.Continue Reading

• Can IDaaS adoption improve enterprise security posture?

  Experts suggest enterprises consider identity as a service as organizations' data management needs grow and access management becomes more complex.Continue Reading

• Compare container security companies for the best protection

  Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic.Continue Reading

• Lyft's open source asset tracking tool simplifies security

  Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset tracking tool, creates highly comprehensive maps.Continue Reading

• Top 10 cybersecurity predictions: 2020 edition

  When it comes to cybersecurity predictions, in many ways, 2020 is a continuation of the present. Emerging trends include nation-state activity, IoT infrastructure attacks and more.Continue Reading

• AI and machine learning in cybersecurity: Trends to watch

  AI and machine learning in cybersecurity are not so much useful to security teams today as they are necessary. Examine cybersecurity automation trends and benefits.Continue Reading

• Editor's picks: Most pressing cybersecurity stories in 2019

  As the year comes to an end, SearchSecurity takes a bird's-eye view of the sophisticated cyberthreat landscape and how it has changed over the past 12 months.Continue Reading