Get started

Get started

Bring yourself up to speed with our introductory content.

• How to use Nmap to scan ports: A complete tutorial

  Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues. Continue Reading

• What is integrated risk management (IRM)?

  Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions. Continue Reading

• What is COMSEC (communications security)?

  Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred. Continue Reading

• What is the Mitre ATT&CK framework?

  The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading

• An explanation of quantum cryptography

  Quantum cryptography uses photons to transmit keys securely through quantum properties, creating an unhackable system that outperforms traditional math-based encryption methods. Continue Reading

• Definitions to Get Started

  • What is integrated risk management (IRM)?
  • What is COMSEC (communications security)?
  • What is the Mitre ATT&CK framework?
  • What is a CISO (chief information security officer)?

  • What is biometric authentication?
  • What is cloud infrastructure entitlement management (CIEM)?
  • What is cybersecurity?
  • What is a CISO as a service (CISOaaS)?

  View All Definitions

• How to prepare for post-quantum computing security

  One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations.Continue Reading

• How to use the John the Ripper password cracker

  Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool.Continue Reading

• An explanation of encryption

  Encryption converts data into code that is only decipherable with the right key. This can be used to protect sensitive information in messages, payments and records.Continue Reading

• An explanation of purple teaming

  Purple teaming unites offensive red teams and defensive blue teams to share knowledge, find vulnerabilities and strengthen security through structured frameworks and playbooks.Continue Reading

• The differences between inbound and outbound firewall rules

  Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses.Continue Reading

• How to become a bug bounty hunter

  With the right strategy, tools and skills, software testers and security researchers can earn extra income as bug bounty hunters.Continue Reading

• An explanation of risk management for businesses

  Risk management transforms uncertainty into opportunity by identifying threats, evaluating impacts and implementing strategic controls to protect and enhance business value.Continue Reading

• How extortionware, cyberextortion and ransomware differ

  Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware.Continue Reading

• An explanation of firewall types and uses

  Firewalls protect networks by stopping malware at the perimeter. The various types can be deployed with other security measures but can also be used unethically to prohibit access.Continue Reading

• What is a CISO (chief information security officer)?

  The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program.Continue Reading

• An explanation of data breaches

  Data breaches can be intentional or accidental and come in various forms, but all types have the potential to cause considerable harm to individuals and organizations.Continue Reading

• What is biometric authentication?

  Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify their identity.Continue Reading

• An explanation of identity and access management

  Identity and access management systems safeguard businesses by controlling digital identities, managing access rights and implementing security protocols.Continue Reading

• What is cybersecurity?

  Cybersecurity is the practice of protecting systems, networks and data from digital threats.Continue Reading

• What is cloud infrastructure entitlement management (CIEM)?

  Cloud infrastructure entitlement management (CIEM) is a modern cloud security discipline for managing identities and privileges in cloud environments.Continue Reading

• What is cybersecurity mesh? Key applications and benefits

  Is it time to consider a different approach to security architecture? Cybersecurity mesh might be an effective way to address complex, distributed environments.Continue Reading

• CISO's guide to creating a cybersecurity board report

  An effective cybersecurity board report influences executive decision-making at the highest levels. Learn how to write a report that resonates with corporate directors.Continue Reading

• Incident response tabletop exercises: Guide and template

  Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event.Continue Reading

• What is a CISO as a service (CISOaaS)?

  CISO as a service, or CISOaaS, is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.Continue Reading

• What is post-quantum cryptography? Comprehensive guide

  Post-quantum cryptography, also known as quantum encryption or PQC, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.Continue Reading

• What is a message authentication code (MAC)? How it works and best practices

  A message authentication code (MAC) is a cryptographic checksum applied to a message to guarantee its integrity and authenticity.Continue Reading

• What is SIEM (security information and event management)?

  SIEM (security information and event management) is software that helps organizations detect, analyze, and respond to security threats by collecting and correlating security event data from across the IT environment in real time.Continue Reading

• What is the principle of least privilege (POLP)?

  The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.Continue Reading

• What is quantum key distribution (QKD)?

  Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.Continue Reading

• How to build a cybersecurity strategy and plan in 4 steps

  A cybersecurity strategy isn't meant to be perfect, but this high-level plan must be proactive, effective, actively supported and evolving. Here are four key steps to get there.Continue Reading

• What is risk analysis?

  Risk analysis is the process of identifying and analyzing potential issues that could negatively affect key business initiatives or projects.Continue Reading

• Cybersecurity career path: A strategic guide for professionals

  There's no single path for everyone, but knowing what employers look for and following these best practices can help you move up the cybersecurity career ladder.Continue Reading

• What is the ISO 31000 Risk Management standard?

  The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.Continue Reading

• What is cybersecurity transformation? Best practices for success

  Under increasing regulatory pressure and rising cyber threats, executives must prioritize cybersecurity transformation to safeguard assets, enable growth and ensure resilience.Continue Reading

• CISO playbook for securing AI in the enterprise

  CISOs must partner with executive leadership to adopt a business-aligned AI security strategy that protects the organization while enabling responsible AI adoption.Continue Reading

• What is vulnerability management? Definition, process and strategy

  Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.Continue Reading

• Why effective cybersecurity is important for businesses

  Cyberattacks can have serious financial and business consequences for companies, which makes implementing strong cybersecurity protections a critical step.Continue Reading

• What is phishing? Understanding enterprise phishing threats

  Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.Continue Reading

• SBOM formats explained: Guide for enterprises

  SBOMs inventory software components to help enhance security by tracking vulnerabilities. Teams have three standard SBOM formats to choose from: CycloneDX, SPDX and SWID tags.Continue Reading

• What is a virtual CISO (vCISO)? Does your business need one?

  The virtual chief information security officer (vCISO) is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis.Continue Reading

• How to build a cybersecurity RFP

  Crafting a cybersecurity RFP requires clear goals, precise questions and vendor vetting. Follow these guidelines to streamline the process and meet your company's security needs.Continue Reading

• Cybersecurity budget justification: A guide for CISOs

  The best way to get a security budget request denied? Present it like a jargon-filled shopping list. Instead, make the case by tying security spending to business outcomes.Continue Reading

• What is a virtual CISO (vCISO)? Does your business need one?

  The virtual chief information security officer is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis.Continue Reading

• What is Single Sign-On (SSO)? Definition, How It Works & Benefits

  Single sign-on (SSO) is a session and user authentication service that lets users access multiple applications or systems with a single set of login credentials.Continue Reading

• Cybersecurity governance: A guide for businesses to follow

  Cybersecurity governance is now critical, with NIST CSF 2.0 recently adding it as a dedicated function. Learn why governance is core to an effective cyber strategy.Continue Reading

• What is risk avoidance?

  Risk avoidance is the elimination of hazards, activities and exposures that can negatively affect an organization and its assets.Continue Reading

• What is pure risk?

  Pure risk refers to risks that are beyond human control and result in a loss or no loss, with no possibility of financial gain.Continue Reading

• What is residual risk? How is it different from inherent risk?

  Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made.Continue Reading

• What is a SYN flood DoS attack?

  A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. This exploit is also known as a 'half-open attack.'Continue Reading

• What is a cyberattack? 16 common types and how to prevent them

  To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks, how to prevent them and their effect on daily business.Continue Reading

• What executives must know about nation-state threat actors

  Nation-state threat actors like Russia, China, Iran and North Korea are targeting critical infrastructure and sensitive data, so executives must prepare to defend against them.Continue Reading

• What is risk assessment?

  Risk assessment is the process of identifying hazards that could negatively affect an organization's ability to conduct business.Continue Reading

• What is an advanced persistent threat (APT)?

  An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.Continue Reading

• How to create an SBOM: Example and free template

  SBOMs provide an inventory of every component in an organization's software supply chain. Use this free downloadable SBOM template to create one for your organization.Continue Reading

• 5 essential programming languages for cybersecurity pros

  Coding is an important skill across almost every technology discipline, and cybersecurity is no exception. Learn about the top programming languages for security professionals.Continue Reading

• Hydra password-cracking tool: How to download and use it for good

  Ethical hackers, need help brute forcing passwords? Learn how to download and use the open source Hydra password-cracking tool with this step-by-step tutorial and companion video.Continue Reading

• What is HMAC (Hash-Based Message Authentication Code)?

  Hash-based message authentication code (HMAC) is a message encryption method that uses a cryptographic key with a hash function.Continue Reading

• What is operational risk?

  Operational risk is the risk of losses caused by flawed or failed processes, policies, systems, people or events that disrupt business operations.Continue Reading

• What is cyber risk quantification (CRQ)? How to get it right

  Cyber risk quantification translates security threats into financial terms, so executives can prioritize risks, justify investments and allocate resources to protect the business.Continue Reading

• Cybersecurity risk management: Best practices and frameworks

  This proactive approach protects business operations, ensures compliance and preserves reputation through comprehensive security practices.Continue Reading

• Enumeration attacks: What they are and how to prevent them

  User and network enumeration attacks help adversaries plan strong attack campaigns. Prevent them with MFA, rate limiting, CAPTCHA, secure code and more.Continue Reading

• 12 common types of malware attacks and how to prevent them

  More than one billion active malware programs exist worldwide. Is your organization prepared to prevent these 12 types of malware attacks?Continue Reading

• AI-powered attacks: What CISOs need to know now

  AI-powered attacks are transforming cybersecurity, using AI to automate and personalize threats at an unprecedented scale since 2022.Continue Reading

• Symmetric vs. asymmetric encryption: Understand key differences

  Explore the differences between symmetric vs. asymmetric encryption, including how they work and common algorithms, as well as their pros and cons.Continue Reading

• Why identity is the new perimeter – and how to defend it

  Identity has replaced network boundaries as today's security perimeter. Organizations must focus on protecting digital identities to safeguard their assets.Continue Reading

• What is cyber extortion?

  Cyber extortion is a crime involving an attack or threat of an attack, coupled with a demand for money or some other response, in return for stopping an attack or preventing one from happening.Continue Reading

• What is the WannaCry ransomware attack?

  WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS).Continue Reading

• What is a chief risk officer (CRO)? A detailed CRO job description

  The chief risk officer (CRO) is a senior executive tasked with assessing, overseeing and mitigating an organization's risks.Continue Reading

• What is a next-generation firewall (NGFW)?

  A next-generation firewall (NGFW) is a network security device that combines traditional firewall capabilities with advanced features to detect and block sophisticated cyberattacks.Continue Reading

• What is a time-based one-time password?

  A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors.Continue Reading

• What is security?

  Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.Continue Reading

• What is triple extortion ransomware?

  Triple extortion ransomware is a type of ransomware attack in which a cybercriminal extorts their victim multiple times -- namely by encrypting data, exposing exfiltrated data and then threatening an additional third attack vector.Continue Reading

• What is double extortion ransomware? How to defend your organization

  Double extortion ransomware is a type of cyberattack that encrypts a victim's data, like in a traditional ransomware attack, while also adding a second attack vector of stealing that data.Continue Reading

• How to create a remote access policy, with template

  Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access policy.Continue Reading

• What is data risk management? Key risks and best practices

  Data risk management identifies, assesses and mitigates threats to organizational data, safeguarding sensitive information from unauthorized access.Continue Reading

• What is data security posture management (DSPM)?

  Data security posture management, or DSPM, is an approach that combines technologies and processes to provide a holistic view of a company's sensitive data, including where the data is, who has access to it, how it has been used and its security ...Continue Reading

• What is a firewall and why do I need one?

  A firewall is a network security device that prevents unauthorized access to a network by inspecting incoming and outgoing traffic using a set of predetermined security rules.Continue Reading

• What is risk appetite?

  Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.Continue Reading

• What is penetration testing?

  A penetration test, also called a 'pen test,' is a simulated cyberattack on a computer system, network or application to identify and highlight vulnerabilities in an organization's security posture.Continue Reading

• What is a security operations center (SOC)?

  A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks.Continue Reading

• What is a risk profile? Definition, examples and types

  A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.Continue Reading

• What is risk reporting?

  Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.Continue Reading

• 15 of the biggest ransomware attacks in history

  From attacks on private organizations and manufacturers to healthcare organizations and even entire countries, ransomware has done extensive damage in recent years.Continue Reading

• 7 stages of the ransomware lifecycle

  It can be nearly impossible to predict if or how a ransomware group will target an organization, but there are knowable stages of a ransomware attack.Continue Reading

• What is a risk map (risk heat map)?

  A risk map, or risk heat map, is a data visualization tool for communicating specific risks an organization faces.Continue Reading

• What is risk exposure in business?

  Risk exposure is the quantified potential loss from currently underway or planned business activities.Continue Reading

• What is crypto ransomware? How cryptocurrency aids attackers

  Crypto ransomware is a form of ransomware that uses cryptography to encrypt computer files so that the victim cannot access them. In exchange for the demanded ransom, the attacker claims it will tell the victimized business how to regain access to ...Continue Reading

• What is a brute-force attack?

  A brute-force attack is a trial-and-error hacking method cybercriminals use to decode login information and encryption keys to gain unauthorized access to systems.Continue Reading

• The history and evolution of ransomware attacks

  Ransomware creators have become more innovative and savvier as organizations up their defenses.Continue Reading

• What is Pretty Good Privacy and how does it work?

  Pretty Good Privacy, or PGP, was a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.Continue Reading

• Ransomware trends, statistics and facts in 2025

  Supply chain attacks, double extortion and RaaS are some of the ransomware trends that will continue to disrupt businesses in 2025. Is your industry a top target?Continue Reading

• What is corporate governance?

  Corporate governance is the combination of rules, processes and laws by which businesses are operated, regulated and controlled.Continue Reading

• What is cloud security?

  Cloud security, or cloud computing security, is a set of policies, practices and controls deployed to protect cloud-based data, applications and infrastructure from cyberattacks and cyberthreats.Continue Reading

• 8 types of ransomware, plus examples of attacks

  There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work and review notable attacks and variants.Continue Reading

• How to create a data breach response plan, with free template

  A data breach response plan outlines how a business reacts to a breach. Follow these six steps, and use our free template to develop your organization's plan.Continue Reading

• How to report ransomware attacks: Steps to take

  The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible.Continue Reading

• What is a hacker?

  A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.Continue Reading

• What is a web application firewall (WAF)? WAF explained

  A web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats.Continue Reading

• What is a buffer overflow? How do these types of attacks work?

  A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold.Continue Reading

• What is elliptical curve cryptography (ECC)?

  Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.Continue Reading