Get started

Get started

Bring yourself up to speed with our introductory content.

• Why identity is the new perimeter – and how to defend it

  Identity has replaced network boundaries as today's security perimeter. Organizations must focus on protecting digital identities to safeguard their assets. Continue Reading

• What is cyber extortion?

  Cyber extortion is a crime involving an attack or threat of an attack, coupled with a demand for money or some other response, in return for stopping an attack or preventing one from happening. Continue Reading

• What is the WannaCry ransomware attack?

  WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS). Continue Reading

• What is a chief risk officer (CRO)? A detailed CRO job description

  The chief risk officer (CRO) is a senior executive tasked with assessing, overseeing and mitigating an organization's risks. Continue Reading

• What is a next-generation firewall (NGFW)?

  A next-generation firewall (NGFW) is a network security device that combines traditional firewall capabilities with advanced features to detect and block sophisticated cyberattacks. Continue Reading

• Definitions to Get Started

  • What is cyber extortion?
  • What is the WannaCry ransomware attack?
  • What is a chief risk officer (CRO)? A detailed CRO job description
  • What is a next-generation firewall (NGFW)?

  • What is a time-based one-time password?
  • What is security?
  • What is triple extortion ransomware?
  • What is double extortion ransomware? How to defend your organization

  View All Definitions

• What is a time-based one-time password?

  A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors.Continue Reading

• What is security?

  Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.Continue Reading

• What is triple extortion ransomware?

  Triple extortion ransomware is a type of ransomware attack in which a cybercriminal extorts their victim multiple times -- namely by encrypting data, exposing exfiltrated data and then threatening an additional third attack vector.Continue Reading

• What is double extortion ransomware? How to defend your organization

  Double extortion ransomware is a type of cyberattack that encrypts a victim's data, like in a traditional ransomware attack, while also adding a second attack vector of stealing that data.Continue Reading

• How to create a remote access policy, with template

  Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access policy.Continue Reading

• What is data risk management? Key risks and best practices

  Data risk management identifies, assesses and mitigates threats to organizational data, safeguarding sensitive information from unauthorized access.Continue Reading

• What is data security posture management (DSPM)?

  Data security posture management, or DSPM, is an approach that combines technologies and processes to provide a holistic view of a company's sensitive data, including where the data is, who has access to it, how it has been used and its security ...Continue Reading

• What is a firewall and why do I need one?

  A firewall is a network security device that prevents unauthorized access to a network by inspecting incoming and outgoing traffic using a set of predetermined security rules.Continue Reading

• What is risk appetite?

  Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.Continue Reading

• What is penetration testing?

  A penetration test, also called a 'pen test,' is a simulated cyberattack on a computer system, network or application to identify and highlight vulnerabilities in an organization's security posture.Continue Reading

• What is a security operations center (SOC)?

  A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks.Continue Reading

• What is a risk profile? Definition, examples and types

  A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.Continue Reading

• What is risk reporting?

  Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.Continue Reading

• 15 of the biggest ransomware attacks in history

  From attacks on private organizations and manufacturers to healthcare organizations and even entire countries, ransomware has done extensive damage in recent years.Continue Reading

• What is a risk map (risk heat map)?

  A risk map, or risk heat map, is a data visualization tool for communicating specific risks an organization faces.Continue Reading

• 7 stages of the ransomware lifecycle

  It can be nearly impossible to predict if or how a ransomware group will target an organization, but there are knowable stages of a ransomware attack.Continue Reading

• What is risk exposure in business?

  Risk exposure is the quantified potential loss from currently underway or planned business activities.Continue Reading

• What is crypto ransomware? How cryptocurrency aids attackers

  Crypto ransomware is a form of ransomware that uses cryptography to encrypt computer files so that the victim cannot access them. In exchange for the demanded ransom, the attacker claims it will tell the victimized business how to regain access to ...Continue Reading

• What is a brute-force attack?

  A brute-force attack is a trial-and-error hacking method cybercriminals use to decode login information and encryption keys to gain unauthorized access to systems.Continue Reading

• The history and evolution of ransomware attacks

  Ransomware creators have become more innovative and savvier as organizations up their defenses.Continue Reading

• What is Pretty Good Privacy and how does it work?

  Pretty Good Privacy, or PGP, was a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.Continue Reading

• Ransomware trends, statistics and facts in 2025

  Supply chain attacks, double extortion and RaaS are some of the ransomware trends that will continue to disrupt businesses in 2025. Is your industry a top target?Continue Reading

• What is corporate governance?

  Corporate governance is the combination of rules, processes and laws by which businesses are operated, regulated and controlled.Continue Reading

• What is cloud security?

  Cloud security, or cloud computing security, is a set of policies, practices and controls deployed to protect cloud-based data, applications and infrastructure from cyberattacks and cyberthreats.Continue Reading

• 8 types of ransomware, plus examples of attacks

  There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work and review notable attacks and variants.Continue Reading

• How to create a data breach response plan, with free template

  A data breach response plan outlines how a business reacts to a breach. Follow these six steps, and use our free template to develop your organization's plan.Continue Reading

• How to report ransomware attacks: Steps to take

  The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible.Continue Reading

• What is a hacker?

  A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.Continue Reading

• What is a web application firewall (WAF)? WAF explained

  A web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats.Continue Reading

• What is a buffer overflow? How do these types of attacks work?

  A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold.Continue Reading

• What is elliptical curve cryptography (ECC)?

  Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.Continue Reading

• What is pharming?

  Pharming is a scamming practice in which malicious code is installed on a PC or server, misdirecting users to fraudulent websites without their knowledge or consent.Continue Reading

• What is a pass-the-hash attack?

  A pass-the-hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network.Continue Reading

• What is a rootkit?

  A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and control over a computer or other system.Continue Reading

• What is a copyright?

  Copyright is a legal term describing ownership or control of the rights to use and distribute certain works of creative expression, including books, video, motion pictures, musical compositions and computer programs.Continue Reading

• What is Kerberos and how does it work?

  Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.Continue Reading

• What are the most common digital authentication methods?

  How an organization authenticates users and devices is a hugely important piece in the cybersecurity puzzle. Get to know the various forms of digital authentication.Continue Reading

• SEC cybersecurity disclosure rules, with checklist

  Public companies must regularly share information about their cybersecurity practices and disclose details of material cyberincidents. Learn how to comply.Continue Reading

• What is a certificate authority (CA)?

  A certificate authority (CA) is a trusted entity that issues digital certificates to authenticate content sent from web servers.Continue Reading

• What is promiscuous mode in networking?

  In computer networking, promiscuous mode is a mode of operation in which a network device, such as a network interface card (NIC) or an adapter on a host system, can intercept and read in its entirety each network packet that arrives instead of just...Continue Reading

• How to create a data security policy, with template

  When it comes to data security, the devil is in the details. One critical detail organizations shouldn't overlook is a succinct yet detailed data security policy.Continue Reading

• Using shred and dd commands in Linux to securely wipe data

  When it's time to get rid of old systems or when moving one system from one location to another, it's a good idea to use Linux utilities to securely delete existing data.Continue Reading

• What is the Twofish encryption algorithm?

  Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.Continue Reading

• Types of DNS servers and how they work, plus security threats

  DNS security is a critical component of system administration. Learn about five types of DNS servers, what each does and the security threats each server faces.Continue Reading

• What is cyberstalking and how to prevent it?

  Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum.Continue Reading

• What is a watering hole attack?

  A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.Continue Reading

• What is multifactor authentication?

  Multifactor authentication (MFA) is an IT security technology that requires multiple sources of unique information from independent categories of credentials to verify a user's identity for a login or other transaction.Continue Reading

• What is the NSA and how does it work?

  The National Security Agency (NSA) is a federal government surveillance and intelligence agency that's part of the U.S. Department of Defense and is managed under the authority of the director of national intelligence (DNI).Continue Reading

• What is a DMZ in networking?

  In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet. DMZs are also known as perimeter networks or screened ...Continue Reading

• What is domain generation algorithm (DGA)?

  A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGAs provide malware with new domains to evade security countermeasures.Continue Reading

• What is federated identity management (FIM)? How does it work?

  Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks.Continue Reading

• WAF vs. RASP for web app security: What's the difference?

  Web application firewalls use a negative security model, while runtime application self-protection tools use a positive security model. Which is better at keeping apps secure?Continue Reading

• What is application allowlisting?

  Application allowlisting, previously known as 'application whitelisting,' is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.Continue Reading

• Penetration testing vs. vulnerability scanning: What's the difference?

  Confused by the distinctions between penetration testing and vulnerability scanning? You're not alone. Learn the key differences between the two and when to use each.Continue Reading

• What is a checksum?

  A checksum is a value that represents the number of bits in a transmission message. IT professionals use it to detect high-level errors within data transmissions.Continue Reading

• What is TLS (Transport Layer Security)? Definition & Uses

  Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.Continue Reading

• What is an attack vector?

  An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome.Continue Reading

• What is email spoofing?

  Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.Continue Reading

• What is challenge-response authentication?

  In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, programs and activities.Continue Reading

• What is defense in depth?

  Defense in depth is a cybersecurity strategy that uses multiple security measures to protect an organization's networks, systems and data.Continue Reading

• What are social engineering attacks?

  Social engineering is an attack vector that relies heavily on human interaction and often involves psychological manipulation of people into breaking normal security procedures and best practices to gain unauthorized access.Continue Reading

• What is a botnet?

  A botnet is a collection of internet-connected devices -- including PCs, servers, mobile devices and internet of things (IoT) devices -- infected and controlled by a common type of malware, often unbeknownst to their owners.Continue Reading

• What is a denial-of-service attack?

  A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to access computer systems, networks, services or other IT resources.Continue Reading

• What is cyber hijacking?

  Cyber hijacking, or computer hijacking, is a type of network security attack in which the threat actor takes control of computer systems, software programs and network communications.Continue Reading

• What is antimalware?

  Antimalware is a software program created to protect IT systems and individual computers from malicious software, or malware.Continue Reading

• What is Blowfish?

  Blowfish is a variable-length, symmetric, 64-bit block cipher.Continue Reading

• What is a honeypot? How it protects against cyberattacks

  A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to help organizations detect, deflect and study hacking attempts to gain unauthorized access to IT.Continue Reading

• How to use pfSense: Use cases and initial configurations

  Open source firewall and routing software pfSense offers a compelling mix of capabilities that can work for organizations large and small.Continue Reading

• What is the RSA algorithm?

  The RSA algorithm (Rivest-Shamir-Adleman) is a public key cryptosystem that uses a pair of keys for securing digital communication and transactions over insecure networks, such as the internet.Continue Reading

• What is physical security and how does it work?

  Physical security protects personnel, hardware, software, networks, facilities and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.Continue Reading

• What is cyber insurance, and why is it important?

  Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract a business or other organization can purchase to reduce the financial risks associated with doing business online.Continue Reading

• How to create a third-party risk management policy

  NIST's Cybersecurity Framework offers some helpful tips for organizations to fortify their third-party risk management strategies. Here's how to implement them.Continue Reading

• What is Internet Key Exchange (IKE)?

  Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).Continue Reading

• What is a certificate revocation list (CRL) and how is it used?

  A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date.Continue Reading

• What is cryptology?

  Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.Continue Reading

• What is biometric verification?

  Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.Continue Reading

• What is DOS (Disk Operating System)?

  A DOS, or disk operating system, is an operating system (OS) that runs from a disk drive. The term can also refer to a particular family of disk operating systems, most commonly MS-DOS (Microsoft DOS).Continue Reading

• What is biometrics?

  Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.Continue Reading

• What is a password?

  A password is a string of characters used to verify the identity of a user during the authentication process.Continue Reading

• What is a hardware security module?

  A hardware security module (HSM) is a physical device that provides extra security for sensitive data.Continue Reading

• What is spyware?

  Spyware is a type of malicious software (malware) that is installed on a computing device without the end user's knowledge.Continue Reading

• What is SAML (Security Assertion Markup Language)?

  Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.Continue Reading

• What is threat modeling?

  Threat modeling is the systematic process of identifying threats to and vulnerabilities in software applications, and then defining countermeasures to mitigate those threats and vulnerabilities to better protect business processes, networks, systems...Continue Reading

• What is SSL (Secure Sockets Layer)?

  SSL (Secure Sockets Layer) is a networking protocol that secures connections between web clients and web servers over internal networks or the internet by encrypting the data sent between those clients and servers.Continue Reading

• What is hacktivism?

  Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.Continue Reading

• What is a private key?

  A private key, also known as a secret key, is a variable in cryptography used with an algorithm to encrypt or decrypt data.Continue Reading

• How to prevent living-off-the-land attacks

  Living-off-the-land attacks have been around since the dawn of modern computing, but they're drawing new attention from threat actors eager to find ways to penetrate defenses.Continue Reading

• What is password cracking?

  Password cracking is the process of using an application program to identify an unknown or forgotten password that allows access to a computer or network resource.Continue Reading

• Symmetric key encryption algorithms and security: A guide

  Scrambling plaintext into ciphertext is essential to ensure data cannot be read or used by the wrong people. Learn the basics of symmetric key encryption algorithms here.Continue Reading

• Top 12 online cybersecurity courses for 2025

  Our panel of experts picked the best free and paid online cybersecurity courses for professionals looking to advance their careers and for newbies breaking into the field.Continue Reading

• 10 must-have cybersecurity skills for career success in 2025

  Looking to advance your cybersecurity career? Here are the skills you need to win a CISO job, land a threat hunter gig and snag other security positions in high demand.Continue Reading

• What is a public key and how does it work?

  In cryptography, a public key is a large numerical value that is used to encrypt data.Continue Reading

• What is a proxy firewall?

  A proxy firewall is a network security system that protects network resources by filtering messages at the application layer.Continue Reading

• What is a public key certificate?

  A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.Continue Reading

• How to use the Hydra password-cracking tool

  Ethical hackers: Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with this step-by-step tutorial and companion video.Continue Reading