Get started

Get started

Bring yourself up to speed with our introductory content.

• What do organizations need to know about privacy in a HIPAA audit?

  A HIPAA audit covers privacy compliance, and organizations need to be prepared. Expert Mike Chapple discusses privacy in the audits. Continue Reading

• Tips for creating a data classification policy

  Before deploying and implementing a data loss prevention product, enterprises should have an effective data classification policy in place. Expert Bill Hayes explains how that can be done. Continue Reading

• A new trend in cybersecurity regulations could mean tougher compliance

  State cybersecurity regulations may mean compliance will get more complicated, and that has experts worried. Learn what's causing this trend and what organizations should prepare for. Continue Reading

• How to keep track of sensitive data with a data flow map

  Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored. Continue Reading

• State of the Network study: How security tasks are dominating IT staff

  The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it. Continue Reading

• Definitions to Get Started

  • ISO 31000 Risk Management
  • voice squatting
  • multifactor authentication
  • cyber insurance

  • Protected Extensible Authentication Protocol (PEAP)
  • principle of least privilege (POLP)
  • DNS over HTTPS (DoH)
  • governance, risk and compliance (GRC)

  View All Definitions

• Introduction to database security tools for the enterprise

  Expert Adrian Lane explains why database security tools play a significant, if not the majority, role in protecting data in the enterprise data center.Continue Reading

• Six criteria for procuring security analytics software

  Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs.Continue Reading

• Introduction to unified threat management appliances

  Expert Ed Tittel describes unified threat management (UTM) appliances and features, and explains its advantages to organizations of all sizes.Continue Reading

• Common Vulnerabilities and Exposures (CVE)

  Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.Continue Reading

• The three enterprise benefits of SSL VPN products

  Expert Karen Scarfone outlines the ways SSL VPN products can secure network connections and communications for organizations.Continue Reading

• Microsoft Schannel (Microsoft Secure Channel)

  The Microsoft Secure Channel or Schannel is a security package that facilitates the use of Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) encryption on Windows platforms.Continue Reading

• The top full disk encryption products on the market today

  Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry.Continue Reading

• The secrets of proper firewall maintenance and security testing techniques

  The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks.Continue Reading

• What are the secrets to SIEM deployment success?

  Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation.Continue Reading

• Introduction to security analytics tools in the enterprise

  Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats.Continue Reading

• How should agencies prepare for federal security scanning?

  What do agencies need to consider before going through the Department of Homeland Security's network security scanning? Expert Mike Chapple answers.Continue Reading

• Four questions to ask before buying a Web application firewall

  Web application firewalls are complex products. Expert Brad Causey explains the key criteria enterprises need to consider before investing in a WAF product.Continue Reading

• Six ways to use wireless intrusion prevention systems in the enterprise

  Expert George V. Hulme presents six real-world use cases for the deployment of WIPS to beef up wireless network security in the enterprise.Continue Reading

• Introduction to intrusion detection and prevention technologies

  Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important.Continue Reading

• Business-use scenarios for a Web application firewall deployment

  Web application firewalls can be a critical security layer for many companies. Expert Brad Causey explains when and how to deploy a WAF in the enterprise.Continue Reading

• Getting to know the new GIAC certification: GCCC

  The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why.Continue Reading

• What's the best way to find enterprise compliance tools?

  Looking for compliance tools? Expert Mike Chapple explains why the best place to start the search is within your own information security infrastructure.Continue Reading

• How to increase the importance of information security in enterprises

  Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.Continue Reading

• What is endpoint security? What benefits does it offer?

  The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.Continue Reading

• Detecting backdoors: The Apple backdoor that never was?

  The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.Continue Reading

• soft token

  A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display.Continue Reading

• out-of-band authentication

  Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password. Out-of-band authentication is often used in financial ...Continue Reading

• possession factor

  The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...Continue Reading

• four-factor authentication (4FA)

  Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.Continue Reading

• COMSEC (communications security)

  Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic, or to any information that is transmitted or transferred.Continue Reading

• Google Authenticator

  Google Authenticator is a security application used to verify user identities before granting access to websites and services. The application uses a two-step verification process involving two-factor authentication to make it less likely that an ...Continue Reading

• Duo Security

  Duo Security is a vendor of cloud-based two-factor authentication products.Continue Reading

• Understanding security flaws in IPv6 addressing schemes

  Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.Continue Reading

• The fundamentals of FDE: Full disk encryption in the enterprise

  Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer.Continue Reading

• The three stages of the ISO 31000 risk management process

  The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.Continue Reading

• SSL certificate (Secure Sockets Layer certificate)

  A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser.Continue Reading

• CISSP cryptography training: Components, protocols and authentication

  Spotlight article: Shon Harris outlines the main topics in the CISSP domain on cryptography -- background information, cryptography components, digital authentication, protocols and more.Continue Reading

• CISSP online training: Inside the access control domain

  Spotlight article: Shon Harris discusses the main topics covered in the CISSP domain on access control, including authorization, authentication, identity management and more.Continue Reading

• Introduction to Information Security: A Strategic-Based Approach

  In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.Continue Reading

• Security School: Distributed denial-of-service attack defense

  Check you're up to speed and ready to protect your organization from the threat of denial of service attacks.Continue Reading

• information assurance

  Information assurance (IA) is the practice of protecting against and managing risk related to the use, storage and transmission of data and information systems.Continue Reading

• Big data security analytics: Facebook's ThreatData framework

  Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense.Continue Reading

• Cloud Controls Matrix

  The Cloud Controls Matrix is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider.Continue Reading

• antispoofing

  Antispoofing is a technique for countering spoofing attacks on a computer network.Continue Reading

• address space layout randomization (ASLR)

  Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.Continue Reading

• cardholder data environment (CDE)

  A cardholder data environment or CDE is a computer system or networked group of IT systems that processes, stores and/or transmits cardholder data or sensitive payment authentication data, as well as any component that directly connects to or ...Continue Reading

• speculative risk

  Speculative risk is a category of risk that can be taken on voluntarily and will either result in a profit or loss. Continue Reading

• Essential Guide: Windows XP security after end of updates for XP

  Learn about security implications of the April 2014 Windows XP end-of-life date and the end of XP security updates, plus planning an XP migration.Continue Reading

• Beat the security odds with a cloud risk equation

  Contributor Peter Lindstrom takes on cloud security economics and offers up a simple risk equation to help security pros plan their cloud strategies.Continue Reading

• RSA 2014: News, analysis and video from RSA Conference 2014

  Find out what's happening in the infosec industry with breaking news via reporting, video and tweets by the SearchSecurity team at RSA's 2014 conference in San Francisco.Continue Reading

• Essential Guide: Security Analytics

  It's tough to get reliable security data. This Security School explains how to use security analytics to safeguard your network system's health.Continue Reading

• privacy impact assessment (PIA)

  A privacy impact assessment (PIA) is an analysis of how an individual's or groups of individuals' personally identifiable information is collected, used, shared and maintained by an organization.Continue Reading

• mandatory access control (MAC)

  Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or ...Continue Reading

• Use John the Ripper to test network devices against brute forcing

  Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading

• ISO 27002 (International Organization for Standardization 27002)

  The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.Continue Reading

• privileged identity management (PIM)

  Privileged identity management (PIM) is the monitoring and protection of superuser accounts in an organization’s IT environments. Oversight is necessary so that the greater access abilities of super control accounts are not misused or abused. ...Continue Reading

• The value of 2,048-bit encryption: Why encryption key length matters

  Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading

• Security Readers' Choice Awards 2013

  We tallied more than 1,000 readers' votes in 19 categories to come up with the winners of the Information Security Readers' Choice Awards 2013.Continue Reading

• How to define SIEM strategy, management and success in the enterprise

  Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization.Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading

• Enterprise mobile device security 2012

  SearchSecurity.com's editors surveyed nearly 500 enterprise security professionals on mobile device security in the enterprise.Continue Reading

• Security School: Data breach prevention strategies

  In this lesson, expert Nick Lewis establishes a baseline data breach prevention strategy every enterprise should have in place.Continue Reading

• Technical Guide on SIM

  Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting.Continue Reading

• RSA Conference 2012: Special Conference Coverage

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• RSA Conference 2012 to feature cloud computing, mobile threats

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• Common Weakness Enumeration (CWE)

  Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)Continue Reading

• BIOS rootkit attack

  A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code. A BIOS rootkit is programming that enables remote administration.Continue Reading

• BIOS rootkit

  A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS ...Continue Reading

• authentication, authorization, and accounting (AAA)

  Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading

• wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.Continue Reading

• user account provisioning

  User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading

• alternate data stream (ADS)

  An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.Continue Reading

• FAQ: An introduction to the ISO 31000 risk management standard

  Learn more about ISO 31000:2009, a new risk management standard: It's plainly written, short, process-oriented and relevant reading for anyone dealing with risk.Continue Reading

• government Trojan

  A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals ...Continue Reading

• Class C2

  Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.Continue Reading

• honey monkey

  A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system ...Continue Reading

• LEAP (Lightweight Extensible Authentication Protocol)

  LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 ...Continue Reading

• anti-money laundering software (AML)

  Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)Continue Reading

• Open Source Hardening Project

  The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal...Continue Reading

• role mining

  Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading

• signature file

  A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.Continue Reading