Get started

Get started

Bring yourself up to speed with our introductory content.

• Essential Guide: Security Analytics

  It's tough to get reliable security data. This Security School explains how to use security analytics to safeguard your network system's health. Continue Reading

• incident response plan (IRP)

  An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or ... Continue Reading

• BYOI (bring your own identity)

  BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon. Continue Reading

• inline network device

  An inline network device is one that receives packets and forwards them to their intended destination. Continue Reading

• SSL checker (secure socket layer checker)

  An SSL checker (Secure Sockets Layer checker) is a tool that helps an organization verify proper installation of an SSL certificate on a Web server to ensure it is valid, trusted and will work properly for its users. Continue Reading

• Definitions to Get Started

  • What is cybersecurity?
  • Android System WebView
  • data masking
  • computer worm

  • corporate governance
  • cyber attack
  • homomorphic encryption
  • DomainKeys Identified Mail (DKIM)

  View All Definitions

• madware

  Madware is a type of aggressive advertising that affects smartphones and tablets. The name, which is a portmanteau combining the words mobile and adware, was coined by the security vendor Symantec to describe a type of intrusive advertising that ...Continue Reading

• privacy impact assessment (PIA)

  A privacy impact assessment (PIA) is an analysis of how an individual's or groups of individuals' personally identifiable information is collected, used, shared and maintained by an organization.Continue Reading

• 2013 Security 7 award winners revealed

  Inside, uncover the winners of our Security 7 awards, which recognize outstanding information security professionals in seven sectors.Continue Reading

• mandatory access control (MAC)

  Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or ...Continue Reading

• USGCB (United States Government Configuration Baseline)

  The United States Government Configuration Baseline, or USGCB, is a government-wide initiative that provides guidance on information security configuration best practices for IT products leveraged by federal agencies.Continue Reading

• Use John the Ripper to test network devices against brute forcing

  Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading

• CSR (Certificate Signing Request)

  A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to ...Continue Reading

• ISO 27002 (International Organization for Standardization 27002)

  The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.Continue Reading

• privileged identity management (PIM)

  Privileged identity management (PIM) is the monitoring and protection of superuser accounts in an organization’s IT environments. Oversight is necessary so that the greater access abilities of super control accounts are not misused or abused. ...Continue Reading

• domain fluxing

  Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.Continue Reading

• PCI 3.0 special report: The state of payment card compliance

  Get an in-depth analysis of PCI DSS 3.0, an illustrated history of PCI DSS and insights on the future of enterprise payment card compliance.Continue Reading

• Virtualization security dynamics get old

  Virtualization and cloud computing are more popular than ever, yet bolted-on security remains the norm. Chris Hoff explains what needs to change.Continue Reading

• The history of the PCI DSS standard: A visual timeline

  The origins of the PCI Data Security Standard date back to the late 1990s. Explore key events in the history of PCI DSS, from Y2K to PCI DSS 3.0.Continue Reading

• The value of 2,048-bit encryption: Why encryption key length matters

  Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading

• Security Readers' Choice Awards 2013

  We tallied more than 1,000 readers' votes in 19 categories to come up with the winners of the Information Security Readers' Choice Awards 2013.Continue Reading

• context-aware security

  Context-aware security is the use of situational information (such as identity, location, time of day or type of endpoint device) to improve information security decisions.Continue Reading

• online risk

  Online risk is the vulnerability of an organization's internal resources that arises from the organization using the Internet to conduct business.Continue Reading

• cold boot attack

  A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.Continue Reading

• How to define SIEM strategy, management and success in the enterprise

  Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization.Continue Reading

• audit log (AL)

  An audit log is a document that records an event in an information (IT) technology system.Continue Reading

• An introduction to Web application threat modeling

  Video: VerSprite's Tony UcedaVelez explains how Web application threat modeling assesses Web risk and how it differs from penetration testing.Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading

• access list (AL)

  An access list (AL) is a list of permissions used in physical and information technology (IT) security to control who is allowed contact with a corporate asset.  The asset can be a building, a room or a computer file. Continue Reading

• Microsoft FIM (Microsoft Forefront Identity Manager)

  Microsoft Forefront Identity Manager (FIM) is a self-service identity management software suite.Continue Reading

• Enterprise mobile device security 2012

  SearchSecurity.com's editors surveyed nearly 500 enterprise security professionals on mobile device security in the enterprise.Continue Reading

• Computer Fraud and Abuse Act (CFAA)

  The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization.Continue Reading

• Zeus Trojan (Zbot)

  Zeus, also known as Zbot, is a malware toolkit that allows a cybercriminal to build his own Trojan Horse. A Trojan Horse is programming that appears to be legitimate but actually hides an attack.Continue Reading

• memory-scraping malware

  Memory-scraping malware is a type of malware that helps hackers to find personal data. It examines memory to search for sensitive data that is not available through other processes.Continue Reading

• Occupational Safety and Health Administration (OSHA)

  Occupational Safety and Health Administration (OSHA) is a federal organization (part of the Department of Labor) that ensures safe and healthy working conditions for Americans by enforcing standards and providing workplace safety training.Continue Reading

• differential power analysis (DPA)

  A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.Continue Reading

• information-centric security

  Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.Continue Reading

• Trusted Cloud Initiative

  The Trusted Cloud Initiative is a program of the Cloud Security Alliance industry group created to help cloud service providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations and ...Continue Reading

• Soc 3 (Service Organization Control 3)

  A Service Organization Control 3 (Soc 3) report outlines information related to a service organization’s internal controls in security, availability, processing integrity, confidentiality or privacy.Continue Reading

• Soc 2 (Service Organization Control 2)

  A Service Organization Control 2 (Soc 2) reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy.Continue Reading

• PCI Security Standards Council

  The PCI Security Standards Council is an organization created by the major credit card companies in an effort to better protect credit card holder data.Continue Reading

• Security School: Data breach prevention strategies

  In this lesson, expert Nick Lewis establishes a baseline data breach prevention strategy every enterprise should have in place.Continue Reading

• ENISA (European Network and Information Security Agency)

  The European Network and Information Security Agency (ENISA) is a European Union (EU) agency dedicated to preventing and addressing network security and information security problems.Continue Reading

• Technical Guide on SIM

  Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting.Continue Reading

• RSA Conference 2012 to feature cloud computing, mobile threats

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• RSA Conference 2012: Special Conference Coverage

  Get news from RSA Conference 2012. Cloud computing, mobile threats and attack intelligence gathering are likely to be among this year's top themes.Continue Reading

• Security School: Network content monitoring must-haves

  In this new lesson, expert Mike Chapple explores how to best prioritize and strategize for data protection investments to protect key content.Continue Reading

• Duqu (W32.Duqu)

  Duqu is a remote access Trojan (RAT) that is designed to steal data from computers it infects.Continue Reading

• enterprise security governance

  Enterprise security governance is a company's strategy to reduce risk by protecting systems and information, as well as its execution of that strategy.Continue Reading

• social media policy

  A social media policy (also called a social networking policy)  is a corporate code of conduct that provides guidelines for employees who post content on the Internet either as part of their job or as a private person.Continue Reading

• TDL-4 (TDSS or Alureon)

  TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.Continue Reading

• application blacklisting

  Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or ...Continue Reading

• malvertisement (malicious advertisement or malvertising)

  A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.Continue Reading

• blue pill rootkit

  The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources. Joanna Rutkowska, a security researcher for Singapore-based IT security firm COSEINC, developed the Blue Pill rootkit as proof-of-concept malware, ...Continue Reading

• Common Weakness Enumeration (CWE)

  Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)Continue Reading

• internal control

  An internal control is a business practice, policy or procedure that is established within an organization to create value or minimize risk.Continue Reading

• BIOS rootkit attack

  A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code. A BIOS rootkit is programming that enables remote administration.Continue Reading

• BIOS rootkit

  A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS ...Continue Reading

• authentication, authorization, and accounting (AAA)

  Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.Continue Reading

• wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.Continue Reading

• privilege escalation attack

  A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.Continue Reading

• user account provisioning

  User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of...Continue Reading

• advanced evasion technique (AET)

  An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection systemContinue Reading

• Pwn2Own

  Pwn2Own is an annual hacking competition sponsored by security vendor TippingPoint and held at the CanSecWest security conference.Continue Reading

• alternate data stream (ADS)

  An alternate data stream (ADS) is a feature of Windows New Technology File System (NTFS) that contains metadata for locating a specific file by author or title.Continue Reading

• bot worm

  A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that...Continue Reading

• Security as a Service (SaaS)

  Security-as-a-service (SaaS) is an outsourcing model for security management. Typically, Security as a Service involves applications such as anti-virus software delivered over the Internet but the term can also refer to security management provided ...Continue Reading

• Qualified Security Assessor (QSA)

  A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance.Continue Reading

• FAQ: An introduction to the ISO 31000 risk management standard

  Learn more about ISO 31000:2009, a new risk management standard: It's plainly written, short, process-oriented and relevant reading for anyone dealing with risk.Continue Reading

• national identity card

  A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity. Since the World Trade Center tragedy of ...Continue Reading

• government Trojan

  A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals ...Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a technique used by ethical hackers to discover security loopholes in software, operating systems or networks by massive inputting of random data to the system in an attempt to make it crash.Continue Reading

• Same Origin Policy (SOP)

  The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integrity of information.Continue Reading

• Operation Phish Phry

  Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities.Continue Reading

• RAT (remote access Trojan)

  A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the...Continue Reading

• FERPA (Family Educational Rights and Privacy Act of 1974)

  FERPA (Family Educational Rights and Privacy Act of 1974) is legislation that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.Continue Reading

• Class C2

  Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests.Continue Reading

• honey monkey

  A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet. The expression, coined by Microsoft, is based on the term honey pot, which refers to a computer system ...Continue Reading

• LEAP (Lightweight Extensible Authentication Protocol)

  LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. LEAP is designed to provide more secure authentication for 802.11 ...Continue Reading

• PEAP (Protected Extensible Authentication Protocol)

  PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local ...Continue Reading

• phlashing

  Phlashing is a permanent denial of service (PDoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable... (Continued)Continue Reading

• password hardening

  Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process.Continue Reading

• keystroke dynamics

  Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued)Continue Reading

• anti-money laundering software (AML)

  Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued)Continue Reading

• DNS rebinding attack

  DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works on widely-used routers such as D-Link and Linksys and could, in fact, target any device that uses a...Continue Reading

• Open Source Hardening Project

  The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal...Continue Reading

• finger vein ID

  Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)Continue Reading

• role mining

  Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading

• PAN truncation (primary account number)

  PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued)Continue Reading

• Rock Phish

  Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit ...Continue Reading

• JavaScript hijacking

  JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)Continue Reading

• defense in depth

  Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)Continue Reading

• phreak

  A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.Continue Reading

• user profile

  In a Windows environment, a user profile is a record of user-specific data that define the user's working environment.Continue Reading

• logon (or login)

  In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading

• cloaking

  Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

• Cisco Certified Security Professional (CCSP)

  A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

• digest authentication

  Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

• trusted computing

  Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

• Quiz: Who Done IT? A Murder Mystery

  How to take the quiz: - After reading the question, click on the answer that you think is correctContinue Reading

• Klez

  Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading