Get started

Get started

Bring yourself up to speed with our introductory content.

• What is a cloud security engineer, and how do I become one?

  A cloud security engineer has specific responsibilities for helping to secure cloud infrastructure, applications and IT assets. Continue Reading

• SSPM vs. CSPM: What's the difference?

  Posture management in the cloud is key, but evaluating different tools, such as SaaS security posture management and cloud security posture management platforms, can be confusing. Continue Reading

• risk-based vulnerability management (RBVM)

  Risk-based vulnerability management (RBVM) is an approach to identifying and addressing security vulnerabilities in an organization's IT environment that prioritizes remediating vulnerabilities that pose the greatest risk. Continue Reading

• cloud infrastructure entitlement management (CIEM)

  Cloud infrastructure entitlement management (CIEM) is a discipline for managing identities and privileges in cloud environments. Continue Reading

• What is PCI DSS (Payment Card Industry Data Security Standard)?

  The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal ... Continue Reading

• Definitions to Get Started

  • What is a firewall and why do I need one?
  • What is risk appetite?
  • What is penetration testing?
  • What is a security operations center (SOC)?

  • What is a risk profile? Definition, examples and types
  • What is risk reporting?
  • What is a risk map (risk heat map)?
  • What is risk exposure in business?

  View All Definitions

• What is Data Encryption Standard (DES)?

  Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.Continue Reading

• What is role-based access control (RBAC)?

  Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.Continue Reading

• What is a potentially unwanted program (PUP)?

  A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading

• remote access

  Remote access is the ability for an authorized person to access a computer or network from a geographical distance through a network connection.Continue Reading

• Federal Information Security Modernization Act (FISMA)

  ): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats.Continue Reading

• cloud security posture management (CSPM)

  Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud.Continue Reading

• Cloud Security Alliance (CSA)

  The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.Continue Reading

• Stateful vs. stateless firewalls: Understanding the differences

  Stateful firewalls are the norm in most networks, but there are still times where a stateless firewall fits the bill. Learn how these firewalls work and what approach might be best.Continue Reading

• identity management (ID management)

  Identity management (ID management) is the organizational process for ensuring individuals have the appropriate access to technology resources.Continue Reading

• cryptanalysis

  Cryptanalysis is the study of ciphertext, ciphers and cryptosystems to understand how they work and to find and improve techniques for defeating or weakening them.Continue Reading

• single sign-on (SSO)

  Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a username and password -- to access multiple applications.Continue Reading

• Data protection impact assessment template and tips

  Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information.Continue Reading

• Fuzzy about fuzz testing? This fuzzing tutorial will help

  Organizations are searching for ways to automate and improve their application security processes. Fuzz testing is one way to fill in some of the gaps.Continue Reading

• virus (computer virus)

  A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an infected system and it often propagates to other systems, much like a biological virus spreads from host to host.Continue Reading

• Certified Information Security Manager (CISM)

  Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.Continue Reading

• How data poisoning attacks work

  Generative AI brings business opportunities to the enterprise but also security risks. Learn about an evolving attack vector called data poisoning and how it works.Continue Reading

• What is cryptography?

  Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is intended can read and process it.Continue Reading

• 4 types of prompt injection attacks and how they work

  Compromised LLMs can expose sensitive corporate data and put organizations' reputations at risk. Learn about four types of prompt injection attacks and how they work.Continue Reading

• asymmetric cryptography

  Asymmetric cryptography, also known as public key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.Continue Reading

• identity provider

  An identity provider (IdP) is a system component that provides an end user or internet-connected device with a single set of login credentials that ensures the entity is who or what it says it is across multiple platforms, applications and networks.Continue Reading

• vulnerability assessment

  A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.Continue Reading

• The differences between inbound and outbound firewall rules

  Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses.Continue Reading

• DoS vs. DDoS: How they differ and the damage they cause

  DoS and DDoS attacks may not be new, but that doesn't mean they are any less disruptive to organizations. Companies should understand what they are and how they work.Continue Reading

• How dynamic malware analysis works

  Security teams use dynamic malware analysis to uncover how malware works -- and thereby improve threat hunting and incident detection capabilities.Continue Reading

• phishing

  Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.Continue Reading

• Multi-cloud security challenges and best practices

  Where multi-cloud goes, security complexity follows. From configuration to visibility, organizations must be aware of these main challenges and how to overcome them.Continue Reading

• computer forensics (cyber forensics)

  Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.Continue Reading

• How to use a jump server to link security zones

  Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely.Continue Reading

• What is cybersecurity?

  Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats.Continue Reading

• Advanced Encryption Standard (AES)

  The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.Continue Reading

• How to craft cyber-risk statements that work, with examples

  A cyber-risk statement should be clear, concise and simple -- but that doesn't mean it's easy to write. Get tips and read our cyber-risk statement examples.Continue Reading

• operational risk

  Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations.Continue Reading

• What is cybersecurity mesh and how can it help you?

  The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments.Continue Reading

• How to conduct a social engineering penetration test

  Social engineering attacks are becoming more sophisticated and more damaging. Penetration testing is one of the best ways to learn how to safeguard your systems against attack.Continue Reading

• Understand the pros and cons of enterprise password managers

  Almost half of breaches occur because of compromised credentials. Using a password manager to control how users create their IDs may be a good step to protect enterprise assets.Continue Reading

• cyberterrorism

  Cyberterrorism is usually defined as any premeditated, politically motivated attack against information systems, programs, and data that threatens violence or results in violence.Continue Reading

• keylogger (keystroke logger or system monitor)

  A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.Continue Reading

• encryption

  Encryption is the method by which information is converted into secret code that hides the information's true meaning.Continue Reading

• dictionary attack

  A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.Continue Reading

• SOAR (security orchestration, automation and response)

  SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.Continue Reading

• communications security (COMSEC)

  Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred.Continue Reading

• Cybersecurity career path: 5-step guide to success

  Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity.Continue Reading

• What is incident response? A complete guide

  Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.Continue Reading

• indicators of compromise (IOC)

  Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.Continue Reading

• digital forensics and incident response (DFIR)

  Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events.Continue Reading

• Business continuity vs. disaster recovery vs. incident response

  To stay in business, expect the unexpected. Learn how business continuity, disaster recovery and incident response differ -- and why organizations need plans for all three.Continue Reading

• Incident response automation: What it is and how it works

  Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder.Continue Reading

• information assurance (IA)

  Information assurance (IA) is the practice of protecting physical and digital information and the systems that support the information.Continue Reading

• How to conduct incident response tabletop exercises

  Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event.Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.Continue Reading

• How to create a CSIRT: 10 best practices

  The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team.Continue Reading

• Incident management vs. incident response explained

  While even many seasoned cybersecurity leaders use the terms 'incident management' and 'incident response' interchangeably, they aren't technically synonymous.Continue Reading

• incident response team

  An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.Continue Reading

• Incident response: How to implement a communication plan

  Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started.Continue Reading

• vulnerability management

  Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems.Continue Reading

• sandbox

  A sandbox is an isolated testing environment that enables users to run programs or open files without affecting the application, system or platform on which they run.Continue Reading

• Top 30 incident response interview questions

  Job interviews are nerve-wracking, but preparation can minimize jitters and position you to land the role. Get started with these incident response interview questions and answers.Continue Reading

• NIST Cybersecurity Framework

  The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk.Continue Reading

• How to become an incident responder: Requirements and more

  Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications.Continue Reading

• Why effective cybersecurity is important for businesses

  Cyber attacks can have serious financial and business consequences for companies, which makes implementing strong cybersecurity protections a critical step.Continue Reading

• identity theft

  Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.Continue Reading

• one-time password

  A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates a user for a single transaction or login one-time password session.Continue Reading

• email signature

  An email signature -- or signature block or signature file -- is the short text that appears at the end of an email message to provide more information about the sender.Continue Reading

• Web fuzzing: Everything you need to know

  Web fuzzing provides automated web application testing, which enables security teams to discover vulnerabilities within web apps before attackers do.Continue Reading

• Zoombombing

  Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app.Continue Reading

• CISO (chief information security officer)

  The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and ...Continue Reading

• 9 cybersecurity trends to watch in 2024

  Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready?Continue Reading

• advanced persistent threat (APT)

  An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period.Continue Reading

• timing attack

  A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.Continue Reading

• privileged identity management (PIM)

  Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.Continue Reading

• possession factor

  The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...Continue Reading

• CISO as a service (vCISO, virtual CISO, fractional CISO)

  A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.Continue Reading

• SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags

  Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best.Continue Reading

• How to protect your organization from IoT malware

  IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks.Continue Reading

• cardholder data environment (CDE)

  A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores or transmits cardholder data or sensitive payment authentication data.Continue Reading

• mandatory access control (MAC)

  Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.Continue Reading

• 7 useful hardware pen testing tools

  Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more.Continue Reading

• cybersecurity asset management (CSAM)

  Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its ...Continue Reading

• authentication

  Authentication is the process of determining whether someone or something is who or what they say they are.Continue Reading

• ISO 27002 (International Organization for Standardization 27002)

  The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.Continue Reading

• supercookie

  A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits.Continue Reading

• What does an IT security manager do?

  IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection.Continue Reading

• What an email security policy is and how to build one

  Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company.Continue Reading

• Top 12 IT security frameworks and standards explained

  Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right ones for your organization.Continue Reading

• How to create a company password policy, with template

  Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use.Continue Reading

• integrated risk management (IRM)

  Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.Continue Reading

• How to use SDelete to ensure deleted data is gone for good

  When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data.Continue Reading

• Plundervolt

  Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).Continue Reading

• SSAE 16

  The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (...Continue Reading

• soft token

  A soft token is a software-based security token that generates a single-use login personal identification number (PIN).Continue Reading

• Structured Threat Information eXpression (STIX)

  Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.Continue Reading

• antispoofing

  Antispoofing is a technique for identifying and dropping packets that have a false source address.Continue Reading

• Google Authenticator

  Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure ...Continue Reading

• Cybersecurity vs. cyber resilience: What's the difference?

  Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach.Continue Reading

• Secure Sockets Layer certificate (SSL certificate)

  A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.Continue Reading