Get started

Get started

Bring yourself up to speed with our introductory content.

• cloud workload protection

  Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments. Businesses that use public and private clouds can use cloud workload protection platforms to help defend themselves against cyber attacks. Continue Reading

• How to build a cybersecurity deception program

  In 'The Art of War,' Sun Tzu declared, 'All warfare is based on deception.' Learn how to apply this principle in the enterprise by building a cybersecurity deception program. Continue Reading

• International Information Systems Security Certification Consortium (ISC)2

  (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates. Continue Reading

• two-step verification

  Two-step verification is a process that involves two authentication steps performed one after the other to verify that someone or something requesting access is who or what they say they are. Continue Reading

• How to use the John the Ripper password cracker

  Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading

• Definitions to Get Started

  • What is a CISO (chief information security officer)?
  • What is biometric authentication?
  • What is cloud infrastructure entitlement management (CIEM)?
  • What is cybersecurity?

  • What is a CISO as a service (CISOaaS)?
  • What is post-quantum cryptography? Comprehensive guide
  • What is a message authentication code (MAC)? How it works and best practices
  • What is SIEM (security information and event management)?

  View All Definitions

• private CA (private PKI)

  A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.Continue Reading

• Microsoft Defender for Endpoint (formerly Windows Defender ATP)

  Microsoft Defender for Endpoint -- formerly Microsoft Defender Advanced Threat Protection or Windows Defender ATP -- is an endpoint security platform designed to help enterprise-class organizations prevent, detect and respond to security threats.Continue Reading

• How to create fine-grained password policy in AD

  Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements.Continue Reading

• How to enable Active Directory fine-grained password policies

  Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help.Continue Reading

• How to use a public key and private key in digital signatures

  Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents.Continue Reading

• AWS CloudTrail

  AWS CloudTrail is an application program interface (API) call-recording and log-monitoring service offered by Amazon Web Services (AWS).Continue Reading

• Practice Microsoft SC-100 exam questions with answers

  Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam.Continue Reading

• intrusion prevention system (IPS)

  An intrusion prevention system (IPS) is a cybersecurity tool that examines network traffic to identify potential threats and automatically take action against them.Continue Reading

• How to prepare for the Microsoft Cybersecurity Architect exam

  Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more.Continue Reading

• Defining policy vs. standard vs. procedure vs. control

  Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control.Continue Reading

• deprovisioning

  Deprovisioning is the part of the employee lifecycle in which access rights to software and network services are taken away.Continue Reading

• An intro to the IDMZ, the demilitarized zone for ICSes

  Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats.Continue Reading

• cardholder data (CD)

  Cardholder data (CD) is any personally identifiable information (PII) associated with a person who has a credit or debit card.Continue Reading

• PCI DSS merchant levels

  Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.Continue Reading

• CSR (Certificate Signing Request)

  A Certificate Signing Request (CSR) is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA).Continue Reading

• authentication factor

  An authentication factor is a category of credential that is intended to verify, sometimes in combination with other factors, that an entity involved in some kind of communication or requesting access to some system is who, or what, they are ...Continue Reading

• Vulnerability management vs. risk management, compared

  Vulnerability management seeks out security weaknesses in an organization, while risk management involves looking holistically at how the company is running.Continue Reading

• three-factor authentication (3FA)

  Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories.Continue Reading

• cyber espionage

  Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity.Continue Reading

• FIDO (Fast Identity Online)

  FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication.Continue Reading

• quantum supremacy

  Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classical computers by performing calculations previously impossible at unmatched speeds.Continue Reading

• antivirus software (antivirus program)

  Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices.Continue Reading

• YubiKey

  YubiKey is a security token that enables users to add a second authentication factor to online services from tier 1 vendor partners, including Google, Amazon, Microsoft and Salesforce.Continue Reading

• information security (infosec)

  Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information.Continue Reading

• cyberwarfare

  The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm.Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a quality assurance technique used to discover coding errors or bugs and security loopholes in software, operating systems and networks.Continue Reading

• sudo (su 'do')

  Sudo is a command-line utility for Unix and Unix-based operating systems such as Linux and macOS.Continue Reading

• E-Sign Act (Electronic Signatures in Global and National Commerce Act)

  The E-Sign Act (Electronic Signatures in Global and National Commerce Act) is a U.S. federal law that specifies that, in the United States, the use of an electronic signature (e-signature) is as legally valid as a traditional signature written in ...Continue Reading

• social media policy

  A social media policy is a corporate code of conduct that provides guidelines for employees who post content on the internet either as part of their job or as a private person.Continue Reading

• crypto wallet (cryptocurrency wallet)

  A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency.Continue Reading

• reverse brute-force attack

  A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple usernames in an attempt to gain access to a network.Continue Reading

• Windows Defender Exploit Guard

  Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.Continue Reading

• SOC 3 (System and Organization Controls 3)

  A System and Organization Controls 3 (SOC 3) report outlines information related to a service organization's internal controls for security, availability, processing integrity, confidentiality and privacy.Continue Reading

• tokenization

  Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.Continue Reading

• messaging security

  Messaging security is a subcategory of unified threat management, or UTM, focused on securing and protecting an organization's communication infrastructure.Continue Reading

• WebAuthn API

  The Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web applications authenticate users without storing their passwords on servers.Continue Reading

• How to use BeEF, the Browser Exploitation Framework

  The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks.Continue Reading

• Dridex malware

  Dridex is a form of malware that targets victims' banking information, with the main goal of stealing online account credentials to gain access to their financial assets.Continue Reading

• backdoor (computing)

  A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.Continue Reading

• Heartbleed

  Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library.Continue Reading

• What is Triple DES and why is it being disallowed?

  Triple DES no longer provides the encryption strength it once did. Prepare now to transition away from its use to a more security alternative.Continue Reading

• credential theft

  Credential theft is a type of cybercrime that involves stealing a victim's proof of identity.Continue Reading

• self-sovereign identity

  Self-sovereign identity (SSI) is a model for managing digital identities in which individuals or businesses have sole ownership over the ability to control their accounts and personal data.Continue Reading

• Certified Information Systems Security Professional (CISSP)

  Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².Continue Reading

• privilege creep

  Privilege creep is the gradual accumulation of access rights beyond what individuals need to do their job.Continue Reading

• GPS jamming

  GPS jamming is the act of using a frequency transmitting device to block or interfere with radio communications.Continue Reading

• What are the differences between su and sudo commands?

  Linux administrators have choices when deciding how to delegate privileges. Learn about the options they can take while ensuring their operations remain secure.Continue Reading

• 12 types of wireless network attacks and how to prevent them

  From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them.Continue Reading

• Evil Corp

  Evil Corp is an international cybercrime network that uses malicious software to steal money from victims' bank accounts and to mount ransomware attacks.Continue Reading

• Trojan horse

  In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.Continue Reading

• 7 steps to implementing a successful XDR strategy

  There's still confusion around what extended detection and response is, but it will play a key role in enterprise security. To successfully implement XDR, follow these steps.Continue Reading

• Top 5 key ethical hacker skills

  Ethical hacking can be a rewarding career, but it requires tenacity, curiosity and creativity, among other traits. Oh, and you better be a good writer, too.Continue Reading

• Common Body of Knowledge (CBK)

  In security, the Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.Continue Reading

• buffer underflow

  A buffer underflow, also known as a buffer underrun or a buffer underwrite, is when the buffer -- the temporary holding space during data transfer -- is fed data at a lower rate than it is being read from.Continue Reading

• Advice for beginner computer forensic investigators

  For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence.Continue Reading

• RAT (remote access Trojan)

  A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer.Continue Reading

• Top 10 pen testing interview questions with answers

  Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts.Continue Reading

• Top IT security manager interview questions

  Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions.Continue Reading

• Diffie-Hellman key exchange (exponential key exchange)

  Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.Continue Reading

• An overview of the CISA Zero Trust Maturity Model

  A zero-trust framework blocks all attempts to access internal infrastructure without authentication. The CISA Zero Trust Maturity Model is a roadmap to get there.Continue Reading

• The 5 principles of zero-trust security

  Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security.Continue Reading

• Why zero trust requires microsegmentation

  Microsegmentation is a key security technique that enables organizations to achieve a zero-trust model and helps ensure the security of workloads regardless of where they are located.Continue Reading

• How to get into cybersecurity with no experience

  Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door.Continue Reading

• MICR (magnetic ink character recognition)

  MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or originality of checks and other paper documents.Continue Reading

• How DKIM records reduce email spoofing, phishing and spam

  Learn how implementing DomainKeys Identified Mail helps protect against phishing, spam and email forgery by digitally signing outgoing messages.Continue Reading

• data masking

  Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.Continue Reading

• How to become a CISO

  The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job.Continue Reading

• computer worm

  A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.Continue Reading

• Sample CompTIA CASP+ practice questions with answers

  Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts.Continue Reading

• How to prepare for the CompTIA CASP+ exam

  Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam.Continue Reading

• How to create and add an SPF record for email authentication

  Learn how to create Sender Policy Framework records to list authenticated mail servers for an email domain to fight spam, phishing, email forgery and other malicious email.Continue Reading

• How to start developing a plan for SASE implementation

  From prioritizing business problems to identifying future initiatives to assessing critical tool gaps, learn how to create a realistic SASE implementation roadmap.Continue Reading

• How SPF records prevent email spoofing, phishing and spam

  Forged email has long been used by hackers to break into protected systems. Learn how the Sender Policy Framework protocol helps stop spoofing, phishing and other malicious mail.Continue Reading

• homomorphic encryption

  Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.Continue Reading

• What is identity sprawl and how can it be managed?

  With identity-based attacks on the rise, organizations need to prioritize identity management. Learn about identity sprawl, why it's a risk and how it can be managed.Continue Reading

• How to create a threat profile, with template

  Read five key steps on how to create a threat profile, and get started making them customized to your organization with our free template.Continue Reading

• What is DomainKeys Identified Mail (DKIM)?

  DomainKeys Identified Mail (DKIM) is a protocol for authenticating email messages using public key cryptography to protect against forged emails.Continue Reading

• What is Domain-based Message Authentication, Reporting and Conformance (DMARC)?

  The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol is one leg of the tripod of internet protocols that support email authentication methods.Continue Reading

• Is ethical hacking legal? And more ethical hacking advice

  Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker.Continue Reading

• Ethical hacking: How to conduct a Sticky Keys hack

  Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack.Continue Reading

• Data masking vs. data encryption: How do they differ?

  Discover how the data security techniques of data masking and data encryption compare, while also learning about different types of both and their use cases.Continue Reading

• SSH2 vs. SSH1 and why SSH versions still matter

  The Secure Shell protocol, SSH, was redesigned and released as SSH2 in 2006. While SSH1 lingers for legacy uses, find out how the protocols differ and why it's important.Continue Reading

• data breach

  A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an unauthorized fashion.Continue Reading

• insider threat

  An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.Continue Reading

• data compliance

  Data compliance is a process that identifies the applicable governance for data protection, security, storage and other activities and establishes policies, procedures and protocols ensuring data is fully protected from unauthorized access and use, ...Continue Reading

• VMDR: Inside vulnerability management, detection and response

  VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool?Continue Reading

• 3 steps for getting started with security service edge

  Before getting started with security service edge (SSE), formulate a migration strategy. Check out these three expert tips for tackling SSE with maximum efficiency and ease.Continue Reading

• SecOps vs. CloudSecOps: What does a CloudSecOps team do?

  Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play.Continue Reading

• How to use SSH tunnels to cross network boundaries

  The Secure Shell protocol authenticates and encrypts network connections. Find out how it's used to build tunnels while crossing private networks and even firewalls.Continue Reading

• Top 7 types of data security technology

  These seven types of data security technologies -- from encryption to masking -- will better protect customer and enterprise data from inappropriate and unauthorized access and use.Continue Reading

• How to create a critical infrastructure incident response plan

  Does your organization have an incident response plan for disruptions to critical infrastructure? Learn how to write a successful plan for your company.Continue Reading

• blended threat

  A blended threat is an exploit that combines elements of multiple types of malware and usually employs various attack vectors to increase the severity of damage and the speed of contagion.Continue Reading

• Negotiating a golden parachute clause in a CISO contract

  If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash.Continue Reading

• How to determine out-of-scope bug bounty assets

  What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.'Continue Reading

• Use ssh-keygen to create SSH key pairs and more

  Learn how to use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more in this tutorial.Continue Reading