Enterprise network security

Network security hardening is a critical aspect of enterprise cyber-defense. Here you'll find network security hardening information for several areas such as network architecture, software and policies, VPNs, device management, network prevention and intrusion detection and wireless security.

Top Stories

Feature 16 May 2023
12 common network protocols and their functions explained

Networking makes the internet work, but neither can succeed without protocols. Common network protocols and their functions are key for communication and connection across the internet. Continue Reading
Tip 12 May 2023
Incident response: How to implement a communication plan

Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading

Feature 27 Feb 2023

How to create a CSIRT: 10 best practices

The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team. Continue Reading
Feature 24 Feb 2023

Top incident response service providers, vendors and software

Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
Feature 23 Feb 2023

Top incident response tools: How to choose and use them

The OODA loop can help organizations throughout the incident response process, giving insight into which tools are needed to detect and respond to security events. Continue Reading
Feature 13 Feb 2023

How to become an incident responder: Requirements and more

Incident response is a growth field that provides career growth options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
Feature 07 Feb 2023

Top 10 types of information security threats for IT teams

Common security threats range from insider threats to advanced persistent threats, and they can bring an organization to its knees unless its in-house security team is aware of them and ready to respond. Continue Reading
Tip 07 Feb 2023

CERT vs. CSIRT vs. SOC: What's the difference?

What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading
Feature 03 Feb 2023

How to build an incident response plan, with examples, template

With cyber threats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
Feature 20 Oct 2022

VPN vs. zero trust vs. SDP: What's the difference?

For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading
Feature 11 Oct 2022

How to choose the best ZTNA vendor for your organization

In a sea of options, finding the best ZTNA vendor for your organization can pose a major challenge. Weed through the marketing hype with advice from the experts. Continue Reading
Feature 26 Apr 2022

Colonial Pipeline hack explained: Everything you need to know

A ransomware attack brought a major gas pipeline to a standstill in May. Here's what happened and who was behind the hack. Continue Reading
Tip 19 Apr 2022

Why companies should make ERP security a top priority

Whether your ERP system is on premises or in the cloud, it's still vulnerable, and you need to take the right measures to secure it. Here's advice on how to do just that. Continue Reading
Feature 24 Mar 2022

SecOps and cybersecurity basics for NetOps teams

To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading
Tip 30 Dec 2021

Explore 9 essential elements of network security

Network security isn't a one-size-fits-all strategy. Dive into the various segments of network security, and learn how they overlap and interact with each other. Continue Reading
Feature 24 Nov 2021

Ultimate guide to secure remote access

This comprehensive secure remote access guide outlines the strategies, tools and best practices to provide anywhere access while protecting data, systems and users. Continue Reading
Tip 04 Nov 2021

Evaluate the components of Cisco SASE

Cisco's SASE platform, Umbrella, has all the components of a SASE architecture, but it has a lot of integration complexity and a reliance on appliances. Continue Reading
Guest Post 28 Oct 2021

Applying security to operating models requires collaboration

Balancing business needs with security is more important than ever. Integrating operating models with reference architectures is a key step in the process. Continue Reading
Feature 26 Oct 2021

5 cybersecurity personality traits for a successful career

In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
Feature 26 Oct 2021

How to start a career in cybersecurity from the human side

Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
Feature 25 Oct 2021

How to use Python for privilege escalation in Windows

Penetration testers can use Python to write scripts and services to discover security vulnerabilities. In this walkthrough, learn how to escalate privileges in Windows. Continue Reading
Feature 25 Oct 2021

Why hackers should learn Python for pen testing

The authors of 'Black Hat Python' explain the importance of learning Python for pen testing, how it helps create scripts to hack networks and endpoints, and more. Continue Reading
Feature 08 Oct 2021

4 types of ransomware and a timeline of attack examples

There are four main types of ransomware, but many examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants. Continue Reading
Feature 08 Oct 2021

The history and evolution of ransomware

Ransomware has evolved from a malicious floppy disk demanding $189 in ransom to a trillion-dollar industry with ransom for rent, sophisticated techniques and big-name victims. Continue Reading
Tip 07 Oct 2021

How to evaluate and deploy an XDR platform

Not all extended detection and response platforms are created equal. Don't take the XDR plunge before knowing exactly what to look for in an XDR platform. Continue Reading
News 30 Sep 2021

FireEye and McAfee Enterprise announce product mashup

Merger-happy investment firm STG has let slip that it will integrate the product lines of McAfee Enterprise and FireEye. Analysts say it will be a challenging road ahead. Continue Reading
Feature 07 Sep 2021

3 ransomware detection techniques to catch an attack

It's not enough to protect a company's system from ransomware. Reduce damage from attacks with these three ransomware detection methods. Continue Reading
News 02 Sep 2021

Accellion-related breach disclosures continue to unfold

Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred. Continue Reading
Feature 30 Aug 2021

Malware analysis for beginners: Getting started

With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst. Continue Reading
Feature 30 Aug 2021

Top static malware analysis techniques for beginners

Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage. Continue Reading
News 27 Aug 2021

T-Mobile offers details of data breach that affected 40M

According to T-Mobile, the hackers who stole its customer database had knowledge of the company's network and testing setup. The hack was a carefully planned network breach. Continue Reading
Guest Post 23 Aug 2021

Why zero-trust models should replace legacy VPNs

Many organizations use legacy VPNs to secure their networks, especially in the work-from-home era. Expert Pranav Kumar explains why zero-trust models are a safer option. Continue Reading
News 17 Aug 2021

Palo Alto Networks: Personal VPNs pose risks to enterprises

Researchers from Palo Alto Networks published a new report detailing the risks that personal VPNs pose to enterprise networks, including evasion tactics to bypass firewalls. Continue Reading
News 12 Aug 2021

Months after the Accellion breach, more victims emerge

The Accellion breach occurred last December, but more victims have come to light in recent weeks as investigations, notifications and disclosures stretch on through the summer. Continue Reading
Quiz 04 Aug 2021

Sample CompTIA CySA+ test questions with answers

Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
Feature 04 Aug 2021

How to prepare for the CompTIA CySA+ exam

The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
Guest Post 02 Aug 2021

Network security in the return-to-work era

IT teams are dealing with the challenge of reconnecting devices to office networks as employees return to work. Here's how your organization can overcome that challenge. Continue Reading
Feature 30 Jul 2021

Enterprises look to formalize WFH network architecture

As work-from-home programs prove they're here to stay, enterprise network teams are assessing their network designs to ensure adequate support and performance for home offices. Continue Reading
Tip 22 Jul 2021

How to conduct security patch validation and verification

Learn about the verification and validation phases of the security patch deployment cycle, two steps key to ensuring an organization's patch management procedure is proactive. Continue Reading
Feature 16 Jul 2021

2021 networking trends for a post-pandemic enterprise

In 2020, the pandemic threw the best-laid IT plans into chaos. As enterprises find their footing again, here are four network trends defining the second half of 2021. Continue Reading
News 14 Jul 2021

DPU market heats up with tech from Nvidia, Intel

Nvidia will integrate its Bluefield-2 DPU with Palo Alto Network's virtual firewall to boost performance and offer better security to handle the onslaught of cloud applications. Continue Reading
Answer 07 Jul 2021

What are port scan attacks and how can they be prevented?

Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and defend against port scan attacks. Continue Reading
News 30 Jun 2021

SentinelOne IPO raises $1.2 billion, beating estimates

the endpoint security vendor has gone public in one of the largest IPOs in the cybersecurity industry. Continue Reading
Tip 30 Jun 2021

How to rank enterprise network security vulnerabilities

Risk management programs yield massive data on network security vulnerabilities. Infosec pros must rank risks to prioritize remediation efforts. Continue Reading
Feature 23 Jun 2021

10 identity and access management tools to protect networks

IAM tools keep enterprises safe by ensuring only authorized users can access sensitive data and applications. Read this in-depth product overview of top tools on the market. Continue Reading
Tip 11 Jun 2021

The pros and cons of Palo Alto Networks' SASE platform

Palo Alto Networks is commonly mentioned in SASE discussions. While the vendor has strong security capabilities, it also brings integration complexities and PoP limitations. Continue Reading
Tip 07 Jun 2021

How to pick the best network security service provider

Managed security service providers have different levels of expertise. Be sure to match your organization's security needs with the right network security provider. Continue Reading
Tip 04 Jun 2021

5 steps to secure the hybrid workforce as offices reopen

Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading
Tip 01 Jun 2021

Who is responsible for secure remote access management?

The pandemic exposed the need for a strong secure remote access strategy. Now, organizations need to figure out which team must make it happen. Continue Reading
Feature 21 May 2021

RSA Conference 2021: 3 hot cybersecurity trends explained

In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading
Feature 21 May 2021

How to secure remote access for the hybrid work model

With the post-COVID-19 hybrid work model taking shape, discover the technologies and trends analysts and IT leaders view as the anchors to ensure secure remote access. Continue Reading
Feature 19 May 2021

12 essential features of advanced endpoint security tools

In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security tools to monitor operation functions and DLP strategies. Continue Reading
Tip 14 May 2021

Enterprises mull 5G vs. Wi-Fi security with private networks

While Wi-Fi security can be implemented just as securely as 5G, mechanisms built into 5G offer some compelling benefits to enterprises considering private 5G networks. Continue Reading
News 12 May 2021

Cyber insurance firm AXA halts coverage for ransom payments

As ransomware attacks increase across the globe and ransom payment reimbursement becomes a key issue for cyber insurers, AXA may be setting a new trend for private industries. Continue Reading
News 12 May 2021

Funding is key to strengthening national cybersecurity

In the wake of the Colonial Pipeline ransomware attack, national cybersecurity experts make the case for additional funding during a Senate hearing. Continue Reading
Feature 10 May 2021

From EDR to XDR: Inside extended detection and response

As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading
Feature 07 May 2021

Despite confusion, zero-trust journey underway for many

Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
Feature 05 May 2021

Buyers must navigate cybersecurity market confusion

Customer confusion in the security market stems from the number of new products designed to deal with a growing number of cyberthreats. Experts look at how to navigate it all. Continue Reading
Tip 30 Apr 2021

Types of MDR security services: MEDR vs. MNDR vs. MXDR

Organizations considering MDR security services should look into more tightly focused options hitting the market to find the best one for their security program's needs. Continue Reading
Feature 29 Apr 2021

Learn how to mitigate container security issues

The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading
Feature 29 Apr 2021

Adopting containers and preventing container security risks

When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading
Tip 23 Apr 2021

4 attributes key to network-as-a-service model

For a network-as-a-service model to work for the enterprise, it needs to offer four key attributes: an application-specific, elastic, secure and personalized VPN. Continue Reading
Tip 16 Apr 2021

6 SSH best practices to protect networks from attacks

SSH is essential, but default installations can be costly. Auditing and key management are among critical SSH best practices to employ at any organization. Continue Reading
Tip 15 Apr 2021

Unify on-premises and cloud access control with SDP

One security framework available to organizations struggling with on-premises and cloud access control issues is a software-defined perimeter. Learn how SDP can help. Continue Reading
Tip 09 Apr 2021

Common network vulnerabilities and how to prevent them

It's not possible to eliminate all network vulnerabilities, but network teams can implement best practices to limit potential attacks and protect their networks. Continue Reading
Tip 07 Apr 2021

MDR vs. MSSP: Why it's vital to know the difference

When assessing MDR vs. MSSP, the key is understanding why the two aren't interchangeable and how each handles response. Continue Reading
Tip 07 Apr 2021

Modern network infrastructure design taps security, flexibility

As workers return to office settings, organizations may have to update their on-premises network infrastructure design to improve scalability and connectivity. Continue Reading
Tip 01 Apr 2021

5 endpoint security best practices to keep company data safe

With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
Tip 01 Apr 2021

5 basic steps for effective cloud network security

In hybrid infrastructures, old network security systems won't work. Enterprises must adopt effective cloud network security strategies to keep their assets safe. Continue Reading
Feature 30 Mar 2021

Create an incident response plan with this free template

Want to boost your organization's ability to fight cybersecurity threats? Uncover the essentials to creating an incident response plan and download our free, editable template. Continue Reading
News 25 Mar 2021

Cyber insurance company CNA discloses cyber attack

Though the nature of the cyber attack is unclear, CNA confirmed the attack caused a network disruption and affected systems such as corporate email and the company's website. Continue Reading
News 24 Mar 2021

Nearly 100,000 web shells detected on Exchange servers

Although Microsoft reported a decrease in the number of vulnerable Exchange servers, new research shows a large amount of malicious web shells hiding inside networks. Continue Reading
Feature 22 Mar 2021

How to set up Palo Alto security profiles

Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading
Feature 22 Mar 2021

Author's advice on Palo Alto firewall, getting started

Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice. Continue Reading
News 17 Mar 2021

SolarWinds hackers stole Mimecast source code

The investigation into a stolen Mimecast-issued digital certificate is now complete, and the vendor said the initial intrusion was Sunburst malware in the SolarWinds Orion platform. Continue Reading
Feature 17 Mar 2021

Top incident response tools to boost network protection

Incident response tools can help organizations identify, prevent and respond to malware exploits, ransomware and other targeted cybersecurity attacks. Continue Reading
Tip 15 Mar 2021

Endpoint security vs. network security: Why both matter

As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading
Guest Post 08 Mar 2021

Enterprise edge is telecom operators' new frontier

Network operators have an opportunity to sell new bundles of dynamic enterprise edge services that include SASE, SD-WAN and virtual security if they size it and price it well. Continue Reading
Feature 25 Feb 2021

Get started with network penetration testing for beginners

Authentication, patching and configuration are among the most common vulnerabilities found through network penetration testing. Learn more in this free chapter excerpt. Continue Reading
Feature 25 Feb 2021

Advice on how to learn network penetration testing skills

As beginners learn network penetration testing skills, they should remember these expert tips: Pay attention to what the client wants, and stick to offense, not defense. Continue Reading
Tip 23 Feb 2021

5 cyber threat intelligence feeds to evaluate

Cyber threat intelligence feeds help organizations up their security game. While the 'best' feeds vary depending on a company's needs, here are five leading services to consider. Continue Reading
Feature 18 Feb 2021

SolarWinds fallout has enterprise CISOs on edge

As investigators uncover more about the massive SolarWinds hack, enterprise CISOs' concerns about digital supply chain security grow. Continue Reading
Tip 16 Feb 2021

7 steps for a network and IT security foundation

Enterprises should make it a habit to review their IT security systems, following steps that include network segmentation, multifactor authentication and security education. Continue Reading
Feature 08 Feb 2021

5 cybersecurity lessons from the SolarWinds breach

Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading
Tip 08 Feb 2021

How to secure remote access for WFH employees in 4 steps

The global pandemic caused mayhem on network security environments. Enterprises need to bring rigor back to their systems and tighten security for remote workers. Continue Reading
Guest Post 22 Jan 2021

Standardize cybersecurity terms to get everyone correct service

Some cybersecurity terms can refer to multiple service offerings, which can be confusing for companies looking to implement them as well as the companies providing them. Continue Reading
Feature 22 Jan 2021

SolarWinds: Lessons learned for network management, monitoring

In this roundup of networking blogs, experts reveal the critical lessons learned from the SolarWinds hack in regard to network management and monitoring capabilities. Continue Reading
Tip 20 Jan 2021

10 network security tips in response to the SolarWinds hack

From perimeter protection to persistent patching, enterprises should regularly review, update and test their network security plans, especially in response to the SolarWinds hack. Continue Reading
Tip 04 Jan 2021

Setting up and using a home VLAN to segment network traffic

Virtual LANs can help homeowners segment their network traffic for enhanced control and security. Network analyst John Fruehe takes you inside his home VLANs. Continue Reading
Feature 21 Dec 2020

Top network attacks of 2020 that will influence the decade

You've heard of phishing, ransomware and viruses. Now, keep them in mind because one cybersecurity expert says these threats and more may cause IT headaches for the next decade. Continue Reading
Feature 21 Dec 2020

Advice for an effective network security strategy

Security audits, evaluations of tools and looking realistically at trending technologies are some ways an organization can ensure its network security is the best it can be. Continue Reading
Quiz 21 Dec 2020

Test your network threats and attacks expertise in this quiz

Network security is an ever-changing subject, but many of its common threats have plagued IT pros for years -- and will likely continue to do so. See what you know in this quiz. Continue Reading
Tip 04 Dec 2020

Counter threats with these top SecOps software options

SecOps tools offer many capabilities to address common threats enterprises face, including domain name services, network detection and response, and anti-phishing. Continue Reading
Tip 25 Nov 2020

8 benefits of a security operations center

A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
Tip 12 Nov 2020

Microsegmentation networking: Nutanix Flow vs. VMware NSX HCI

Explore how microsegmentation improves network security and the differences in how Nutanix and VMware bring the technology to their software-defined hyper-converged infrastructures. Continue Reading
Opinion 02 Nov 2020

Cybersecurity for remote workers: Lessons from the front

Tackle the security challenges COVID-19 wrought by using this playbook from an experienced disaster-zone responder. Continue Reading
Opinion 02 Nov 2020

AI in cybersecurity ups your odds against persistent threats

AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
Tip 02 Nov 2020

Why networks should apply security by design principles

Security by design incorporates security and risk management directly into network architecture, using segmentation and Agile infrastructure design. Continue Reading
Tip 29 Oct 2020

Understanding the zero trust-SDP relationship

Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading
Guest Post 23 Oct 2020

Why SASE should be viewed as an evolution, not revolution

The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals. Continue Reading
Tip 19 Oct 2020

Planning a zero-trust strategy in 6 steps

Launch a zero-trust strategy in six steps. Learn how to form a dedicated team, ask questions about existing security controls and evaluate the priority of zero-trust initiatives. Continue Reading
Tip 19 Oct 2020

Zero-trust implementation begins with choosing an on-ramp

Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading

1
2
3

Networking

Google interconnects with rival cloud providers
Video platform provider Pexip said Google's Cross-Cloud Interconnect reduced the cost of connecting Google Cloud with Microsoft ...
How to interact with network APIs using cURL, Postman tools
Network engineers can use cURL and Postman tools to work with network APIs. Use cases include getting interface information and ...
Modular network design benefits and approaches
Modular network design is a strategic way for enterprises to group network building blocks in order to streamline network ...

CIO

Experts doubt U.S. retaliation following China's Micron ban
The Biden administration likely won't retaliate for China's Micron Technology ban but will continue to play the long game ...
AI transparency: What is it and why do we need it?
As the use of AI models has evolved and expanded, the concept of transparency has grown in importance. Learn about the benefits ...
How to write an RFP for a software purchase, with template
Software buying teams should understand how to create an effective RFP. Here's a look at what components to include, along with a...

Enterprise Desktop

Best practices for a PC end-of-life policy
Organizations that deploy PCs need a strong and clear policy to handle hardware maintenance, end of life decisions, sustainable ...
What does the new Microsoft Intune Suite include?
With all the recent name changes with Microsoft's endpoint management products and add-ons, IT teams need to know what Intune ...
Does macOS need third-party antivirus in the enterprise?
Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into ...

Cloud Computing

Cloud experts weigh in on the state of FinOps
Surprised by your cloud bill? Experts weigh in on the rising popularity of FinOps, the art of building a FinOps strategy and the ...
Dell Apex updates support enterprise 'cloud to ground' moves
Dell's latest Apex updates puts the company in a position to capitalize on the hybrid, multi-cloud and edge computing needs of ...
Prepare for the Azure Security Engineer Associate certification
Are you ready to boost your resume or further your cloud career path? Review this preparation guide to get ready for Exam AZ-500 ...

ComputerWeekly.com

Mercedes Pay turns vehicles into payment devices
German car manufacturer add contactless payment feature to enable drivers to find and book parking spaces and pay automatically ...
Victims of MOVEit SQL injection zero-day mount up
The BBC, Boots, and British Airways are among the victims of cyber incidents arising from a recently disclosed vulnerability in ...
Netherlands makes case for harmonisation of cloud security standards
Harmonisation of cyber security standards is necessary to reduce the regulatory burden on Dutch SMEs – and regulators need to ...

Close