Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Tip
12 Dec 2024
9 identity and access management trends to watch in 2025
Identity threats continue to change and so, too, do the defenses developed to address those security challenges. Be ready for what's coming next in IAM. Continue Reading
By- Phil Sweeney, Industry Editor
-
Tip
12 Dec 2024
7 must-know IAM standards in 2025
Does your IAM program need OAuth or OpenID Connect? Or maybe both? Let's look at the various standards and protocols that make identity management function. Continue Reading
-
Opinion
11 Dec 2024
3 cybersecurity predictions for 2025
Will service as software, agentic cybersecurity and automated remediation reach their potential in 2025? Read up on what analyst Tyler Shields has to say. Continue Reading
By- Tyler Shields
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Definition
05 Dec 2024
What are Common Criteria (CC) for Information Technology Security Evaluation?
Common Criteria (CC) is an international standard (ISO/IEC 15408) for evaluating information technology security products. Continue Reading
-
Tip
02 Dec 2024
8 best practices for a bulletproof IAM strategy
IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges. Continue Reading
-
Tip
20 Nov 2024
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Tip
20 Nov 2024
User provisioning and deprovisioning: Why it matters for IAM
Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Video
18 Nov 2024
An explanation of cybercrime
Cybercrime is a real and illegal threat, just like traditional crime. Learn about cybercriminals and effective prevention strategies to safeguard yourself online. Continue Reading
By- Sabrina Polin, Managing Editor
-
Podcast
14 Nov 2024
CEO: GenAI changes multi-cloud security, network equation
Aviatrix CEO Doug Merritt sees generative AI apps forcing a more distributed approach to cloud infrastructure, but he believes it will also help SecOps catch up with threats. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
12 Nov 2024
SIEM vs. SOAR vs. XDR: Evaluate the key differences
SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs. Continue Reading
By -
Podcast
12 Nov 2024
Lines blur between enterprise SecOps and cyberdefense
One expert predicts AI will ultimately benefit attackers more than defenders and, instead, urges businesses to take a page out of military and government cyberdefense handbooks. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
12 Nov 2024
EDR vs. XDR vs. MDR: Key differences and benefits
One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help. Continue Reading
By -
Tip
07 Nov 2024
How to create an enterprise cloud security budget
As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
06 Nov 2024
CISA on 2024 election security: 'Good news' for democracy
CISA Director Jen Easterly says that despite disruptions including bomb threats in multiple states, Election Day 2024 was a success story from a security standpoint. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
04 Nov 2024
CISA: U.S. election disinformation peddled at massive scale
CISA said the U.S. cybersecurity agency has seen small-scale election incidents 'resulting in no significant impacts to election infrastructure,' such as low-level DDoS attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
01 Nov 2024
Could SBOMs save lives? SecOps in critical infrastructure
'We live in glass houses,' said a seasoned cybersecurity expert of the U.S. water supply, healthcare and other lifeline services. 'And people are about to start throwing rocks.' Continue Reading
By- Beth Pariseau, Senior News Writer
-
Definition
01 Nov 2024
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
-
Tip
01 Nov 2024
API security testing checklist: 7 key steps
APIs are a common attack vector for malicious actors. Use our API security testing checklist and best practices to protect your organization and its data. Continue Reading
By- Dave Shackleford, Voodoo Security
- Michael Cobb
-
Feature
29 Oct 2024
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
News
28 Oct 2024
Delta sues CrowdStrike over IT outage fallout
Delta said it suffered $500 million in damages. CrowdStrike said the airline company's claims 'demonstrate a lack of understanding of how modern cybersecurity works.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
28 Oct 2024
Types of cybersecurity controls and how to place them
A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset. Continue Reading
By- Isabella Harford, TechTarget
- Packt Publishing
-
Definition
28 Oct 2024
What is authentication, authorization and accounting (AAA)?
Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Podcast
25 Oct 2024
Relearning past lessons in assessing cloud risk
Those who do not learn from history are doomed to repeat it -- even when that history is only about a decade or two old, according to one security analyst in this podcast episode. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
16 Oct 2024
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
By -
Feature
16 Oct 2024
How to define cyber-risk appetite as a security leader
In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading
By- Alissa Irei, Senior Site Editor
- Wiley Publishing
-
Podcast
11 Oct 2024
SecOps from the IT infrastructure operations perspective
The CrowdStrike outage capped a decade of deepening divide between SecOps and the rest of IT ops -- and should bring about its end, according to one industry veteran. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Definition
10 Oct 2024
What is threat intelligence?
Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
-
Definition
10 Oct 2024
What is extended detection and response (XDR)?
Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment. Continue Reading
-
Podcast
08 Oct 2024
Risk & Repeat: Is Microsoft security back on track?
Microsoft has made significant changes to its cybersecurity practices and policies under the Secure Future Initiative. Are they enough to right the ship? Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
07 Oct 2024
How to use security as code to achieve DevSecOps
Security as code helps organizations achieve DevSecOps and shift-left security. Learn about SaC's benefits, challenges and implementation best practices. Continue Reading
By -
News
03 Oct 2024
Microsoft SFI progress report elicits cautious optimism
Infosec experts say the Secure Future Initiative progress report shows Microsoft has made important changes to its policies, practices and accountability structures. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
03 Oct 2024
Microsoft security overhaul offers blueprint for SecOps
Better late than never: Microsoft lags major cloud competitors in making security a top priority. But other enterprises might learn from how the company is catching up. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
01 Oct 2024
T-Mobile reaches $31.5M breach settlement with FCC
After suffering several breaches, T-Mobile agreed to pay a $15.75 million civil penalty and make a $15.75 million investment to bolster its security over the next two years. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report
The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
26 Sep 2024
The double-edged swords of cloud security and AI
DevSecOps expert Kyler Middleton examines the ways modern technologies such as cloud computing and AI both enable and complicate the future of SecOps. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tutorial
24 Sep 2024
How to use tcpreplay to replay network packet files
The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tip
23 Sep 2024
How to prepare a system security plan, with template
To help keep your systems and applications secure, a system security plan is essential. Learn how to create a plan and keep it up to date. Continue Reading
By -
News
23 Sep 2024
Microsoft issues first Secure Future Initiative report
In the first progress report since the launch of its Secure Future Initiative, Microsoft said it's made key improvements to identity and supply chain security. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
20 Sep 2024
How to prepare for post-quantum computing security
One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations. Continue Reading
By- Kyle Johnson, Technology Editor
-
Podcast
19 Sep 2024
SecOps' new frontier in the remote work era: HR
A CISO shares the story of how his SOC staff caught and contained a North Korean agent posing as a software engineer, saying he hopes to raise awareness of a growing threat. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
16 Sep 2024
Explaining cybersecurity tabletop vs. live-fire exercises
Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ. Continue Reading
By -
Tip
16 Sep 2024
Microsoft Copilot for Security: 5 use cases
Copilot for Security can assist security pros -- from managers and CISOs to incident responders and SOC members -- in maintaining security posture and addressing security gaps. Continue Reading
By- Matthew Smith, Seemless Transition LLC
-
Tip
10 Sep 2024
8 key aspects of a mobile device security audit program
Auditing is a crucial part of mobile device security, but IT admins must ensure their approach is thorough and consistent. Learn what aspects make up a mobile device audit program. Continue Reading
By- Michael Goad, CDW
-
Tip
09 Sep 2024
How to create an AI acceptable use policy, plus template
With great power comes -- in the case of generative AI -- great security and compliance risks. Learn how an AI acceptable use policy can help ensure safe use of the technology. Continue Reading
By- Jerald Murphy, Nemertes Research
-
Podcast
09 Sep 2024
An expert's big-picture view of the state of SecOps
In this first episode of 'IT Ops Query' Season 2, a SANS institute instructor and 20-year cybersecurity veteran assesses the past, present and future of SecOps. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
06 Sep 2024
Threat hunting frameworks, techniques and methodologies
Threat hunting's proactive approach plays a vital role in defending against cyberattacks. Learn about the frameworks, methodologies and techniques that make it so effective. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Definition
06 Sep 2024
What is identity threat detection and response (ITDR)?
Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure. Continue Reading
-
Definition
06 Sep 2024
What is MXDR, and do you need it?
Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment. Continue Reading
By- Char Sample, ICF International
-
Tip
05 Sep 2024
What is threat hunting? Key strategies explained
If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know. Continue Reading
By- Ed Moyle, Drake Software
-
News
28 Aug 2024
Infosec experts applaud DOJ lawsuit against Georgia Tech
The Department of Justice joined a whistleblower lawsuit against Georgia Tech for allegedly misleading the Department of Defense about its cybersecurity posture. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
28 Aug 2024
Why is SecOps becoming both easier and more difficult?
While SecOps has become easier in some ways, enterprises still struggle with areas such as data volumes, threat intelligence analysis and security alert volume and complexity. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tutorial
27 Aug 2024
How to use Tor -- and whether you should -- in your enterprise
The Tor browser has sparked discussion and dissension since its debut. Does the software, which promises anonymous and secure web access, have a role to play in the enterprise? Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
27 Aug 2024
Port of Seattle grappling with 'possible cyberattack'
A possible cyberattack against Washington's Port of Seattle has caused significant service disruptions to airline travel at the Seattle-Tacoma International Airport. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
27 Aug 2024
What is LDAP (Lightweight Directory Access Protocol)?
LDAP (Lightweight Directory Access Protocol) is a software protocol used for locating data about organizations, individuals and other resources, such as files and devices, on public and corporate networks. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Alexander S. Gillis, Technical Writer and Editor
-
Tip
26 Aug 2024
How to use the NIST CSF and AI RMF to address AI risks
Companies are increasingly focused on how they can use AI but are also worried about their exposure to AI-fueled cybersecurity risks. Two NIST frameworks can help. Continue Reading
By- Matthew Smith, Seemless Transition LLC
-
News
22 Aug 2024
CrowdStrike exec refutes Action1 acquisition reports
A CrowdStrike vice president said the cybersecurity giant had an exploratory group conversation with Action1 and then 'disengaged after a surface level conversation.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
19 Aug 2024
Guide to data detection and response (DDR)
Data is one of the most important assets in any organization. To truly protect it, you need a DDR strategy. Here's what you need to know, with tips on buying DDR tools. Continue Reading
-
Tip
19 Aug 2024
Too many cloud security tools? Time for consolidation
Does your organization need every cloud security platform and service currently in use? Tool consolidation can reduce the chances of coverage gaps and increase security. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
19 Aug 2024
CrowdStrike outage lessons learned: Questions to ask vendors
In light of the recent CrowdStrike outage, security teams should ask their vendors 10 key questions to ensure they're prepared should a similar event occur. Continue Reading
By- Ed Moyle, Drake Software
-
News
13 Aug 2024
What the Delta-CrowdStrike lawsuit may mean for IT contracts
The recent exchange of allegations between Delta and CrowdStrike reveals legal arguments Delta could use to recover the massive losses suffered in the CrowdStrike outage. Continue Reading
By- Antone Gonsalves, News Director
-
News
13 Aug 2024
Law enforcement disrupts Radar/Dispossessor ransomware group
The now-disrupted Radar/Dispossessor ransomware gang was launched in August 2023, and its members have targeted dozens of SMBs across critical sectors via dual extortion. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
12 Aug 2024
Risk & Repeat: Recapping Black Hat USA 2024
Highlights from Black Hat USA 2024 include a keynote panel on securing election infrastructure as well as several sessions on potential threats against new AI technology. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
12 Aug 2024
How to fix Windows 11 desktops after CrowdStrike outage
IT administrators had to jump into action after the CrowdStrike outage to recover faulty desktops. Learn how to use the Microsoft Recovery Tool to fix Windows 11 issues. Continue Reading
By -
Tip
12 Aug 2024
How to conduct a mobile app security audit
To keep corporate and user data safe, IT must continuously ensure mobile app security. Mobile application security audits are a helpful tool to stay on top of data protection. Continue Reading
By -
News
12 Aug 2024
Flashpoint CEO: Cyber, physical security threats converging
Although Flashpoint is known for their cybersecurity threat intelligence services, the vendor also provides physical security intelligence to its clientele. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
12 Aug 2024
EDR testing: How to validate EDR tools
Cutting through an EDR tool's marketing hype is difficult. Ask vendors questions, and conduct testing before buying a tool to determine if it solves your organization's pain points. Continue Reading
By -
News
08 Aug 2024
CrowdStrike, AI dominate conversation at Black Hat USA 2024
Although the trend of vendors pitching AI-powered products nonstop has continued at Black Hat USA 2024, CrowdStrike and the recent IT outage was an even larger point of discussion. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Aug 2024
CISA: Election infrastructure has never been more secure
CISA Director Jen Easterly emphasized at Black Hat 2024 that election stakeholders cannot be complacent because 'the threat environment has never been so complex.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Aug 2024
CrowdStrike details errors that led to mass IT outage
CrowdStrike's investigation into the recent defective update found that a 'confluence' of issues led to the release of the channel file last month, causing a mass IT outage. Continue Reading
By- Rob Wright, Senior News Director
-
News
06 Aug 2024
Security framework to determine whether defenders are winning
Columbia University researcher and longtime security practitioner Jason Healey will present at Black Hat USA a new framework to determine defensive advantage. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
05 Aug 2024
CrowdStrike fires back at Delta over outage allegations
After Delta Air Lines said it would seek damages against CrowdStrike over last month's IT outage, the cybersecurity vendor's legal counsel warned it would 'respond aggressively.' Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Aug 2024
InfoSec community sounds off on CrowdStrike outage, next steps
Security experts offered their thoughts on the recent IT outage, praising CrowdStrike's response time but saying the outage highlights issues in the software updating process. Continue Reading
By- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
-
Tip
01 Aug 2024
How to assess SOC-as-a-service benefits and challenges
While in-house SOCs are costly and complex to build and maintain, SOC as a service provides a more affordable, cloud-based alternative. Explore benefits and challenges. Continue Reading
By- John Burke, Nemertes Research
- Alissa Irei, Senior Site Editor
-
News
30 Jul 2024
Microsoft, SecOps pros weigh kernel access post-CrowdStrike
Microsoft will explore alternatives to direct kernel access for partners following the CrowdStrike outage. But some IT pros worry that change could do more harm than good. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Opinion
29 Jul 2024
5 key capabilities for effective cyber-risk management
Faced with relentless cyberattacks, organizations need to shore up their cyber-risk management programs by updating legacy tools and checking out new vendor options. Continue Reading
By- David Vance
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
26 Jul 2024
CrowdStrike outage underscores software testing dilemmas
Experts say efforts to avoid incidents such as last week's CrowdStrike outage will face time-honored tradeoffs between velocity, stability, access and security. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Opinion
26 Jul 2024
CISO advice for addressing cyber-risk management challenges
Cyber-risk management is simple in concept and difficult in practice. CISOs weigh in on some potential ways to reign in the chaos, educate executives and mitigate cyber-risks. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
26 Jul 2024
BitLocker workaround may offer aid for CrowdStrike customers
CrowdStrike customers grappling with blue screens of death from the recent IT outage may be able to sidestep BitLocker encryption schemes and recover their Windows systems. Continue Reading
By- Rob Wright, Senior News Director
-
News
26 Jul 2024
CrowdStrike: 97% of Windows sensors back online after outage
While most Windows systems are back online after last week's outage, CrowdStrike CEO George Kurtz said the vendor remains 'committed to restoring every impacted system.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
25 Jul 2024
CrowdStrike disaster exposes a hard truth about IT
Growing third-party dependencies mean more CrowdStrike-like disasters ahead. Preventing these requires a commitment to quality from vendors and robust backup plans from users. Continue Reading
By- Patrick Thibodeau, Editor at Large
-
Feature
25 Jul 2024
The differences between open XDR vs. native XDR
Extended detection and response tools are open or native. Learn the differences between them, and get help choosing the right XDR type for your organization. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
24 Jul 2024
CrowdStrike: Content validation bug led to global outage
CrowdStrike said last week's global outage was caused by a bug in the Falcon platform's content validator, which missed a defective configuration update for its Windows sensor. Continue Reading
By- Alexander Culafi
-
Tip
24 Jul 2024
Types of MDR security services: MEDR vs. MNDR vs. MXDR
Considering MDR security services? There's more than one option available; learn how to find the best for your organization's security needs. Continue Reading
By- Diana Kelley, SecurityCurve
-
Podcast
23 Jul 2024
Risk & Repeat: Faulty CrowdStrike update causes global outage
Friday's outage, which was caused by a defective CrowdStrike channel file update, resulted in significant disruptions for airlines, critical infrastructure and more. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
23 Jul 2024
The ultimate guide to cybersecurity planning for businesses
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
By- Craig Stedman, Industry Editor
-
Tip
19 Jul 2024
Why mobile security audits are important in the enterprise
Mobile devices bring their own set of challenges and risks to enterprise security. To handle mobile-specific threats, IT should conduct regular mobile security audits. Continue Reading
By- Michael Goad, CDW
-
News
19 Jul 2024
Defective CrowdStrike update triggers mass IT outage
A faulty update for CrowdStrike's Falcon platform crashed customers' Windows systems, causing outages at airlines, government agencies and other organizations across the globe. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
19 Jul 2024
How to protect port 139 from SMB attacks
Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By -
News
18 Jul 2024
Judge tosses most of SEC's lawsuit against SolarWinds
A judge dismissed many of the charges in the U.S. Securities and Exchange Commission's lawsuit against SolarWinds and its CISO, Timothy Brown, though some charges remain. Continue Reading
By- Rob Wright, Senior News Director
-
Tutorial
18 Jul 2024
How to use Pwnbox, the cloud-based VM for security testing
Pwnbox offers users the chance to hone their skills about security concepts and tools without having to build a costly lab environment. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
18 Jul 2024
Amazon CISO discusses the company's cautious approach to AI
At the recent AWS re:Inforce 2024 conference, Amazon CISO CJ Moses spoke about the risks and threats associated with new AI technology and how the cloud giant addresses them. Continue Reading
By- Rob Wright, Senior News Director
-
Opinion
09 Jul 2024
CISOs on how to improve cyberthreat intelligence programs
Organizations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Feature
08 Jul 2024
How AI-driven SOC tech eased alert fatigue: Case study
Alert fatigue is real, and it can cause big problems in the SOC. Learn how generative AI can improve security outcomes and reduce analysts' frustration in this case study. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Feature
03 Jul 2024
RSA security conference video roundup: 2024 perspectives
We chatted on camera with attendees and presenters at RSAC 2024. To get the highlights of one of the world's major cybersecurity conferences, check out this video collection. Continue Reading
By- Brenda L. Horrigan, Executive Managing Editor
-
News
28 Jun 2024
TeamViewer breached by Russian state actor Midnight Blizzard
TeamViewer says a Russian state-sponsored threat actor known as Midnight Blizzard gained accessed to the company's corporate network via compromised employee credentials. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tutorial
28 Jun 2024
How to use Social-Engineer Toolkit
Testing system components for vulnerabilities is just one part of the network security equation. What's the best way to measure users' resilience to social engineering threats? Continue Reading
By- Ed Moyle, Drake Software
-
News
25 Jun 2024
CISA discloses breach of Chemical Security Assessment Tool
The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
25 Jun 2024
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Alexander S. Gillis, Technical Writer and Editor
- Ben Lutkevich, Site Editor
-
News
21 Jun 2024
Biden administration bans Kaspersky Lab products in US
The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Jun 2024
How Amazon's decision to ditch Active Directory paid off
Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall
Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Jun 2024
Alex Stamos on how to break the cycle of security mistakes
In an interview, SentinelOne's Alex Stamos discussed the importance of security by design and why it needs to be applied to emerging technologies, including generative AI. Continue Reading
By- Alexander Culafi, Senior News Writer