Network Intrusion Prevention (IPS)

Top Stories

Quiz 28 Jul 2020
IDS/IPS quiz: Intrusion detection and prevention systems

Want a baseline of your intrusion detection and prevention system knowledge? Test your insights with this IDS/IPS quiz. Continue Reading
Answer 19 Dec 2019
Host IDS vs. network IDS: Which is better?

Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading

Feature 01 Aug 2019

New tech steers identity and access management evolution

IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets. Continue Reading
01 Aug 2019

New tech steers identity and access management evolution

Continue Reading
Opinion 01 Aug 2019

Is your identity management up to the task?

IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle. Continue Reading
01 Aug 2019

Is your identity management up to the task?

Continue Reading
E-Zine 01 Aug 2019

Managing identity and access well unlocks strong security

Continue Reading
News 01 Aug 2019

SafeBreach launches new platform to prioritize, mitigate security gaps

SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first. Continue Reading
News 31 Jul 2019

Project Zero drops six iOS vulnerabilities ahead of Black Hat

Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction. Continue Reading
News 31 Jul 2019

Qualys IOC 2.0 update improves threat detection and response

Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
News 30 Jul 2019

FBI charges former AWS engineer in Capital One breach

The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall. Continue Reading
Feature 30 Jul 2019

Tackling IT security awareness training with a county CISO

A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved. Continue Reading
News 30 Jul 2019

AT&T introduces managed threat detection and response service

Using Alien Labs threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches. Continue Reading
News 30 Jul 2019

URGENT/11 VxWorks vulnerabilities affect millions of devices

Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system. Continue Reading
News 30 Jul 2019

2019 data breach disclosures: 10 of the biggest -- so far

Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year. Continue Reading
Feature 30 Jul 2019

Digital transformation redefines cybersecurity skills, careers

The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think. Continue Reading
Feature 30 Jul 2019

How to pass the CISSP exam on your first try: Tips to get a good score

Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more. Continue Reading
News 29 Jul 2019

Untangling GDPR fines with Synopsys' Tim Mackey

Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations. Continue Reading
Tip 29 Jul 2019

SD-WAN security benefits go beyond the obvious

SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise. Continue Reading
Tip 29 Jul 2019

3 ways to shore up third-party risk management programs

A new Nemertes research study shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams. Continue Reading
Answer 29 Jul 2019

What are the pros and cons of outsourcing IT security?

Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind. Continue Reading
Answer 26 Jul 2019

What's the best way to approach multi-cloud security?

Multi-cloud security can be challenging, but new tools promise to ease some of the problems associated with managing resources across multiple CSPs. Continue Reading
Feature 26 Jul 2019

Quantum computers mean cryptography needs to change, and soon

As quantum computing gains momentum with practical quantum computers due to come online as early as next year, concerns about post-quantum cryptography are pushed to the forefront. Continue Reading
Answer 26 Jul 2019

How can endpoint security features help combat modern threats?

The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
News 25 Jul 2019

Immunity selling new BlueKeep exploit, defends decision

Immunity CEO Dave Aitel defended his company's decision to sell a full RCE BlueKeep exploit as part of a pen testing tool, saying the exploit is necessary to demonstrate risk. Continue Reading
Feature 25 Jul 2019

IoT Cybersecurity Improvement Act calls for deployment standards

The IoT Cybersecurity Improvement Act would require development of security standards and guidelines for federal IoT devices, but CISOs in the private sector could also benefit. Continue Reading
Tip 25 Jul 2019

How to limit the cloud security blast radius of credential attacks

Explore how the security blast radius concept, which has admins evaluating how to assess and limit the damage of a threat, can be applied to cloud identity and access management. Continue Reading
News 25 Jul 2019

D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0

With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats. Continue Reading
News 24 Jul 2019

Citrix breach blamed on poor password security

An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen. Continue Reading
Opinion 24 Jul 2019

What's the difference between a password and a PIN?

A question I've always had but was too afraid to ask when I first learned about passwordless experiences. Continue Reading
Tip 23 Jul 2019

Which is better: anomaly-based IDS or signature-based IDS?

Even as vendors improve IDS by incorporating both anomaly-based IDS and signature-based IDS, understanding the difference will aid intrusion protection decisions. Continue Reading
Feature 23 Jul 2019

Portrait of a CISO: Roles and responsibilities

Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate. Continue Reading
News 23 Jul 2019

Slide deck brings BlueKeep exploit closer to the wild

After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch. Continue Reading
News 23 Jul 2019

Researchers fool Cylance AI antimalware with 'simple' bypass

Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading
Opinion 23 Jul 2019

A look at MobileIron’s zero sign-on and passwordless authentication plans

MobileIron’s “zero sign-on” tech uses phones to authenticate when accessing SaaS apps from unmanaged devices. Continue Reading
News 22 Jul 2019

Equifax to pay up to $700 million in data breach settlement

Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers. Continue Reading
News 19 Jul 2019

Enzoic for Active Directory brings continuous password protection

Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords. Continue Reading
Feature 19 Jul 2019

Understand the basics of email security gateways

Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these products get the job done. Continue Reading
News 19 Jul 2019

CyberArk brings updates to privileged access security offering

CyberArk introduces CyberArk Alero to its privileged access management product lineup, in addition to other endpoint management and cloud offering updates. Continue Reading
News 18 Jul 2019

New ransomware threat takes GandCrab's place

Researchers released GandCrab master decryption keys, and in the wake of GandCrab's shutdown, a new ransomware threat -- called Sodin or Sodinokibi -- has emerged. Continue Reading
Tip 18 Jul 2019

CASB market dynamics, from a customer perspective

The CASB market is changing. Learn how the fluctuating threat landscape has led to a use case evolution and operational changes for the CASB in the enterprise. Continue Reading
Feature 18 Jul 2019

5 best practices to choose the right email security software

Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise. Continue Reading
News 17 Jul 2019

BlueKeep blues: More than 800,000 systems still unpatched

Despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed. Continue Reading
News 17 Jul 2019

Claroty extends platform to include IoT device security

Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. Continue Reading
Tip 17 Jul 2019

The benefits of IAM can far outweigh the costs

Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network. Continue Reading
News 17 Jul 2019

E-commerce platforms used for domain spoofing against Best Buy

Despite efforts to flag spoofed domains imitating Best Buy, the sites are still active on e-commerce platforms like Shopify and GearLaunch, which have not taken them down. Continue Reading
Feature 16 Jul 2019

Cisco engineer: Why we need more women in cybersecurity

Progress on the cybersecurity gender gap has been slow but steadier recently. Cisco engineer Michele Guel explains how to hack the gender gap. Continue Reading
News 16 Jul 2019

Experts: Facebook fine by FTC should be wake-up call for all

Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note. Continue Reading
Feature 12 Jul 2019

Cybersecurity skills shortage prompts new hiring approach

Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting. Continue Reading
News 12 Jul 2019

Zoom vulnerability reveals privacy issues for users

Companies and users around the world were impacted by a Zoom conferencing software flaw that could allow threat actors to forcibly join a video call without interaction. Continue Reading
Feature 10 Jul 2019

How does an island hopping attack work?

Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them. Continue Reading
Feature 09 Jul 2019

Building a threat intelligence framework: Here's how

A robust threat intelligence framework is a critical part of a cybersecurity plan. A top researcher discusses what companies need to know. Continue Reading
News 09 Jul 2019

OneLogin Desktop Pro for Windows reduces password load

By eliminating the need for remote workers to sign into Active Directory to access their network, OneLogin's Desktop Pro for Windows aims to make working remotely easier, according to the vendor. Continue Reading
News 09 Jul 2019

British Airways security incident garners record GDPR fine

The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised. Continue Reading
Opinion 08 Jul 2019

Who's to blame for ransomware attacks -- beyond the attackers?

Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading
News 08 Jul 2019

Ipsidy's Identity Portal uses biometrics for secure access

Identity Portal by Ipsidy uses biometric authorization methods to ensure secure account access, enable users to verify changes, protect customers from fraudulent phone calls, and more. Continue Reading
Tip 08 Jul 2019

Office 365 security challenges and how to solve them

To understand the Office 365 threat landscape, take stock of the application features and programs available based on the organization's license level of the subscription. Continue Reading
Answer 08 Jul 2019

Attackers turn the tables on incident response strategies

Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies. Continue Reading
Tip 08 Jul 2019

Boost application security in DevOps with DevSecOps

Without DevSecOps, application security can end up on the back burner during application development. Learn how DevSecOps can bake security back into the process. Continue Reading
News 03 Jul 2019

U.S. Cybercom warns Outlook vulnerability under attack

U.S. Cybercom issued an alert about active exploitation of a 2-year-old Microsoft Outlook flaw, and experts say an Iranian threat group is behind the attacks. Continue Reading
News 03 Jul 2019

FTC settles lawsuit over D-Link security claims

D-Link settled a U.S. Federal Trade Commission lawsuit, which alleged the company failed to take basic steps to address security flaws and weaknesses in its products. Continue Reading
News 02 Jul 2019

Huawei ban may be loosened, but details unclear

President Donald Trump promised to loosen trade restrictions on Huawei, while respecting national security concerns, but the details of the changes are still unclear. Continue Reading
News 02 Jul 2019

Phishing-as-a-service threats abusing cloud services

According to new research, phishing kit providers are increasingly using popular cloud services to host their malicious links in an effort to conceal them from detection. Continue Reading
Answer 28 Jun 2019

Do I need to adopt a cybersecurity framework?

A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages. Continue Reading
Tip 28 Jun 2019

How to beef up Office 365 email security features

Companies looking to fortify their Office 365 email security can assess options from a variety of third-party vendors. Find out which features are the most important. Continue Reading
News 28 Jun 2019

AI-enabled malware is coming, Malwarebytes warns

AI-driven threats may not be here yet, but a new report from Malwarebytes predicts they will be here soon and could potentially change the cybersecurity game for good. Continue Reading
Answer 28 Jun 2019

What's the best way to maintain top cybersecurity frameworks?

Keeping top cybersecurity frameworks up to date means understanding how a business evolves and changes. What steps should you take to maintain your security strategy? Continue Reading
Answer 28 Jun 2019

What are the core components of a cybersecurity framework?

Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know. Continue Reading
Feature 28 Jun 2019

Top 5 incident response interview questions

Job interviews are always nerve-wracking. But you can prepare now by honing your responses to the most likely interview questions for an incident response position. Continue Reading
Tip 28 Jun 2019

How to prevent cybersecurity attacks using this 4-part strategy

It can be daunting to defend an enterprise against cyberattacks, but these four defensive moves can help fortify and repel whatever comes your way. Continue Reading
Tip 28 Jun 2019

How to retool incident response best practices for the digital age

As companies become more cloud- and mobile-centric, they need to reassess their incident response best practices and automate as much as possible. Continue Reading
Feature 28 Jun 2019

Incident response tools: How, when and why to use them

The OODA loop can help organizations throughout the entire incident response process by giving them insight into which tools they need to detect and respond to security events. Continue Reading
Tip 28 Jun 2019

Incident response: How to implement a communication plan

Communication is critical to an effective incident response plan. Here are five best practices an organization can use to gather and share information. Continue Reading
Tip 28 Jun 2019

Strategies to mitigate cybersecurity incidents need holistic plans

Every organization needs strategies to mitigate cybersecurity incidents, but what areas should the strategies address? Find out what experts suggest to protect the entire organization. Continue Reading
Feature 28 Jun 2019

10 types of security incidents and how to handle them

Cyberattacks are more varied than ever. Learn the key symptoms that signal a problem and how to respond to keep systems and data safe. Continue Reading
Feature 28 Jun 2019

5 critical steps to creating an effective incident response plan

With cyberthreats and security incidents growing by the day, every organization needs a solid plan for mitigating threats. Here's how to create yours. Continue Reading
Feature 28 Jun 2019

Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black

Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents. Continue Reading
Feature 28 Jun 2019

How to become an incident responder: Requirements and more

Incident response is a growth field that provides excitement and a good salary. Here's an in-depth look at requirements, salaries and the career path. Continue Reading
Feature 28 Jun 2019

How to build an incident response team for your organization

The time to organize and train an IR team is long before a security incident occurs. Learn the practical steps needed to create an effective, cross-functional team. Continue Reading
Tip 27 Jun 2019

Where does IMAP security fall short, and how can it be fixed?

Legacy email protocols like IMAP are prime targets for hackers. Fix IMAP security with better configuration, more encryption and multifactor authentication mandates. Continue Reading
Feature 27 Jun 2019

Words to go: Identity and access management security

IT pros must keep up to date with rapidly changing identity technology and access threats. Help protect IAM security by getting familiar with this list of foundation terms. Continue Reading
Guide 27 Jun 2019

Everything you need to know about multi-cloud security

Make multi-cloud security a reality in your organization with these tips and strategies from industry experts as you implement more cloud platforms. Continue Reading
Answer 26 Jun 2019

What is the best way to write a cloud security policy?

Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these policy writing best practices. Continue Reading
Answer 26 Jun 2019

What are the top cloud security certifications for 2019?

Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications available from expert Nick Lewis. Continue Reading
News 26 Jun 2019

Stellar Cyber launches Starlight 3.1 for AI threat detection

Stellar Cyber, a security analytics vendor, launched Starlight 3.1 as its first unified security analytics platform, using AI and machine learning to detect and thwart attacks. Continue Reading
Feature 26 Jun 2019

Build a proactive cybersecurity approach that delivers

Whether it's zero-trust, adaptive security or just plain common sense, IT leaders must embrace an approach to IT security that's proactive, not reactive. Continue Reading
Tip 26 Jun 2019

The CISO's guide to Kubernetes security and deployment

Container orchestration platform Kubernetes provides tools needed to deploy scalable applications with efficiency. Learn what steps CISOs must take to secure a Kubernetes environment. Continue Reading
Tip 26 Jun 2019

IPsec vs. SSL VPN: Comparing speed, security risks and technology

IPsec VPNs and SSL VPNs both encrypt network data, but they do it differently. Learn about the differences and how to determine the right solution for your organization. Continue Reading
Tip 25 Jun 2019

What identity governance tools can do for your organization

Learn how to evaluate available security tools that manage the governance of your users' identity and access to company systems and data. Continue Reading
News 24 Jun 2019

DHS warns of increased Iranian cyberattacks on enterprises

The cyberthreat warning from Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, follows escalating tension between Iran and the U.S. Continue Reading
Tip 24 Jun 2019

4 steps to critical infrastructure protection readiness

Government and private industry share responsibility for critical infrastructure and key resources protection. Follow four steps to understand and know who you're gonna call to protect CIKR. Continue Reading
Tip 24 Jun 2019

The case for continuous security monitoring

When done correctly, continuous security monitoring provides real-time visibility into an organization's IT environment. Here are the best practices for building a CSM program. Continue Reading
Feature 21 Jun 2019

Biometric authentication terms to know

Consumers are on board with biometric authentication, but enterprises aren't so sure. Here's a breakdown of the must-know terms for companies considering biometric authentication. Continue Reading
Feature 21 Jun 2019

As cloud complexities increase, cybersecurity skills gap worsens

Concerns about the lack of security expertise persist, according to respondents in a new CSA survey of IT and security professionals on complexities within native cloud, hybrid and multi-cloud environments. Continue Reading
News 20 Jun 2019

Gartner: Application security programs coming up short

At the 2019 Gartner Security and Risk Management Summit, experts discussed how enterprise application security efforts are falling short and what can be done about it. Continue Reading
Opinion 20 Jun 2019

Despite recent vulnerabilities, you shouldn’t stop using hardware security keys like Yubikey

No solution is perfect, but these hardware security keys remain an awesome option in keeping accounts secure from attackers! Continue Reading
News 19 Jun 2019

BlueKeep warnings having little effect on Windows patching

DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet. Continue Reading
Tip 19 Jun 2019

What holistic network security tools offer an organization

Tools that provide a holistic approach to monitoring the IT infrastructure come in a variety of configurations and delivery models. Learn what's available. Continue Reading
Answer 19 Jun 2019

How can developers avoid a Git repository security risk?

Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks. Continue Reading
News 19 Jun 2019

Fortinet launches new WAN and edge security platform

Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges. Continue Reading
News 18 Jun 2019

Gartner: Cybersecurity skills shortage requires a new approach

At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved. Continue Reading
News 18 Jun 2019

ReliaQuest's cybersecurity platform integrates technologies

ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis. Continue Reading