Network Intrusion Prevention (IPS)
Top Stories
-
Quiz
28 Jul 2020
IDS/IPS quiz: Intrusion detection and prevention systems
Want a baseline of your intrusion detection and prevention system knowledge? Test your insights with this IDS/IPS quiz. Continue Reading
-
Answer
19 Dec 2019
Host IDS vs. network IDS: Which is better?
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
-
Feature
01 Aug 2019
New tech steers identity and access management evolution
IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets. Continue Reading
- 01 Aug 2019
-
Opinion
01 Aug 2019
Is your identity management up to the task?
IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle. Continue Reading
- 01 Aug 2019
- E-Zine 01 Aug 2019
-
News
01 Aug 2019
SafeBreach launches new platform to prioritize, mitigate security gaps
SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first. Continue Reading
-
News
31 Jul 2019
Project Zero drops six iOS vulnerabilities ahead of Black Hat
Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction. Continue Reading
-
News
31 Jul 2019
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
-
News
30 Jul 2019
FBI charges former AWS engineer in Capital One breach
The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall. Continue Reading
-
Feature
30 Jul 2019
Tackling IT security awareness training with a county CISO
A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved. Continue Reading
-
News
30 Jul 2019
AT&T introduces managed threat detection and response service
Using Alien Labs threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches. Continue Reading
-
News
30 Jul 2019
URGENT/11 VxWorks vulnerabilities affect millions of devices
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system. Continue Reading
-
News
30 Jul 2019
2019 data breach disclosures: 10 of the biggest -- so far
Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year. Continue Reading
-
Feature
30 Jul 2019
Digital transformation redefines cybersecurity skills, careers
The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think. Continue Reading
-
Feature
30 Jul 2019
How to pass the CISSP exam on your first try: Tips to get a good score
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more. Continue Reading
-
News
29 Jul 2019
Untangling GDPR fines with Synopsys' Tim Mackey
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations. Continue Reading
-
Tip
29 Jul 2019
SD-WAN security benefits go beyond the obvious
SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise. Continue Reading
-
Tip
29 Jul 2019
3 ways to shore up third-party risk management programs
A new Nemertes research study shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams. Continue Reading
-
Answer
29 Jul 2019
What are the pros and cons of outsourcing IT security?
Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind. Continue Reading
-
Answer
26 Jul 2019
What's the best way to approach multi-cloud security?
Multi-cloud security can be challenging, but new tools promise to ease some of the problems associated with managing resources across multiple CSPs. Continue Reading
-
Feature
26 Jul 2019
Quantum computers mean cryptography needs to change, and soon
As quantum computing gains momentum with practical quantum computers due to come online as early as next year, concerns about post-quantum cryptography are pushed to the forefront. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
25 Jul 2019
Immunity selling new BlueKeep exploit, defends decision
Immunity CEO Dave Aitel defended his company's decision to sell a full RCE BlueKeep exploit as part of a pen testing tool, saying the exploit is necessary to demonstrate risk. Continue Reading
-
Feature
25 Jul 2019
IoT Cybersecurity Improvement Act calls for deployment standards
The IoT Cybersecurity Improvement Act would require development of security standards and guidelines for federal IoT devices, but CISOs in the private sector could also benefit. Continue Reading
-
Tip
25 Jul 2019
How to limit the cloud security blast radius of credential attacks
Explore how the security blast radius concept, which has admins evaluating how to assess and limit the damage of a threat, can be applied to cloud identity and access management. Continue Reading
-
News
25 Jul 2019
D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0
With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats. Continue Reading
-
News
24 Jul 2019
Citrix breach blamed on poor password security
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen. Continue Reading
-
Opinion
24 Jul 2019
What's the difference between a password and a PIN?
A question I've always had but was too afraid to ask when I first learned about passwordless experiences. Continue Reading
-
Tip
23 Jul 2019
Which is better: anomaly-based IDS or signature-based IDS?
Even as vendors improve IDS by incorporating both anomaly-based IDS and signature-based IDS, understanding the difference will aid intrusion protection decisions. Continue Reading
-
Feature
23 Jul 2019
Portrait of a CISO: Roles and responsibilities
Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate. Continue Reading
-
News
23 Jul 2019
Slide deck brings BlueKeep exploit closer to the wild
After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch. Continue Reading
-
News
23 Jul 2019
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading
-
Opinion
23 Jul 2019
A look at MobileIron’s zero sign-on and passwordless authentication plans
MobileIron’s “zero sign-on” tech uses phones to authenticate when accessing SaaS apps from unmanaged devices. Continue Reading
-
News
22 Jul 2019
Equifax to pay up to $700 million in data breach settlement
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers. Continue Reading
-
News
19 Jul 2019
Enzoic for Active Directory brings continuous password protection
Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords. Continue Reading
-
Feature
19 Jul 2019
Understand the basics of email security gateways
Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these products get the job done. Continue Reading
-
News
19 Jul 2019
CyberArk brings updates to privileged access security offering
CyberArk introduces CyberArk Alero to its privileged access management product lineup, in addition to other endpoint management and cloud offering updates. Continue Reading
-
News
18 Jul 2019
New ransomware threat takes GandCrab's place
Researchers released GandCrab master decryption keys, and in the wake of GandCrab's shutdown, a new ransomware threat -- called Sodin or Sodinokibi -- has emerged. Continue Reading
-
Tip
18 Jul 2019
CASB market dynamics, from a customer perspective
The CASB market is changing. Learn how the fluctuating threat landscape has led to a use case evolution and operational changes for the CASB in the enterprise. Continue Reading
-
Feature
18 Jul 2019
5 best practices to choose the right email security software
Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise. Continue Reading
-
News
17 Jul 2019
BlueKeep blues: More than 800,000 systems still unpatched
Despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed. Continue Reading
-
News
17 Jul 2019
Claroty extends platform to include IoT device security
Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. Continue Reading
-
Tip
17 Jul 2019
The benefits of IAM can far outweigh the costs
Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network. Continue Reading
-
News
17 Jul 2019
E-commerce platforms used for domain spoofing against Best Buy
Despite efforts to flag spoofed domains imitating Best Buy, the sites are still active on e-commerce platforms like Shopify and GearLaunch, which have not taken them down. Continue Reading
-
Feature
16 Jul 2019
Cisco engineer: Why we need more women in cybersecurity
Progress on the cybersecurity gender gap has been slow but steadier recently. Cisco engineer Michele Guel explains how to hack the gender gap. Continue Reading
-
News
16 Jul 2019
Experts: Facebook fine by FTC should be wake-up call for all
Facebook will reportedly be hit with a $5 billion fine by the FTC following an investigation into multiple privacy issues, and experts said other enterprises should take note. Continue Reading
-
Feature
12 Jul 2019
Cybersecurity skills shortage prompts new hiring approach
Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting. Continue Reading
-
News
12 Jul 2019
Zoom vulnerability reveals privacy issues for users
Companies and users around the world were impacted by a Zoom conferencing software flaw that could allow threat actors to forcibly join a video call without interaction. Continue Reading
-
Feature
10 Jul 2019
How does an island hopping attack work?
Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them. Continue Reading
-
Feature
09 Jul 2019
Building a threat intelligence framework: Here's how
A robust threat intelligence framework is a critical part of a cybersecurity plan. A top researcher discusses what companies need to know. Continue Reading
-
News
09 Jul 2019
OneLogin Desktop Pro for Windows reduces password load
By eliminating the need for remote workers to sign into Active Directory to access their network, OneLogin's Desktop Pro for Windows aims to make working remotely easier, according to the vendor. Continue Reading
-
News
09 Jul 2019
British Airways security incident garners record GDPR fine
The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised. Continue Reading
-
Opinion
08 Jul 2019
Who's to blame for ransomware attacks -- beyond the attackers?
Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading
-
News
08 Jul 2019
Ipsidy's Identity Portal uses biometrics for secure access
Identity Portal by Ipsidy uses biometric authorization methods to ensure secure account access, enable users to verify changes, protect customers from fraudulent phone calls, and more. Continue Reading
-
Tip
08 Jul 2019
Office 365 security challenges and how to solve them
To understand the Office 365 threat landscape, take stock of the application features and programs available based on the organization's license level of the subscription. Continue Reading
-
Answer
08 Jul 2019
Attackers turn the tables on incident response strategies
Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies. Continue Reading
-
Tip
08 Jul 2019
Boost application security in DevOps with DevSecOps
Without DevSecOps, application security can end up on the back burner during application development. Learn how DevSecOps can bake security back into the process. Continue Reading
-
News
03 Jul 2019
U.S. Cybercom warns Outlook vulnerability under attack
U.S. Cybercom issued an alert about active exploitation of a 2-year-old Microsoft Outlook flaw, and experts say an Iranian threat group is behind the attacks. Continue Reading
-
News
03 Jul 2019
FTC settles lawsuit over D-Link security claims
D-Link settled a U.S. Federal Trade Commission lawsuit, which alleged the company failed to take basic steps to address security flaws and weaknesses in its products. Continue Reading
-
News
02 Jul 2019
Huawei ban may be loosened, but details unclear
President Donald Trump promised to loosen trade restrictions on Huawei, while respecting national security concerns, but the details of the changes are still unclear. Continue Reading
-
News
02 Jul 2019
Phishing-as-a-service threats abusing cloud services
According to new research, phishing kit providers are increasingly using popular cloud services to host their malicious links in an effort to conceal them from detection. Continue Reading
-
Answer
28 Jun 2019
Do I need to adopt a cybersecurity framework?
A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages. Continue Reading
-
Tip
28 Jun 2019
How to beef up Office 365 email security features
Companies looking to fortify their Office 365 email security can assess options from a variety of third-party vendors. Find out which features are the most important. Continue Reading
-
News
28 Jun 2019
AI-enabled malware is coming, Malwarebytes warns
AI-driven threats may not be here yet, but a new report from Malwarebytes predicts they will be here soon and could potentially change the cybersecurity game for good. Continue Reading
-
Answer
28 Jun 2019
What's the best way to maintain top cybersecurity frameworks?
Keeping top cybersecurity frameworks up to date means understanding how a business evolves and changes. What steps should you take to maintain your security strategy? Continue Reading
-
Answer
28 Jun 2019
What are the core components of a cybersecurity framework?
Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know. Continue Reading
-
Feature
28 Jun 2019
Top 5 incident response interview questions
Job interviews are always nerve-wracking. But you can prepare now by honing your responses to the most likely interview questions for an incident response position. Continue Reading
-
Tip
28 Jun 2019
How to prevent cybersecurity attacks using this 4-part strategy
It can be daunting to defend an enterprise against cyberattacks, but these four defensive moves can help fortify and repel whatever comes your way. Continue Reading
-
Tip
28 Jun 2019
How to retool incident response best practices for the digital age
As companies become more cloud- and mobile-centric, they need to reassess their incident response best practices and automate as much as possible. Continue Reading
-
Feature
28 Jun 2019
Incident response tools: How, when and why to use them
The OODA loop can help organizations throughout the entire incident response process by giving them insight into which tools they need to detect and respond to security events. Continue Reading
-
Tip
28 Jun 2019
Incident response: How to implement a communication plan
Communication is critical to an effective incident response plan. Here are five best practices an organization can use to gather and share information. Continue Reading
-
Tip
28 Jun 2019
Strategies to mitigate cybersecurity incidents need holistic plans
Every organization needs strategies to mitigate cybersecurity incidents, but what areas should the strategies address? Find out what experts suggest to protect the entire organization. Continue Reading
-
Feature
28 Jun 2019
10 types of security incidents and how to handle them
Cyberattacks are more varied than ever. Learn the key symptoms that signal a problem and how to respond to keep systems and data safe. Continue Reading
-
Feature
28 Jun 2019
5 critical steps to creating an effective incident response plan
With cyberthreats and security incidents growing by the day, every organization needs a solid plan for mitigating threats. Here's how to create yours. Continue Reading
-
Feature
28 Jun 2019
Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black
Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents. Continue Reading
-
Feature
28 Jun 2019
How to become an incident responder: Requirements and more
Incident response is a growth field that provides excitement and a good salary. Here's an in-depth look at requirements, salaries and the career path. Continue Reading
-
Feature
28 Jun 2019
How to build an incident response team for your organization
The time to organize and train an IR team is long before a security incident occurs. Learn the practical steps needed to create an effective, cross-functional team. Continue Reading
-
Tip
27 Jun 2019
Where does IMAP security fall short, and how can it be fixed?
Legacy email protocols like IMAP are prime targets for hackers. Fix IMAP security with better configuration, more encryption and multifactor authentication mandates. Continue Reading
-
Feature
27 Jun 2019
Words to go: Identity and access management security
IT pros must keep up to date with rapidly changing identity technology and access threats. Help protect IAM security by getting familiar with this list of foundation terms. Continue Reading
-
Guide
27 Jun 2019
Everything you need to know about multi-cloud security
Make multi-cloud security a reality in your organization with these tips and strategies from industry experts as you implement more cloud platforms. Continue Reading
-
Answer
26 Jun 2019
What is the best way to write a cloud security policy?
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these policy writing best practices. Continue Reading
-
Answer
26 Jun 2019
What are the top cloud security certifications for 2019?
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications available from expert Nick Lewis. Continue Reading
-
News
26 Jun 2019
Stellar Cyber launches Starlight 3.1 for AI threat detection
Stellar Cyber, a security analytics vendor, launched Starlight 3.1 as its first unified security analytics platform, using AI and machine learning to detect and thwart attacks. Continue Reading
-
Feature
26 Jun 2019
Build a proactive cybersecurity approach that delivers
Whether it's zero-trust, adaptive security or just plain common sense, IT leaders must embrace an approach to IT security that's proactive, not reactive. Continue Reading
-
Tip
26 Jun 2019
The CISO's guide to Kubernetes security and deployment
Container orchestration platform Kubernetes provides tools needed to deploy scalable applications with efficiency. Learn what steps CISOs must take to secure a Kubernetes environment. Continue Reading
-
Tip
26 Jun 2019
IPsec vs. SSL VPN: Comparing speed, security risks and technology
IPsec VPNs and SSL VPNs both encrypt network data, but they do it differently. Learn about the differences and how to determine the right solution for your organization. Continue Reading
-
Tip
25 Jun 2019
What identity governance tools can do for your organization
Learn how to evaluate available security tools that manage the governance of your users' identity and access to company systems and data. Continue Reading
-
News
24 Jun 2019
DHS warns of increased Iranian cyberattacks on enterprises
The cyberthreat warning from Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, follows escalating tension between Iran and the U.S. Continue Reading
-
Tip
24 Jun 2019
4 steps to critical infrastructure protection readiness
Government and private industry share responsibility for critical infrastructure and key resources protection. Follow four steps to understand and know who you're gonna call to protect CIKR. Continue Reading
-
Tip
24 Jun 2019
The case for continuous security monitoring
When done correctly, continuous security monitoring provides real-time visibility into an organization's IT environment. Here are the best practices for building a CSM program. Continue Reading
-
Feature
21 Jun 2019
Biometric authentication terms to know
Consumers are on board with biometric authentication, but enterprises aren't so sure. Here's a breakdown of the must-know terms for companies considering biometric authentication. Continue Reading
-
Feature
21 Jun 2019
As cloud complexities increase, cybersecurity skills gap worsens
Concerns about the lack of security expertise persist, according to respondents in a new CSA survey of IT and security professionals on complexities within native cloud, hybrid and multi-cloud environments. Continue Reading
-
News
20 Jun 2019
Gartner: Application security programs coming up short
At the 2019 Gartner Security and Risk Management Summit, experts discussed how enterprise application security efforts are falling short and what can be done about it. Continue Reading
-
Opinion
20 Jun 2019
Despite recent vulnerabilities, you shouldn’t stop using hardware security keys like Yubikey
No solution is perfect, but these hardware security keys remain an awesome option in keeping accounts secure from attackers! Continue Reading
-
News
19 Jun 2019
BlueKeep warnings having little effect on Windows patching
DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet. Continue Reading
-
Tip
19 Jun 2019
What holistic network security tools offer an organization
Tools that provide a holistic approach to monitoring the IT infrastructure come in a variety of configurations and delivery models. Learn what's available. Continue Reading
-
Answer
19 Jun 2019
How can developers avoid a Git repository security risk?
Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks. Continue Reading
-
News
19 Jun 2019
Fortinet launches new WAN and edge security platform
Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges. Continue Reading
-
News
18 Jun 2019
Gartner: Cybersecurity skills shortage requires a new approach
At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved. Continue Reading
-
News
18 Jun 2019
ReliaQuest's cybersecurity platform integrates technologies
ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis. Continue Reading