Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
Tip
17 Nov 2023
An introduction to IoT penetration testing
IoT systems are complex, and that makes checking for vulnerabilities a challenge. Penetration testing is one way to ensure your IoT architecture is safe from cyber attacks. Continue Reading
-
News
16 Nov 2023
CISA, FBI issue alert for ongoing Scattered Spider activity
The government advisory follows several high-profile attacks attributed to Scattered Spider, which uses advanced social engineering techniques like SIM swapping. Continue Reading
-
Tip
20 Sep 2019
Tips and tricks to integrate IT and OT teams securely
IT and operational teams can work in tandem to support IoT projects, but their separate roles and responsibilities to one another must be clearly defined. Continue Reading
-
Tip
20 Sep 2019
What's the role of people in IT/OT security?
To enable a smoother, more secure IT/OT convergence, get wise to the potential conflicts between IT and OT historical priorities and traditional work cultures. Continue Reading
-
Feature
10 Sep 2019
Designing IoT security: Experts warn against cutting corners
Security, though costly, is essential for IoT devices; a single breach can destroy a company's reputation. IoT security by design can avoid devastating incidents. Continue Reading
-
News
06 Sep 2019
Trustwave security platform provides visibility, control
Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored. Continue Reading
-
News
05 Sep 2019
Hackers earn nearly $2M in HackerOne's hacking event
One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub. Continue Reading
-
Tip
04 Sep 2019
IoT security risks persist; here's what to do about them
Nontech manufacturers building IoT devices combined with resource constraints is a recipe for disaster. It's the reality of IoT security issues, and the problem isn't going away. Continue Reading
-
News
04 Sep 2019
USBAnywhere vulnerabilities put Supermicro servers at risk
Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives. Continue Reading
-
Feature
28 Aug 2019
VMware's internal Service-defined Firewall reimagines firewalling
VMware's internal firewall uses a global view of known-good behavior at the network and host level to minimize the attack surface for on-premises and cloud environments. Continue Reading
-
News
28 Aug 2019
Imperva security incident exposes cloud WAF customer data
Imperva told its cloud WAF customers to change passwords and SSL certificates after a security incident exposed data and potentially put customers at risk for further attacks. Continue Reading
-
News
23 Aug 2019
Carbon Black acquisition bolsters VMware's security play
VMware announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion. Continue Reading
-
Opinion
23 Aug 2019
Securing IoT involves developers, manufacturers and end users alike
Who's to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating legislation enforcing security measures? Continue Reading
-
Opinion
14 Aug 2019
IoT botnets reach new threshold in Q2 of 2019
Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them. Continue Reading
-
News
12 Aug 2019
Black Hat 2019 brings out new security, protection offerings
The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch. Continue Reading
-
News
05 Aug 2019
New features added to Juniper Networks security platform
New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network. Continue Reading
-
Infographic
01 Aug 2019
IoT cybersecurity: Do third parties leave you exposed?
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues. Continue Reading
-
News
31 Jul 2019
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
-
News
30 Jul 2019
URGENT/11 VxWorks vulnerabilities affect millions of devices
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system. Continue Reading
-
Tip
29 Jul 2019
SD-WAN security benefits go beyond the obvious
SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
23 Jul 2019
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading
-
News
17 Jul 2019
Claroty extends platform to include IoT device security
Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. Continue Reading
-
News
03 Jul 2019
FTC settles lawsuit over D-Link security claims
D-Link settled a U.S. Federal Trade Commission lawsuit, which alleged the company failed to take basic steps to address security flaws and weaknesses in its products. Continue Reading
-
Tip
26 Jun 2019
IPsec vs. SSL VPN: Comparing speed, security risks and technology
IPsec VPNs and SSL VPNs both encrypt network data, but they do it differently. Learn about the differences and how to determine the right solution for your organization. Continue Reading
-
News
19 Jun 2019
Fortinet launches new WAN and edge security platform
Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges. Continue Reading
-
News
13 Jun 2019
CrowdStrike IPO success puts spotlight on endpoint security
Cybersecurity firm CrowdStrike made its successful Wall Street debut Wednesday. The company closed its trading with a share price of $58. Continue Reading
-
Tip
04 Jun 2019
Zero-trust security model means more than freedom from doubt
A zero-trust security model has a catchy name, but the methodology means more than not trusting any person or device on the network. What you need to know. Continue Reading
-
News
31 May 2019
New Sophos endpoint security software releases
Sophos has released Intercept X for Server with endpoint detection and response to protect users against blended threats and proactively detect stealthy attacks. Continue Reading
-
News
29 May 2019
Tortuga launches Radix-M, new firmware security product
Tortuga Logic has launched a firmware security platform that automatically performs security validation of firmware on SoC designs using an existing platform from Cadence. Continue Reading
-
News
24 May 2019
CrowdStrike, NSS Labs settle legal disputes over product testing
CrowdStrike and NSS Labs have ended their legal dispute with a confidential settlement agreement, which resolves all lawsuits including NSS Labs' antitrust suit against the vendor. Continue Reading
-
Tip
17 May 2019
Endpoint security tools get an essential upgrade
Malware, APTs and other threats are getting smarter, but so are endpoint detection and response products. Learn what the latest versions can do to keep threats away. Continue Reading
-
Feature
13 May 2019
DDoS attacks among top 5G security concerns
DDoS attacks top the list of primary security concerns for mobile operators now that 5G wireless is advancing as the number of connected devices grows. Continue Reading
-
Feature
13 May 2019
Next-generation firewall comparison based on company needs
Compare leading next-generation firewalls to help find the option that best fits your IT environment and security needs. Continue Reading
-
News
02 May 2019
CrowdStrike tackles BIOS attacks with new Falcon features
CrowdStrike added firmware attack detection capabilities to its Falcon platform and also expanded its partnership with Dell to help organizations tackle BIOS threats. Continue Reading
-
Opinion
01 May 2019
Cloud security threats need a two-pronged approach
You'll need to burn the security 'candle' at both ends to keep cloud safe from both nation-state hackers and vulnerabilities caused by human error. Continue Reading
-
Tip
23 Apr 2019
How to build a strong cloud network security strategy
Building a secure network in the cloud is different from securing a traditional network. Learn what the main differences are and how to establish cloud networking security. Continue Reading
-
Feature
23 Apr 2019
10 endpoint security products to protect your business
Check out this product roundup and discover all the features endpoint security protection offers, such as patch management, email protection and reporting. Continue Reading
-
News
22 Apr 2019
IoT device testing made possible with BeStorm X
BeStorm X, a black-box fuzzer by Beyond Security and Ubiquitous AI, tests IoT devices to identify security weaknesses and vulnerabilities before they're exploited. Continue Reading
-
News
12 Apr 2019
WPA3 flaws found in Dragonfly handshake
Researchers discovered vulnerabilities in the WPA3 protocol, specifically in the Dragonfly handshake authentication, allowing for multiple exploits branded Dragonblood. Continue Reading
-
News
11 Apr 2019
Huawei security questioned around the world
Troubles continue for Huawei as new bans and government reports put security into question, but the company is attempting to fight back against the criticism. Continue Reading
-
News
10 Apr 2019
Nokia: 5G network slicing could be a boon for security
According to Nokia's Kevin McNamee, the rise of 5G will mean more danger of IoT botnets, but also more options to secure those devices -- including using network slicing for segmentation. Continue Reading
-
News
09 Apr 2019
NSS Labs CTO Jason Brvenik talks security testing challenges
NSS Labs CTO Jason Brvenik talks about his company's relationship with security vendors following the company's antitrust suit against several endpoint protection vendors last year. Continue Reading
-
News
05 Apr 2019
Radware: DDoS amplification attacks increasing, evolving
As DDoS attacks continue to evolve, planning for DDoS attack prevention and mitigation has become a critical business priority. Radware's Daniel Smith offers advice. Continue Reading
-
Answer
03 Apr 2019
What is a password spraying attack and how does it work?
Password spraying isn't a sophisticated attack, but don't discount the attackers if you detect one. Find out how this brute-force technique works and how to defend against it. Continue Reading
-
News
29 Mar 2019
Fortinet: 5G to present new edge computing security concerns
Although the rollout of 5G connectivity will enable new edge computing opportunities, John Maddison, executive VP at Fortinet, said it will also require new security considerations. Continue Reading
-
News
28 Mar 2019
NSS Labs CTO discusses advanced endpoint protection testing, challenges
NSS Labs released the results of its new endpoint protection group test at RSA Conference 2019. NSS Labs CTO Jason Brvenik talks about the results, testing challenges and more. Continue Reading
-
Tip
27 Mar 2019
How to secure network devices in a hostile world
Find out how to secure network devices by locking down the biggest, riskiest holes to protect them from exploits long before some or all of the network crashes. Continue Reading
-
Tip
26 Mar 2019
Protect your enterprise against shadow IT in the cloud
More technologies than ever are available to people now that the cloud is so pervasive, and, as a result, shadow IT has become a problem. Expert Michael Cobb explains what to do. Continue Reading
-
Answer
21 Mar 2019
How can I detect fileless malware attacks?
Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading
-
Tip
21 Mar 2019
8 ways to protect building management systems
Security threats to building management systems can come from numerous sources. Expert Ernie Hayden outlines these potential threats and how to protect against them. Continue Reading
-
Tip
20 Mar 2019
How does BGP hijacking work and what are the risks?
The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it. Continue Reading
-
Answer
18 Mar 2019
How do I stop the screaming channel wireless threat?
A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks? Continue Reading
-
Feature
18 Mar 2019
Find the right tool using this antimalware software comparison
Compare endpoint antimalware software products for organizations based on features, level of protection and vendor offerings. Continue Reading
-
Answer
14 Mar 2019
Why do DDoS attack patterns rise in the autumn?
DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks? Continue Reading
-
News
08 Mar 2019
VMware firewall strategy to focus on 'known good' behavior
VMware is taking a different approach to firewalls by focusing on 'known good' behavior to better police east-west traffic within enterprise environments. Continue Reading
-
Answer
08 Mar 2019
Should I worry about the Constrained Application Protocol?
The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack. Continue Reading
-
News
07 Mar 2019
Microsoft promotes zero-trust security over firewalls
Microsoft told RSA Conference attendees a zero-trust model is better than firewalls for protecting corporate data -- a stance that some said doesn't go far enough. Continue Reading
-
News
07 Mar 2019
FBI: How we stopped the Mirai botnet attacks
FBI Special Agent Elliott Peterson gave RSA attendees a behind-the-scenes look at the investigation into the Mirai botnet following the devastating DDoS attacks in 2016. Continue Reading
-
News
06 Mar 2019
Cisco: Network security strategy requires IT, OT to play nice
Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment. Continue Reading
-
News
26 Feb 2019
Android brings FIDO2 certification to 1 billion devices
The FIDO Alliance announced Android has received FIDO2 certification, which will bring the ability to sign into websites and apps with biometrics, rather than passwords. Continue Reading
-
Tip
18 Feb 2019
How to deploy deep packet inspection in the cloud
Despite privacy concerns about deep packet inspection, it can help improve cloud network security for enterprises. Expert Frank Siemons explains how to avoid potential pitfalls. Continue Reading
-
Answer
18 Feb 2019
How do I stop the Vidar malvertising attack?
The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises protect themselves? Continue Reading
-
News
12 Feb 2019
Senators want potential VPN threat investigated by DHS
Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries. Continue Reading
-
News
31 Jan 2019
Dell unveils endpoint security portfolio with CrowdStrike, Secureworks
Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape. Continue Reading
-
Tip
29 Jan 2019
How a Windows antimalware tool helps endpoint security
The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it. Continue Reading
-
Answer
28 Jan 2019
Will DNS Flag Day affect you? Infoblox's Cricket Liu explains
What is DNS Flag Day? That's when old and broken DNS servers will stop working, improving DNS performance and safety for all. Infoblox's chief DNS architect Cricket Liu explains. Continue Reading
-
News
25 Jan 2019
SafeRide tackles connected vehicle security with machine learning
SafeRide's vXRay technology aims to improve security for connected vehicles with unsupervised machine learning. Can it keep hackers out of the driver's seat? Continue Reading
-
Answer
18 Jan 2019
Java deserialization attacks: What are they and how do they work?
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented. Continue Reading
-
Answer
17 Jan 2019
Ping of death: What is it and how is Apple affected?
An Apple vulnerability recently resurfaced and is targeting Apple devices that are connected to public hotspots. Discover what this vulnerability is and how to protect your devices. Continue Reading
-
Answer
16 Jan 2019
Network shaping: How does it enable BGP attacks to divert data?
The use of BGPsec protocols was found after looking into threat actors in China that controlled U.S. internet traffic. Discover how this technique works and how it can be mitigated. Continue Reading
-
News
31 Dec 2018
Why dating app security flaws should concern enterprises
Vulnerable dating apps on BYODs pose risks to more than just individual users. Find out what security flaws are common in these apps and what they mean for enterprises. Continue Reading
-
Tip
19 Dec 2018
The benefits of using a cloud honeypot for threat intelligence
A cloud honeypot can help enterprises gather threat intelligence. Expert Frank Siemons explains why a cloud-based honeypot deployment is preferable to a traditional one. Continue Reading
-
News
18 Dec 2018
Huawei bans set to continue, despite lack of supporting evidence
While the number of countries with Huawei bans in place grows and more issue warnings, a German investigation found no evidence of spying to support the fear. Continue Reading
-
Tip
13 Dec 2018
How a flaw in Apple DEP misuses an MDM server
Hackers are able to enroll their devices in an organization's MDM server via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks. Continue Reading
-
Answer
11 Dec 2018
FragmentSmack: How is this denial-of-service exploited?
FragmentSmack, a DDoS vulnerability first discovered in Linux, affects Windows as well as nearly 90 Cisco products. Discover how it can be exploited with Judith Myerson. Continue Reading
-
Infographic
03 Dec 2018
Still no answers to endpoint security protection, survey finds
The frequency of endpoint attacks is on the rise, with 76% of IT security professionals reporting that their organization was compromised by new or zero-day (unknown) exploits. Continue Reading
-
Tip
21 Nov 2018
How to configure a vTAP for cloud networks
A vTAP can give enterprises better visibility into their cloud networks. Expert Frank Siemons of InfoSec Institute explains how virtual network TAPs work and the available options. Continue Reading
-
Answer
19 Nov 2018
How does a Bluetooth vulnerability enable validation attacks?
Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting firmware and operating system software drivers. Learn how it works and can be mitigated. Continue Reading
-
Blog Post
12 Nov 2018
Android Ecosystem Security Transparency Report is a wary first step
Reading through Google's first quarterly Android Ecosystem Security Transparency Report feels like a mix of missed opportunities and déjà vu all over again. Much of what is in the new Android ... Continue Reading
-
News
09 Nov 2018
New spam botnet infects over 100,000 home routers
News roundup: A new spam botnet infected over 100,000 home routers through a UPnP vulnerability, according to researchers. Plus, HSBC Bank reported a data breach, and more. Continue Reading
-
News
02 Nov 2018
Bleedingbit vulnerabilities put Wi-Fi access points at risk
Armis researchers discovered two chip-level Bluetooth vulnerabilities -- dubbed Bleedingbit -- that could allow pseudo-remote code execution on wireless access points. Continue Reading
-
Feature
02 Nov 2018
Mobile security trends: app containers, app wrapping for BYOD
Threats evolve, and so should mobile security strategies. Mike Chapple explains how an app containers and app wrapping can protect enterprise devices and corporate assets. Continue Reading
-
Tip
25 Oct 2018
How to protect enterprise ICS networks with firewalls
ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected. Continue Reading
-
Answer
18 Oct 2018
How does the resurgent VPNFilter botnet target victims?
After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick Lewis. Continue Reading
-
News
11 Oct 2018
Patched MikroTik router vulnerability worse than initially thought
Tenable Research finds new exploits of an already patched MikroTik router vulnerability that could enable hackers to launch remote code execution attacks. Continue Reading
-
Tip
04 Oct 2018
How Shodan helps identify ICS cybersecurity vulnerabilities
Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security. Continue Reading
-
Answer
26 Sep 2018
Android Trojan: How is data being stolen from messaging apps?
Trustlook Labs discovered an Android Trojan stealing data from messaging apps. Learn what mobile security pros should look for to detect this malware with expert Nick Lewis. Continue Reading
-
News
24 Sep 2018
AI and machine learning expected to solve security problems
A global Ponemon survey of security professionals found that many believe artificial intelligence and machine learning technology will improve enterprise and IoT security. Continue Reading
-
Answer
19 Sep 2018
WPA3 protocol: Should enterprises implement the changes?
The Wi-Fi Alliance released the updated WPA3 protocol, adding security enhancements to the Wi-Fi access process. Learn why enterprises should update with Judith Myerson. Continue Reading
-
Answer
18 Sep 2018
What is VPNFilter malware and how can users protect themselves?
A new threat named VPNFilter was discovered by cybersecurity researchers after home and office routers were compromised. Learn how this malware works with Judith Myerson. Continue Reading
-
News
17 Sep 2018
New Mirai variant attacks Apache Struts vulnerability
New variants of the Gafgyt and Mirai botnets are targeting unpatched enterprise devices, which indicates a greater shift away from consumer devices, according to researchers. Continue Reading
-
Answer
17 Sep 2018
How can attackers exploit a buffer underflow vulnerability?
A buffer underflow was found to be caused by a vulnerability in strongSwan's open source VPN. Learn how this is possible and how attackers can exploit it with Judith Myerson. Continue Reading
-
Answer
10 Sep 2018
How does the Android Rowhammer exploit affect users?
Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices. Continue Reading
-
Tip
30 Aug 2018
How hard-coded credentials threaten ICS security
Hard-coded credentials open industrial control systems up to unauthorized access by malicious actors and threaten ICS security. Expert Ernie Hayden explains the threat and what enterprises can do about it. Continue Reading
-
Tip
23 Aug 2018
Network reconnaissance: How to use SI6 Networks' IPv6 toolkit
SI6 Networks' IPv6 toolkit can do network reconnaissance using search engines and the Certificate Transparency framework. Learn how to use IPv6 toolkits from expert Fernando Gont. Continue Reading
-
Answer
22 Aug 2018
My Cloud EX2: How can this device expose unauthorized data?
SpiderLabs discovered My Cloud EX2 backup devices exposing unauthorized HTTP requests. Join Judith Myerson as she explains how this happens, as well as the impact on DLNA devices. Continue Reading
-
Answer
20 Aug 2018
How does an IMSI catcher exploit SS7 vulnerabilities?
A warning was issued by the Department of Homeland Security regarding the exploitation of SS7 vulnerabilities by IMSI catchers. Learn how this puts mobile communication at risk. Continue Reading
-
Answer
16 Aug 2018
What is missing from the NIST/DHS botnet security report?
The joint DHS and NIST report on botnet security offers goals and action items to counter distributed cyberthreats. Learn the report recommendations with expert Nick Lewis. Continue Reading
-
Tip
07 Aug 2018
What to do when IPv4 and IPv6 policies disagree
Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules. Continue Reading
-
Tip
25 Jul 2018
Anonymity tools: Why the cloud might be the best option
The cloud might be the best of the available anonymity tools. Expert Frank Siemons explains the other options for anonymity for security and why the cloud is the best for privacy. Continue Reading
-
News
19 Jul 2018
NSS Labs ranks next-gen firewalls, with some surprises
Researchers used individual test reports and comparison data to determine the value of investments in next-generation firewall technology. Continue Reading