Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Feature 30 May 2023
Vendors: Threat actor taxonomies are confusing but essential

Despite concern about the proliferation of naming taxonomies used to identify threat groups, vendors say they are crucial their understanding and visibility into threat activity. Continue Reading
Tip 25 May 2023
How to conduct a smart contract audit and why it's needed

Smart contracts ensure the integrity of transactions, such as those that initiate key services. A smart contract audit is one way to ensure the programs work as designed. Continue Reading

Opinion 16 May 2023

Closing the book on RSA Conference 2023

AI, cloud security, SOC modernization and security hygiene and posture management were all hot topics at RSAC in San Francisco this year. Continue Reading
Tip 16 May 2023

How to build a better vulnerability management program

With a vulnerability management program in place, your organization is better equipped to identify and mitigate security vulnerabilities in people, processes and technologies. Continue Reading
Tip 12 May 2023

Incident response: How to implement a communication plan

Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading
News 10 May 2023

CISOs face mounting pressures, expectations post-pandemic

Proofpoint's 2023 Voice of the CISO report shows deep concern among executives about impending data loss and exposure from negligent -- and malicious -- employees. Continue Reading
Tip 10 May 2023

5 SBOM tools to start securing the software supply chain

Organizations can use these SBOM tools to help secure their software supply chain by understanding the components of their deployed software and applications. Continue Reading
Feature 10 May 2023

The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Feature 03 May 2023

Studies show ransomware has already caused patient deaths

No patient deaths have been definitively attributed to cyber attacks on hospitals, but some infosec experts say that statistical evidence shows a different, grim reality. Continue Reading
Tip 01 May 2023

Stay ahead of threats with DevOps security best practices

Unsure where to start when it comes to securing your DevOps environment? Taking these five actions can strengthen your organization's defenses against cyber attacks. Continue Reading
News 28 Apr 2023

ChatGPT uses for cybersecurity continue to ramp up

The use of OpenAI's technology in cybersecurity products is growing as companies look to improve threat detection and assist short-staffed and fatigued security teams. Continue Reading
News 25 Apr 2023

RSAC speaker offers ransomware victims unconventional advice

Triton Tech Consulting CEO Brandon Clark advised organizations to set aside the stigma of 'negotiating with terrorists' when deciding whether to pay a ransomware gang. Continue Reading
News 25 Apr 2023

DOJ's Monaco addresses 'misperception' of Joe Sullivan case

In her RSA Conference keynote, Deputy Attorney General Lisa Monaco was asked if the prosecution of former Uber CSO Joe Sullivan damaged trust with the private sector. Continue Reading
News 24 Apr 2023

IBM launches AI-powered security offering QRadar Suite

IBM aims to use QRadar Suite's AI features, which it calls the 'unified analyst experience,' to enable security analysts to focus on higher-priority work. Continue Reading
Conference Coverage 24 Apr 2023

RSA Conference 2023 highlights strength through alliances

Follow this RSA 2023 guide from TechTarget Editorial to get pre-conference coverage and stay on top of breaking news and analysis from the infosec world's biggest annual event. Continue Reading
News 20 Apr 2023

DC Health Link breach caused by misconfigured server

Mila Kofman, executive director of the District of Columbia Health Benefit Exchange Authority, blames "human error" for the DC Health Link breach. Continue Reading
Tip 19 Apr 2023

How to prepare for a cybersecurity audit

Organizations should conduct regular cybersecurity audits to determine if their networks and other assets are properly protected, as well as if they meet compliance mandates. Continue Reading
Tip 19 Apr 2023

Generative AI in SecOps and how to prepare

Generative AI assistants could be game changers in the SOC -- but not if SecOps teams haven't prepared for them. Here's how to get ready. Continue Reading
Feature 18 Apr 2023

How to use the Apple Rapid Security Response updates

Typical Apple OS updates are large and infrequent, but the Rapid Security Response feature helps admins keep Apple devices patched without performing full OS updates. Continue Reading
Guest Post 18 Apr 2023

Standardized data collection methods can help fight cybercrime

Implementing standards similar to NERC CIP for the entire cybersecurity industry could make it easier for law enforcement to investigate and prosecute cyber attackers. Continue Reading
Tip 18 Apr 2023

Top 7 enterprise cybersecurity challenges in 2023

Security teams faced unprecedented challenges in 2022. The year ahead appears no less daunting. Here are the cybersecurity trends and safeguards to take into account in 2023. Continue Reading
Tip 17 Apr 2023

How to build a cybersecurity deception program

In 'The Art of War,' Sun Tzu declared, 'All warfare is based on deception.' Learn how to apply this principle in the enterprise by building a cybersecurity deception program. Continue Reading
Tutorial 13 Apr 2023

How to use the John the Ripper password cracker

Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
Tip 13 Apr 2023

Key Apple-native macOS security features for administrators

There are lots of universal security controls that can apply to any type of desktops, but IT teams need to look at the specific features native to desktops such as macOS. Continue Reading
Tutorial 12 Apr 2023

How to create fine-grained password policy in AD

Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements. Continue Reading
Tutorial 12 Apr 2023

How to enable Active Directory fine-grained password policies

Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help. Continue Reading
Opinion 11 Apr 2023

10 hot topics to look for at RSA Conference 2023

RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading
Answer 07 Apr 2023

Defining policy vs. standard vs. procedure vs. control

Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control. Continue Reading
Feature 05 Apr 2023

ICS kill chain: Adapting the cyber kill chain to ICS environments

As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
Feature 05 Apr 2023

An intro to the IDMZ, the demilitarized zone for ICSes

Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
Feature 05 Apr 2023

Reinforce industrial control system security with ICS monitoring

Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
Feature 03 Apr 2023

Why medical device vulnerabilities are hard to prioritize

Vulnerabilities in critical medical devices could lead to loss of life. But opinions are mixed on how serious the risk is to patient safety and how best to address the flaws. Continue Reading
Tip 29 Mar 2023

Vulnerability management vs. risk management, compared

Vulnerability management seeks out security weaknesses in an organization, while risk management involves looking holistically at how the company is running. Continue Reading
Tip 21 Mar 2023

4 ChatGPT cybersecurity benefits for the enterprise

As OpenAI technology matures, ChatGPT could help close cybersecurity's talent gap and alleviate its rampant burnout problem. Learn about these and other potential benefits. Continue Reading
News 20 Mar 2023

FBI arrests suspected BreachForums owner in New York

The BreachForums arrest occurred days after DC Health Link's data went up for sale on the dark web message board, though the affidavit did not cite the breach in the arrest. Continue Reading
Guest Post 15 Mar 2023

6 principles for building engaged security governance

Security governance isn't enough. Enter engaged security governance -- an ongoing process that aligns business strategy with security across an organization. Continue Reading
News 15 Mar 2023

Dell launches new security offerings for data protection, MDR

Dell's new and expansive services focus on top security challenges enterprises face, such as data protection, ransomware recovery and supply chain threats. Continue Reading
Feature 15 Mar 2023

Top 30 incident response interview questions

Job interviews are nerve-wracking, but preparation can help minimize jitters and position you to land the role. Get started with these incident response interview questions. Continue Reading
Tip 13 Mar 2023

Is cybersecurity recession-proof?

No field is totally immune to economic downturns, but flexible, practical and prepared cybersecurity professionals should be able to weather any upcoming storms. Continue Reading
News 09 Mar 2023

VulnCheck: CISA's KEV missing 42 vulnerabilities from 2022

VulnCheck said CISA's Known Exploited Vulnerabilities catalog 'cannot be treated as the authoritative catalog of exploited vulnerabilities' in its current state. Continue Reading
News 08 Mar 2023

White House cybersecurity plan collides with SecOps reality

The White House Cybersecurity Strategy sets lofty goals. But recent market research suggests a significant number of enterprises don't follow existing SecOps best practices. Continue Reading
Opinion 07 Mar 2023

Research examines security operations proficiency issues

Instead of looking at where security operations teams excel, Enterprise Strategy Group asked security pros where teams are least proficient. Learn where and how to fix it. Continue Reading
Tip 03 Mar 2023

13 incident response best practices for your organization

An incident response program ensures security events are addressed quickly and effectively as soon as they occur. These best practices can help get your organization on track fast. Continue Reading
News 02 Mar 2023

New National Cybersecurity Strategy takes aim at ransomware

The Biden-Harris administration's 39-page National Cybersecurity Strategy covers multiple areas, including disrupting ransomware operations and addressing vulnerable software. Continue Reading
Feature 28 Feb 2023

Top benefits of SOAR tools, plus potential pitfalls to consider

To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success. Continue Reading
Tip 27 Feb 2023

Building an incident response framework for your enterprise

Understanding incident response framework standards and how to build the best framework for your organization is essential to prevent threats and mitigate cyber incidents. Continue Reading
Tip 27 Feb 2023

Top 6 SOAR use cases to implement in enterprise SOCs

Automating basic SOC workflows with SOAR can improve an organization's security posture. Explore six SOAR use cases to streamline SOC processes and augment human analysts. Continue Reading
Feature 27 Feb 2023

How to create a CSIRT: 10 best practices

The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team. Continue Reading
Tip 24 Feb 2023

Cloud incident response: Frameworks and best practices

Cloud incident response, like it sounds, involves responding to incidents in the cloud. But there are nuances to be aware of and unique best practices to follow. Continue Reading
Feature 24 Feb 2023

Top incident response service providers, vendors and software

Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
Feature 23 Feb 2023

Inside the PEIR purple teaming model

Want to try purple team exercises but aren't sure how to do so? Try the 'Prepare, Execute, Identify and Remediate' purple teaming model. Continue Reading
Feature 23 Feb 2023

Understanding purple teaming benefits and challenges

Blue teams and red teams are coming together to form purple teams to improve their organization's security posture. What does this mean for the rivals? And how does it work? Continue Reading
Tip 22 Feb 2023

How to conduct incident response tabletop exercises

Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event. Continue Reading
Tip 16 Feb 2023

Web 3.0 security risks: What you need to know

Elements of the third version of the web are coming to fruition. But Web 3.0 also comes with new cybersecurity, financial and privacy threats besides the familiar risks of Web 2.0. Continue Reading
Tip 15 Feb 2023

Incident response automation: What it is and how it works

Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder. Continue Reading
Tip 07 Feb 2023

CERT vs. CSIRT vs. SOC: What's the difference?

What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading
Feature 07 Feb 2023

Top 10 types of information security threats for IT teams

Common security threats range from insider threats to advanced persistent threats, and they can bring an organization to its knees unless its in-house security team is aware of them and ready to respond. Continue Reading
Feature 07 Feb 2023

10 types of security incidents and how to handle them

Cyberattacks are more varied than ever. Learn the key symptoms that signal a problem and how to respond to keep systems and data safe. Continue Reading
Tip 06 Feb 2023

What to keep in mind when securing virtual environments

Virtual environments can contain numerous vulnerabilities for attackers to exploit -- with potentially devastating results. Use these tips to select security tools and strategies. Continue Reading
Feature 06 Feb 2023

How to fix the top 5 cybersecurity vulnerabilities

Check out how to fix the top five cybersecurity vulnerabilities to prevent data loss whether the problem is poor endpoint security, ineffective network monitoring or other issues. Continue Reading
Feature 03 Feb 2023

How to build an incident response plan, with examples, template

With cyber threats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
Tutorial 01 Feb 2023

How to use BeEF, the Browser Exploitation Framework

The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks. Continue Reading
Tip 31 Jan 2023

What cybersecurity consolidation means for enterprises

Experts predict cybersecurity consolidation will increase in the months and years ahead. Security leaders should consider what that means for their purchasing strategies. Continue Reading
News 25 Jan 2023

OpenSSF GM talks funding, legal software supply chain issues

The OpenSSF leader lays out plans fund open source software supply chain security in a slowing economy and to speak out against the EU's Cyber Resilience Act. Continue Reading
Tip 25 Jan 2023

How cyber deception technology strengthens enterprise security

They say the best defense is a good offense. Cyber deception puts that philosophy into practice in the enterprise, using a combination of technology and social engineering. Continue Reading
Tip 23 Jan 2023

4 tips to find cyber insurance coverage in 2023

The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2023 and how to get the most from your organization's coverage this year. Continue Reading
News 17 Jan 2023

CircleCI incident adds to SecOps toil

SaaS CI/CD vendor CircleCI urged customers to rotate all secrets data, the latest of several security breaches weighing on SecOps pros charged with responding. Continue Reading
News 16 Jan 2023

Judge dismisses Chris Hadnagy lawsuit against DEF CON

DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
Tip 11 Jan 2023

Enterprise cybersecurity hygiene checklist for 2023

Enterprise cybersecurity hygiene must be a shared responsibility between employees and employers. Follow these steps to get the job done by both. Continue Reading
Podcast 10 Jan 2023

Risk & Repeat: Analyzing the Rackspace ransomware attack

This Risk & Repeat podcast episode discusses new details of the Rackspace ransomware attack, as well as the questions remaining following the company's final status update. Continue Reading
Feature 05 Jan 2023

How to configure Windows privacy settings with Intune

To personalize UX, Windows devices aren't shy about collecting user data. This isn't ideal for enterprise security. Discover how to lock down privacy settings with Intune. Continue Reading
Podcast 21 Dec 2022

Risk & Repeat: OT security progress, threats in 2022

This Risk & Repeat podcast episode discusses the current state of OT security, including the convergence with IT environments and an ever-evolving threat landscape. Continue Reading
News 19 Dec 2022

The state of OT security: a rapidly evolving landscape

Security experts weigh in on how the OT security landscape has evolved over the last decade, and where it could be going next as threats continue to mount. Continue Reading
Feature 19 Dec 2022

11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
News 02 Dec 2022

Experts argue 'sludge' could muck up cyber attacks

Network defenders can supplement their security postures with additional settings and policies that frustrate and discourage attackers, according to a new research paper. Continue Reading
Opinion 02 Dec 2022

XDR definitions don't matter, outcomes do

Despite remaining confusion about what XDR is, security teams need to improve threat detection and response. ESG research revealed plans for increased XDR spending in 2023. Continue Reading
News 01 Dec 2022

Mozilla, Microsoft drop Trustcor as root certificate authority

Mozilla and Microsoft removed support for TrustCor certificates after a Washington Post report revealed the company's ties to government contractors specializing in spyware. Continue Reading
Tip 18 Nov 2022

Top metaverse cybersecurity challenges: How to address them

As the metaverse takes shape, companies must consider a slew of new cybersecurity challenges and how to deal with them. Continue Reading
News 14 Nov 2022

Moreno Valley school system shores up ransomware defenses

Moreno Valley Unified School District officials discuss the steps they've taken to better protect sensitive data and critical applications against the growing threat of ransomware. Continue Reading
News 10 Nov 2022

DOJ charges accused Lockbit ransomware actor

The U.S. Department of Justice filed criminal charges against a Canadian man with dual Russian citizenship who is accused of being part of the LockBit ransomware crew. Continue Reading
Feature 08 Nov 2022

How to build a shadow IT policy to reduce risks, with template

With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
News 07 Nov 2022

Nozomi Networks CEO talks OT security and 'budget muscle'

Nozomi Networks CEO Edgard Capdevielle sat down with TechTarget Editorial to discuss the evolution of OT security and the challenge of 'budget muscle' many organizations face. Continue Reading
News 04 Nov 2022

Honeywell weighs in on OT cybersecurity challenges, evolution

TechTarget Editorial sat down with Honeywell's Paul Griswold and Jeff Zindel to discuss the rapid growth and evolution of the operational technology cybersecurity industry. Continue Reading
Tip 01 Nov 2022

Ideal CISO reporting structure is to high-level business leaders

CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
Opinion 31 Oct 2022

Security hygiene and posture management requires new tools

Using multiple tools to address security hygiene and posture management at scale is costly and difficult. A new converged security technology category may be the answer. Continue Reading
Podcast 28 Oct 2022

Risk & Repeat: Microsoft, SOCRadar spar over data leak

This podcast episode discusses threat intelligence vendor SOCRadar's disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed. Continue Reading
Feature 28 Oct 2022

8 cybersecurity books to read in 2023

Brush up on your cybersecurity skills by picking up one of these titles. Continue Reading
Guest Post 28 Oct 2022

It's time to rethink security certification for OT devices

Security certifications don't protect OT devices from vulnerable processes and insecure-by-design practices. It's time to update security certs for the connected OT age. Continue Reading
Feature 28 Oct 2022

Enterprise ransomware preparedness improving but still lacking

An Enterprise Strategy Group survey found enterprises are making strides in ransomware preparedness, but work remains to prevent and mitigate attacks. Continue Reading
News 26 Oct 2022

Researchers criticize HackerOne over triage, mediation woes

HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers. Continue Reading
Tip 24 Oct 2022

6 ways to prevent privilege escalation attacks

Privileges dictate the access a user or device gets on a network. Hackers who access these privileges can create tremendous damage. But there are ways to keep your networks safe. Continue Reading
Tip 21 Oct 2022

The top 5 ethical hacker tools to learn

Ethical hackers have a wealth of tools at their disposal that search for vulnerabilities in systems. Learn about five such tools that should be part of any hacker's tool set. Continue Reading
Tip 19 Oct 2022

How to manage and reduce secret sprawl

Secret sprawl plagues companies, making them vulnerable to data breaches. Discover what causes secret sprawl and how to better protect secrets. Continue Reading
Tip 18 Oct 2022

Compare vulnerability assessment vs. vulnerability management

Vulnerability assessments and vulnerability management are different but similar-sounding security terms. Discover their similarities and differences. Continue Reading
Podcast 14 Oct 2022

Risk & Repeat: Breaking down the Joe Sullivan conviction

This podcast episode discusses conviction of former Uber CSO Joe Sullivan, who was found guilty last week of covering up the company's 2016 data breach. Continue Reading
Tip 13 Oct 2022

How to avoid common GPO backup and restore problems

Group Policy Objects help admins maintain control of the enterprise environment, but it takes some planning to understand how to properly protect and recover GPOs to avoid trouble. Continue Reading
Feature 13 Oct 2022

Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
Feature 13 Oct 2022

How to configure and customize Kali Linux

Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
Feature 12 Oct 2022

7 steps for implementing zero trust, with real-life examples

More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
Tip 11 Oct 2022

How to conduct a cybersecurity audit based on zero trust

This checklist offers guidance on how to prepare for a zero-trust cybersecurity audit and helps document how well cybersecurity controls are performing based on CISA's ZTMM. Continue Reading
Feature 05 Oct 2022

Top zero-trust certifications and training courses

Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
News 04 Oct 2022

Tenable shifts focus, launches exposure management platform

The company said it's expanding beyond vulnerability management to address the growing attack surface and the challenges customers face to address it. Continue Reading

1
2
3
4
5
6
7
8
9

Networking

How to interact with network APIs using cURL, Postman tools
Network engineers can use cURL and Postman tools to work with network APIs. Use cases include getting interface information and ...
An overview of 802.1X authentication methods and EAP
Enterprises use 802.1X authentication to manage their wireless LANs, and that process relies on the Extensible Authentication ...
MLB simplifies operations with network automation platform
Network automation enables Major League Baseball to monitor its networks across dozens of stadiums and locations, automate ...

CIO

What are the 4 different types of blockchain technology?
Public, private, hybrid or consortium, each blockchain network has distinct pluses and minuses that largely drive its ideal uses ...
White House seeks public comment on national AI strategy
The White House wants to know about AI risks and benefits, as well as specific measures such as regulation that might help ...
Meta fine highlights EU, US data sharing challenges
Until the new EU-U.S. Data Privacy Framework is established, Meta's $1.2 billion euro fine should serve as a warning to U.S. ...

Enterprise Desktop

What does the new Microsoft Intune Suite include?
With all the recent name changes with Microsoft's endpoint management products and add-ons, IT teams need to know what Intune ...
Does macOS need third-party antivirus in the enterprise?
Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into ...
Are devices that run only Microsoft Teams in our future?
Microsoft Teams has consistently grown and added new functionality, so what's next for this feature-rich platform? Maybe a ...

Cloud Computing

Cloud experts weigh in on the state of FinOps
Surprised by your cloud bill? Experts weigh in on the rising popularity of FinOps, the art of building a FinOps strategy and the ...
Dell Apex updates support enterprise 'cloud to ground' moves
Dell's latest Apex updates puts the company in a position to capitalize on the hybrid, multi-cloud and edge computing needs of ...
Prepare for the Azure Security Engineer Associate certification
Are you ready to boost your resume or further your cloud career path? Review this preparation guide to get ready for Exam AZ-500 ...

ComputerWeekly.com

How India’s DICV is tapping smart manufacturing
Daimler India Commercial Vehicles has deployed augmented and virtual reality, advanced sensors, data analytics and other ...
HSBC explores quantum computing for finance sector
UK banking giant works with quantum computing specialist to explore the technology’s potential in the finance sector
DE-CIX switches on Internet Exchange in Finland
Comms tech provider celebrates 10 years of partnership with Internet Exchange operator and home to leading carrier and datacentre...

Close