Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
News
14 Jul 2026
Cribl buys CardinalOps for detection engineering, edges into SecOps
Erstwhile Splunk nemesis adds a "SIEM-like" experience, with IP and engineering from CardinalOps folded into its "Bring Your Own Agent" pitch to IT buyers. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
14 Jul 2026
Building cyber-resilient AI in the enterprise
AI attacks and breaches hit differently than traditional attacks, and therefore require more than traditional controls. The best defense requires planning for cyber-resilience. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Feature
01 Aug 2013
Third-party risk management: Horror stories? You are not alone
The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements. Continue Reading
By- MacDonnell Ulsch, Contributor
-
Feature
28 Jan 2013
The Huawei security risk: Factors to consider before buying Chinese IT
Cover story: The U.S. government says Chinese IT giants Huawei and ZTE pose too much risk. But do they? Joel Snyder offers his take. Continue Reading
By- Joel Snyder, Opus One
-
Tip
25 Sep 2012
Security incident management in the cloud: Tackling the challenges
Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Definition
21 Mar 2011
Common Weakness Enumeration (CWE)
Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued) Continue Reading
-
Tip
02 Feb 2011
Digital forensic challenges in a cloud computing environment
Cloud computing creates difficulties for digital forensic investigators. Continue Reading
-
Answer
03 Feb 2010
Security report template: How to write an executive report
Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear. Continue Reading
By- Ernie Hayden, 443 Consulting LLC
-
Answer
03 Feb 2009
What are the ethical issues when consulting for two competing companies?
Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for handling consulting ethically. Continue Reading
By- David Mortman, Dell
-
Definition
30 Sep 2008
Class C2
Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) tests. Continue Reading
-
Answer
06 Aug 2008
What vendors would you recommend for software write-blockers?
In a forensics investigation, a software write-blocker can be very helpful. But which vendors offer the best blockers? Security management expert Mike Rothman explains what to look for. Continue Reading
By- Mike Rothman, Securosis
- Feature 03 Jul 2008
- Feature 03 Jul 2008
-
Definition
09 May 2008
anti-money laundering software (AML)
Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued) Continue Reading
-
Tip
17 Jan 2008
Your physical security budget: Who pays and how much?
In many organizations, the cost of data center security is a shared expense -- or at least it should be. How much then should you be spending on security and how much of that should be picked up by other business units? Continue Reading
By -
Tip
03 May 2007
Digital forensics tool Helix 'does no harm'
Forensics isn't just for the scientists. This month, contributor Scott Sidel recommends Helix, a digital forensics tool that can do some important detective work on your system. Continue Reading
By- Scott Sidel
-
Tip
25 Oct 2006
Steps in the information security program life cycle
This article from our series on information security governance describes the essential steps to take when developing a security program life cycle. Continue Reading
By- Shon Harris , Logical Security