Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Conference Coverage 16 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 01 May 2025
RSAC 2025: The time for crypto-agility adoption is now

An RSAC 2025 speaker explained why companies should begin their quantum-safe journey now and how crypto-agility adoption helps prepare for post-quantum cryptography. Continue Reading
By
- Kyle Johnson, Technology Editor

Podcast 30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report

The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By
- Rob Wright, Senior News Director
Podcast 26 Sep 2024
The double-edged swords of cloud security and AI

DevSecOps expert Kyler Middleton examines the ways modern technologies such as cloud computing and AI both enable and complicate the future of SecOps. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tutorial 24 Sep 2024
How to use tcpreplay to replay network packet files

The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 23 Sep 2024
How to prepare a system security plan, with template

To help keep your systems and applications secure, a system security plan is essential. Learn how to create a plan and keep it up to date. Continue Reading
By
- Paul Kirvan
News 23 Sep 2024
Microsoft issues first Secure Future Initiative report

In the first progress report since the launch of its Secure Future Initiative, Microsoft said it's made key improvements to identity and supply chain security. Continue Reading
By
- Arielle Waldman, News Writer
Feature 20 Sep 2024
How to prepare for post-quantum computing security

One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations. Continue Reading
By
- Kyle Johnson, Technology Editor
Podcast 19 Sep 2024
SecOps' new frontier in the remote work era: HR

A CISO shares the story of how his SOC staff caught and contained a North Korean agent posing as a software engineer, saying he hopes to raise awareness of a growing threat. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 16 Sep 2024
Explaining cybersecurity tabletop vs. live-fire exercises

Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ. Continue Reading
By
- Rob Shapland
Tip 16 Sep 2024
Microsoft Copilot for Security: 5 use cases

Copilot for Security can assist security pros -- from managers and CISOs to incident responders and SOC members -- in maintaining security posture and addressing security gaps. Continue Reading
By
- Matthew Smith, Seemless Transition LLC
Tip 10 Sep 2024
8 key aspects of a mobile device security audit program

Auditing is a crucial part of mobile device security, but IT admins must ensure their approach is thorough and consistent. Learn what aspects make up a mobile device audit program. Continue Reading
By
- Michael Goad, CDW
Tip 09 Sep 2024
How to create an AI acceptable use policy, plus template

With great power comes -- in the case of generative AI -- great security and compliance risks. Learn how an AI acceptable use policy can help ensure safe use of the technology. Continue Reading
By
- Jerald Murphy, Nemertes Research
Podcast 09 Sep 2024
An expert's big-picture view of the state of SecOps

In this first episode of 'IT Ops Query' Season 2, a SANS institute instructor and 20-year cybersecurity veteran assesses the past, present and future of SecOps. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 06 Sep 2024
Threat hunting frameworks, techniques and methodologies

Threat hunting's proactive approach plays a vital role in defending against cyberattacks. Learn about the frameworks, methodologies and techniques that make it so effective. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 06 Sep 2024
What is identity threat detection and response (ITDR)?

Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure. Continue Reading
By
- Mary K. Pratt
Definition 06 Sep 2024
What is MXDR, and do you need it?

Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment. Continue Reading
By
- Char Sample, ICF International
Tip 05 Sep 2024
What is threat hunting? Key strategies explained

If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know. Continue Reading
By
- Ed Moyle, SecurityCurve
News 28 Aug 2024
Infosec experts applaud DOJ lawsuit against Georgia Tech

The Department of Justice joined a whistleblower lawsuit against Georgia Tech for allegedly misleading the Department of Defense about its cybersecurity posture. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 28 Aug 2024
Why is SecOps becoming both easier and more difficult?

While SecOps has become easier in some ways, enterprises still struggle with areas such as data volumes, threat intelligence analysis and security alert volume and complexity. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tutorial 27 Aug 2024
How to use Tor -- and whether you should -- in your enterprise

The Tor browser has sparked discussion and dissension since its debut. Does the software, which promises anonymous and secure web access, have a role to play in the enterprise? Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 27 Aug 2024
Port of Seattle grappling with 'possible cyberattack'

A possible cyberattack against Washington's Port of Seattle has caused significant service disruptions to airline travel at the Seattle-Tacoma International Airport. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 27 Aug 2024
What is LDAP (Lightweight Directory Access Protocol)?

LDAP (Lightweight Directory Access Protocol) is a software protocol used for locating data about organizations, individuals and other resources, such as files and devices, on public and corporate networks. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Alexander S. Gillis, Technical Writer and Editor
Tip 26 Aug 2024
How to use the NIST CSF and AI RMF to address AI risks

Companies are increasingly focused on how they can use AI but are also worried about their exposure to AI-fueled cybersecurity risks. Two NIST frameworks can help. Continue Reading
By
- Matthew Smith, Seemless Transition LLC
News 22 Aug 2024
CrowdStrike exec refutes Action1 acquisition reports

A CrowdStrike vice president said the cybersecurity giant had an exploratory group conversation with Action1 and then 'disengaged after a surface level conversation.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 19 Aug 2024
Guide to data detection and response (DDR)

Data is one of the most important assets in any organization. To truly protect it, you need a DDR strategy. Here's what you need to know, with tips on buying DDR tools. Continue Reading
By
- Sean Michael Kerner
Tip 19 Aug 2024
Too many cloud security tools? Time for consolidation

Does your organization need every cloud security platform and service currently in use? Tool consolidation can reduce the chances of coverage gaps and increase security. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 19 Aug 2024
CrowdStrike outage lessons learned: Questions to ask vendors

In light of the recent CrowdStrike outage, security teams should ask their vendors 10 key questions to ensure they're prepared should a similar event occur. Continue Reading
By
- Ed Moyle, SecurityCurve
News 13 Aug 2024
What the Delta-CrowdStrike lawsuit may mean for IT contracts

The recent exchange of allegations between Delta and CrowdStrike reveals legal arguments Delta could use to recover the massive losses suffered in the CrowdStrike outage. Continue Reading
By
- Antone Gonsalves, Editor at Large
News 13 Aug 2024
Law enforcement disrupts Radar/Dispossessor ransomware group

The now-disrupted Radar/Dispossessor ransomware gang was launched in August 2023, and its members have targeted dozens of SMBs across critical sectors via dual extortion. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 12 Aug 2024
Risk & Repeat: Recapping Black Hat USA 2024

Highlights from Black Hat USA 2024 include a keynote panel on securing election infrastructure as well as several sessions on potential threats against new AI technology. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Aug 2024
How to fix Windows 11 desktops after CrowdStrike outage

IT administrators had to jump into action after the CrowdStrike outage to recover faulty desktops. Learn how to use the Microsoft Recovery Tool to fix Windows 11 issues. Continue Reading
By
- Brien Posey
Tip 12 Aug 2024
How to conduct a mobile app security audit

To keep corporate and user data safe, IT must continuously ensure mobile app security. Mobile application security audits are a helpful tool to stay on top of data protection. Continue Reading
By
- Will Kelly
News 12 Aug 2024
Flashpoint CEO: Cyber, physical security threats converging

Although Flashpoint is known for their cybersecurity threat intelligence services, the vendor also provides physical security intelligence to its clientele. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Aug 2024
EDR testing: How to validate EDR tools

Cutting through an EDR tool's marketing hype is difficult. Ask vendors questions, and conduct testing before buying a tool to determine if it solves your organization's pain points. Continue Reading
By
- Rob Shapland
News 08 Aug 2024
CrowdStrike, AI dominate conversation at Black Hat USA 2024

Although the trend of vendors pitching AI-powered products nonstop has continued at Black Hat USA 2024, CrowdStrike and the recent IT outage was an even larger point of discussion. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Aug 2024
CISA: Election infrastructure has never been more secure

CISA Director Jen Easterly emphasized at Black Hat 2024 that election stakeholders cannot be complacent because 'the threat environment has never been so complex.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Aug 2024
CrowdStrike details errors that led to mass IT outage

CrowdStrike's investigation into the recent defective update found that a 'confluence' of issues led to the release of the channel file last month, causing a mass IT outage. Continue Reading
By
- Rob Wright, Senior News Director
News 06 Aug 2024
Security framework to determine whether defenders are winning

Columbia University researcher and longtime security practitioner Jason Healey will present at Black Hat USA a new framework to determine defensive advantage. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 05 Aug 2024
CrowdStrike fires back at Delta over outage allegations

After Delta Air Lines said it would seek damages against CrowdStrike over last month's IT outage, the cybersecurity vendor's legal counsel warned it would 'respond aggressively.' Continue Reading
By
- Rob Wright, Senior News Director
News 01 Aug 2024
InfoSec community sounds off on CrowdStrike outage, next steps

Security experts offered their thoughts on the recent IT outage, praising CrowdStrike's response time but saying the outage highlights issues in the software updating process. Continue Reading
By
- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
Tip 01 Aug 2024
How to assess SOC-as-a-service benefits and challenges

While in-house SOCs are costly and complex to build and maintain, SOC as a service provides a more affordable, cloud-based alternative. Explore benefits and challenges. Continue Reading
By
- John Burke, Nemertes Research
- Alissa Irei, Senior Site Editor
Definition 31 Jul 2024
What is cyber attribution?

Cyber attribution is the process of tracking and identifying the perpetrator of a cyberattack or other cyber operation. Continue Reading
By
- Robert Sheldon
News 30 Jul 2024
Microsoft, SecOps pros weigh kernel access post-CrowdStrike

Microsoft will explore alternatives to direct kernel access for partners following the CrowdStrike outage. But some IT pros worry that change could do more harm than good. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 29 Jul 2024
5 key capabilities for effective cyber-risk management

Faced with relentless cyberattacks, organizations need to shore up their cyber-risk management programs by updating legacy tools and checking out new vendor options. Continue Reading
By
- David Vance
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 26 Jul 2024
CrowdStrike outage underscores software testing dilemmas

Experts say efforts to avoid incidents such as last week's CrowdStrike outage will face time-honored tradeoffs between velocity, stability, access and security. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 26 Jul 2024
CISO advice for addressing cyber-risk management challenges

Cyber-risk management is simple in concept and difficult in practice. CISOs weigh in on some potential ways to reign in the chaos, educate executives and mitigate cyber-risks. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 26 Jul 2024
BitLocker workaround may offer aid for CrowdStrike customers

CrowdStrike customers grappling with blue screens of death from the recent IT outage may be able to sidestep BitLocker encryption schemes and recover their Windows systems. Continue Reading
By
- Rob Wright, Senior News Director
News 26 Jul 2024
CrowdStrike: 97% of Windows sensors back online after outage

While most Windows systems are back online after last week's outage, CrowdStrike CEO George Kurtz said the vendor remains 'committed to restoring every impacted system.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 25 Jul 2024
CrowdStrike disaster exposes a hard truth about IT

Growing third-party dependencies mean more CrowdStrike-like disasters ahead. Preventing these requires a commitment to quality from vendors and robust backup plans from users. Continue Reading
By
- Patrick Thibodeau, Editor at Large
Feature 25 Jul 2024
The differences between open XDR vs. native XDR

Extended detection and response tools are open or native. Learn the differences between them, and get help choosing the right XDR type for your organization. Continue Reading
By
- Kyle Johnson, Technology Editor
News 24 Jul 2024
CrowdStrike: Content validation bug led to global outage

CrowdStrike said last week's global outage was caused by a bug in the Falcon platform's content validator, which missed a defective configuration update for its Windows sensor. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 24 Jul 2024
Types of MDR security services: MEDR vs. MNDR vs. MXDR

Considering MDR security services? There's more than one option available; learn how to find the best for your organization's security needs. Continue Reading
By
- Diana Kelley, SecurityCurve
Podcast 23 Jul 2024
Risk & Repeat: Faulty CrowdStrike update causes global outage

Friday's outage, which was caused by a defective CrowdStrike channel file update, resulted in significant disruptions for airlines, critical infrastructure and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 23 Jul 2024
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
By
- Craig Stedman, Industry Editor
Tip 19 Jul 2024
Why mobile security audits are important in the enterprise

Mobile devices bring their own set of challenges and risks to enterprise security. To handle mobile-specific threats, IT should conduct regular mobile security audits. Continue Reading
By
- Michael Goad, CDW
News 19 Jul 2024
Defective CrowdStrike update triggers mass IT outage

A faulty update for CrowdStrike's Falcon platform crashed customers' Windows systems, causing outages at airlines, government agencies and other organizations across the globe. Continue Reading
By
- Rob Wright, Senior News Director
Answer 19 Jul 2024
How to protect port 139 from SMB attacks

Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By
- Michael Cobb
News 18 Jul 2024
Judge tosses most of SEC's lawsuit against SolarWinds

A judge dismissed many of the charges in the U.S. Securities and Exchange Commission's lawsuit against SolarWinds and its CISO, Timothy Brown, though some charges remain. Continue Reading
By
- Rob Wright, Senior News Director
Tutorial 18 Jul 2024
How to use Pwnbox, the cloud-based VM for security testing

Pwnbox offers users the chance to hone their skills about security concepts and tools without having to build a costly lab environment. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 18 Jul 2024
Amazon CISO discusses the company's cautious approach to AI

At the recent AWS re:Inforce 2024 conference, Amazon CISO CJ Moses spoke about the risks and threats associated with new AI technology and how the cloud giant addresses them. Continue Reading
By
- Rob Wright, Senior News Director
Opinion 09 Jul 2024
CISOs on how to improve cyberthreat intelligence programs

Organizations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 08 Jul 2024
How AI-driven SOC tech eased alert fatigue: Case study

Alert fatigue is real, and it can cause big problems in the SOC. Learn how generative AI can improve security outcomes and reduce analysts' frustration in this case study. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 28 Jun 2024
TeamViewer breached by Russian state actor Midnight Blizzard

TeamViewer says a Russian state-sponsored threat actor known as Midnight Blizzard gained accessed to the company's corporate network via compromised employee credentials. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tutorial 28 Jun 2024
How to use Social-Engineer Toolkit

Testing system components for vulnerabilities is just one part of the network security equation. What's the best way to measure users' resilience to social engineering threats? Continue Reading
By
- Ed Moyle, SecurityCurve
News 25 Jun 2024
CISA discloses breach of Chemical Security Assessment Tool

The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 25 Jun 2024
digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Alexander S. Gillis, Technical Writer and Editor
- Ben Lutkevich, Site Editor
News 21 Jun 2024
Biden administration bans Kaspersky Lab products in US

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
How Amazon's decision to ditch Active Directory paid off

Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By
- Rob Wright, Senior News Director
Podcast 18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall

Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Jun 2024
Alex Stamos on how to break the cycle of security mistakes

In an interview, SentinelOne's Alex Stamos discussed the importance of security by design and why it needs to be applied to emerging technologies, including generative AI. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Jun 2024
Congress grills Microsoft president over security failures

Microsoft President Brad Smith testifies on a wide range of issues, including Chinese and Russian nation-state attacks, the controversial AI-powered Recall feature and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 14 Jun 2024
The enduring importance of digital trust

Digital trust is an increasingly important issue, yet confusion remains about what exactly it is, how to achieve it and how to get started. Continue Reading
By
- Greg Shields
News 12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024

AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By
- Rob Wright, Senior News Director
Tip 05 Jun 2024
How to write a useful cybersecurity incident report

Reacting to a cybersecurity event is just half the battle. An incident report can help companies understand why the attack occurred and how to avoid future security issues. Continue Reading
By
- Paul Kirvan
Opinion 30 May 2024
RSA Conference wrap-up: The state of cybersecurity disconnect

The cybersecurity industry isn't prepared for massive changes in play. It needs to focus more on the mission rather than cybersecurity technology widgets. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 29 May 2024
How to converge networking and security teams: Key steps

Companies can reap a lot of benefits by merging their networking and security teams. But it takes careful planning to make it work. Continue Reading
By
- John Burke, Nemertes Research
Feature 23 May 2024
The 10 most common ERP security issues and ways to fix them

Today's ERP systems are exposed like never before. Learn about the most common ERP security issues companies are facing and how IT and security teams can address them. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
News 23 May 2024
CISA executive director discusses CIRCIA, incident reporting

CISA Executive Director Brandon Wales speaks with TechTarget Editorial to discuss CIRCIA and the importance of incident reporting to the larger cybersecurity ecosystem. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 22 May 2024
Arctic Wolf CPO: Most AI deployment is generic, 'pretty weak'

Dan Schiappa, chief product officer at Arctic Wolf, said that while generative AI technology has enormous potential, many companies are deploying it for the wrong reasons. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 21 May 2024
5 Mitre ATT&CK framework use cases

The Mitre ATT&CK framework helps security teams better protect their organizations. Read up on five Mitre ATT&CK use cases to consider adopting, from red teaming to SOC maturity. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Feature 17 May 2024
How AI-driven patching could transform cybersecurity

At RSAC 2024, a Google researcher described how the search giant has already seen modest but significant success using generative AI to patch vulnerabilities. Continue Reading
By
- Alissa Irei, Senior Site Editor
Definition 15 May 2024
out-of-band authentication

Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password. Continue Reading
By
- Nick Barney, Technology Writer
Opinion 14 May 2024
AI PCs need apps with broad use cases to gain traction

There are many ways local AI on PC hardware can help users, but the broader use cases aren't there yet. Learn about the emerging AI PC market and where it still needs to grow. Continue Reading
By
- Gabe Knuth, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 14 May 2024
SonicWall CEO talks transformation, security transparency

SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 May 2024
US officials optimistic on AI but warn of risks, abuse

Federal government leaders at RSA Conference 2024 touted the benefits of AI pilot programs but also outlined how a variety of threat actors are currently abusing the technology. Continue Reading
By
- Rob Wright, Senior News Director
News 09 May 2024
'Secure by design' makes waves at RSA Conference 2024

Cybersecurity vendors and public sector organizations heavily promoted the secure by design approach, particularly for generative AI tools and projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 08 May 2024
Experts highlight progress, challenges for election security

Infosec professionals at RSA Conference 2024 discuss digital and physical security challenges for election cycles across the globe in a post-COVID-19 landscape. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 08 May 2024
Microsoft touts expansion of Secure Future Initiative

At RSA Conference 2024, Microsoft vice president Vasu Jakkal discussed some of the criticisms leveled against the company and how the Secure Future Initiative will address them. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tutorial 07 May 2024
How to configure sudo privilege and access control settings

Learn how to use the sudo command for access control configurations, from granting full administrative privileges to delegating roles. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 07 May 2024
How to detect deepfakes manually and using AI

Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 06 May 2024
Google unveils new threat intelligence service at RSAC 2024

Google Threat Intelligence combines investigation findings from Mandiant with crowdsourced intelligence from VirusTotal and operationalizes the data with Google's Gemini AI model. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 May 2024
Recorded Future observes 'concerning' hacktivism shift

At RSA Conference 2024, Recorded Future detailed alarming trends as nation-state attackers operate under the guise of hacktivism to cover real threats to organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 06 May 2024
IBM study shows security for GenAI projects is an afterthought

IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 May 2024
Cisco details Splunk security integrations, AI developments

Just two months after Cisco completed its $28 billion acquisition of analytics giant Splunk, the company added XDR capabilities into Splunk Enterprise Security. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is role-based access control (RBAC)?

Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
News 01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%

Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 01 May 2024
Federal Information Security Modernization Act (FISMA)

): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats. Continue Reading
By
- Paul Kirvan
- Alexander S. Gillis, Technical Writer and Editor
Definition 30 Apr 2024
cloud security posture management (CSPM)

Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Tip 29 Apr 2024
Top 11 cloud security challenges and how to combat them

Before jumping feet first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading
By
- Sharon Shea, Executive Editor
News 24 Apr 2024
Coalition: Insurance claims for Cisco ASA users spiked in 2023

Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access. Continue Reading
By
- Arielle Waldman, News Writer
Tip 23 Apr 2024
Creating a patch management policy: Step-by-step guide

A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
By
- Andrew Froehlich, West Gate Networks