New & Notable
Evaluate
Migrate to passwordless to enhance security and UX
Transitioning to passwordless authentication enables organizations to strengthen user account and sensitive data security without adding UX friction for end users.
Evaluate
How AI is shaping the future of the cybersecurity workforce
ISACA's 'State of Cybersecurity 2024' report found that, while AI helps automate lower-level tasks, it presents issues when it comes to succession planning and talent development.
News
Cleo patches file transfer zero-day flaw under attack
Cleo published a patch for its Harmony, VLTrader and LexiCom managed file transfer products, which addresses a 'critical vulnerability' that's separate from CVE-2024-50623.
Evaluate
9 identity and access management trends to watch in 2025
Identity threats continue to change and so, too, do the defenses developed to address those security challenges. Be ready for what's coming next in IAM.
Trending Topics
-
Data Security & Privacy News
Aqua Security warns of significant risks in Prometheus stack
The cloud security vendor called on Prometheus to provide users with additional safeguards to protect against misconfigurations discovered in the open source monitoring tool.
-
Threats & Vulnerabilities News
Risk & Repeat: Attacks ramp up on Cleo MFT software
Earlier this week, threat actors began exploiting a zero-day vulnerability in Cleo's managed file transfer products, but the details of the flaw remain unclear.
-
IAM Evaluate
Migrate to passwordless to enhance security and UX
Transitioning to passwordless authentication enables organizations to strengthen user account and sensitive data security without adding UX friction for end users.
-
Analytics & Automation News
Microsoft enhanced Recall security, but will it be enough?
Microsoft's controversial Recall feature began rolling out to certain Windows Insiders with Copilot+ PCs in November, with more expected to participate this month.
-
Network Security Problem Solve
How to recover from a DDoS attack
Learn how to recover from a DDoS attack and get operations back online quickly, while minimizing impact on customers and brand reputation.
-
Operations & Management Evaluate
3 cybersecurity predictions for 2025
Will service as software, agentic cybersecurity and automated remediation reach their potential in 2025? Read up on what analyst Tyler Shields has to say.
Sponsored Sites
-
IT Workflows
Transform Your Organization With Modern and Resilient IT Services
Learn how ServiceNow’s IT solutions can help your organization seize the upside of operational resilience and raise employee agility.
-
Servers
Server Buying Considerations 2023
This site focusses on key server buying considerations for IT decision makers in 2023 and beyond, with an emphasis on innovations in server design, security, sustainability, automation, and financing flexibility from Dell Technologies and Intel®.
-
Connected Enterprise
Empowering the Truly Connected Enterprise
Learn how Software AG can help your organization become a truly connected enterprise.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Migrate to passwordless to enhance security and UX
Transitioning to passwordless authentication enables organizations to strengthen user account and sensitive data security without adding UX friction for end users.
-
How AI is shaping the future of the cybersecurity workforce
-
9 identity and access management trends to watch in 2025
-
7 must-know IAM standards in 2025
-
-
Problem Solve
How to protect against malware as a service
Malware operators are further monetizing their malicious software by selling it to other attackers on a subscription basis. Learn how to detect and mitigate the threat.
-
How to recover from a DDoS attack
-
Biometric privacy and security challenges to know
-
How to identify and prevent insecure output handling
-
-
Manage
8 best practices for a bulletproof IAM strategy
IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges.
-
How to build an effective third-party risk assessment framework
-
How to create an enterprise cloud security budget
-
API security testing checklist: 7 key steps
-
Information Security Basics
-
Get Started
What is a block cipher?
A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.
-
Get Started
What is a stream cipher?
A stream cipher is an encryption method in which data is encrypted one byte at a time.
-
Get Started
What is a session key?
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.
Multimedia
-
News
View All -
Threats and vulnerabilities
Cleo patches file transfer zero-day flaw under attack
Cleo published a patch for its Harmony, VLTrader and LexiCom managed file transfer products, which addresses a 'critical vulnerability' that's separate from CVE-2024-50623.
-
Data security and privacy
Aqua Security warns of significant risks in Prometheus stack
The cloud security vendor called on Prometheus to provide users with additional safeguards to protect against misconfigurations discovered in the open source monitoring tool.
-
Identity and access management
Citrix NetScaler devices targeted in brute force campaign
Citrix advised NetScaler customers to ensure that their devices are fully updated and properly configured to defend against the recent spike in brute force attacks.
Search Security Definitions
- What is identity and access management? Guide to IAM
- What is a block cipher?
- What is a stream cipher?
- What is a session key?
- What is cipher block chaining (CBC)?
- What is user authentication?
- What is obfuscation and how does it work?
- What is IPsec (Internet Protocol Security)?