Tips

Tips

• How does BGP hijacking work and what are the risks?

  The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it.  Continue Reading

• Find out whether secure email really protects user data in transit

  Outside of user perceptions, how safe is secure email in terms of protecting users' data in transit? Our expert explains how much the SSL and TLS protocols can protect email.  Continue Reading

• Plugging the cybersecurity skills gap with security automation

  Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder.  Continue Reading

• An introduction to building management system vulnerabilities

  Understanding what a building management system is and does is important for organizations to have stronger security postures. Expert Ernie Hayden examines the BMS and its flaws.  Continue Reading

• 5 common web application vulnerabilities and how to avoid them

  Common web application vulnerabilities continue to confound enterprises. Here's how to defend against them and stop enabling exploits.  Continue Reading

• Container security awareness, planning required as threats persist

  As container security vulnerabilities continue to emerge, companies should plan ahead and have strategies ready to defend against looming segmentation failures.  Continue Reading

• Nine email security features to help prevent phishing attacks

  Check out nine email security features that can help protect you from phishing attacks. First, make sure they're enabled on your email system configuration, and if not, start your wish list.  Continue Reading

• How bellwether cybersecurity technologies predict success

  Bellwether cybersecurity technologies -- advanced endpoint security, behavioral threat analytics and a trio of cloud-based apps -- are used by successful cybersecurity teams. Find out why.  Continue Reading

• The developer's role in application security strategy

  Developers often pay lip service about being integral to application security, but they usually don't consider vulnerabilities until much too late in the dev process.  Continue Reading

• To improve incident response capability, start with the right CSIRT

  Is your organization ready to build a computer security incident response team? Here are the questions that should be answered when building a CSIRT to maximize incident response capability.  Continue Reading

• Understanding the new breed of command-and-control servers

  Command-and-control servers are now using public cloud services, social media and other resources to evade detection. What should enterprises do to combat these threats?  Continue Reading

• Top 5 email security issues to address in 2019

  The top five email security issues come from a variety of places, from email phishing to account takeovers. Our security expert recommends being vigilant and poised to take action.  Continue Reading

• Weighing the cost of mitigating Spectre variant 2

  Fixes for the Spectre variant 2 vulnerability affect system performance, so some in the tech sector wonder whether they're worth it. Expert Michael Cobb examines that question.  Continue Reading

• Key steps to put your zero-trust security plan into action

  There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company.  Continue Reading

• How to deploy deep packet inspection in the cloud

  Despite privacy concerns about deep packet inspection, it can help improve cloud network security for enterprises. Expert Frank Siemons explains how to avoid potential pitfalls.  Continue Reading

• Vet third-party apps to reduce supply chain threats

  Enterprises are more vulnerable than ever before to supply chain threats from third-party apps and modules. Last fall's compromised NPM package is one cautionary tale.  Continue Reading

• 5-step checklist for web application security testing

  This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws.  Continue Reading

• More Ghostscript vulnerabilities, more PostScript problems

  Researchers keep finding PostScript interpreter bugs. Find out how a new Ghostscript vulnerability enables remote code execution against web services and Linux desktop users.  Continue Reading

• The security implications of serverless cloud computing

  Cloudflare Workers is new for serverless cloud computing and introduces benefits and drawbacks for security professionals. Expert Ed Moyle discusses the security side of serverless.  Continue Reading

• How to create a more effective application security program

  To mitigate software-related security risks, fine-tune your application security program to get the right people involved, document your standards and manage your weak points.  Continue Reading

• Steps to improve an application environment and fix flaws

  Eliminating application security flaws from an enterprise's server can be a complex task. Learn steps to take in order to improve application security with expert Kevin Beaver.  Continue Reading

• How to comply with the California privacy act

  Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law.  Continue Reading

• How to build a cloud security strategy after migration

  Enterprises can face an array of issues when they migrate to the cloud. Learn about three of the main challenges and how to effectively create a cloud security strategy.  Continue Reading

• How a Windows antimalware tool helps endpoint security

  The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it.  Continue Reading

• The evolution of the Let's Encrypt certificate authority

  Certificate authorities work differently since the open source Let's Encrypt project went into effect. Expert Fernando Gont explains how both CAs and Let's Encrypt operate.  Continue Reading

• Cybersecurity maturity model lays out four readiness levels

  To assess cybersecurity maturity, Nemertes Research developed a four-point scale to determine a company's ability to effectively detect, understand and contain breaches.  Continue Reading

• How to defend against malicious IP addresses in the cloud

  Cybercriminals have found a way to use the cloud to mask their locations. Expert Rob Shapland looks at the options organizations have to deal with malicious IP addresses.  Continue Reading

• How to perform an ICS risk assessment in an industrial facility

  An important step to secure an industrial facility is performing an ICS risk assessment. Expert Ernie Hayden outlines the process and why each step matters.  Continue Reading

• How unsecured Firebase databases put critical data at risk

  Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases.  Continue Reading

• Updating TLS? Use cryptographic entropy for more secure keys

  Cryptographic entropy is necessary to secure session encryption keys in TLS 1.2, but RSA key transport is not supported in TLS 1.3. Discover the causes for concern with Judith Myerson.  Continue Reading

• Key customer identity access management features to consider

  Evaluating customer identity access management products is complicated but necessary. Learn what’s new and what you need most right now.  Continue Reading

• CIAM vs. IAM: The key differences 'customer' makes

  Find out everything you need to know about the nuances that differentiate customer IAM from traditional IAM so that you can implement the CIAM system at your organization.  Continue Reading

• How NIST is preparing to defend against quantum attacks

  The NSA has begun the transition from ECC to new algorithms to resist quantum attacks. Learn about the threat posed by quantum computing from expert Michael Cobb.  Continue Reading

• How to block public access for AWS S3 bucket security

  AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford.  Continue Reading

• The pros and cons of proxy-based security in the cloud

  Is proxy-based security in the cloud right for you? Expert Ed Moyle looks at the benefits and drawbacks of using proxies for Office 365 and other cloud platforms.  Continue Reading

• How to apply cloud security controls in the network

  Implementing cloud security controls in the network requires a careful balance between protecting points of connectivity while still making it easy for users to access services.  Continue Reading

• What Moody's cyber-risk ratings mean for enterprises

  Moody's announced it will soon begin composing cyber-risk ratings for enterprises. Kevin McDonald explores the move and what it could mean for enterprises and the infosec industry.  Continue Reading

• The benefits of using a cloud honeypot for threat intelligence

  A cloud honeypot can help enterprises gather threat intelligence. Expert Frank Siemons explains why a cloud-based honeypot deployment is preferable to a traditional one.  Continue Reading

• How to ensure your enterprise doesn't have compromised hardware

  Enterprise protections are crucial in order to guarantee the safety of your hardware. Discover best practices to guard your enterprise's hardware with Nick Lewis.  Continue Reading

• For effective customer IAM, bundle security and performance

  CIAM can verify identity, manage access and deliver a smooth experience for customers. Get an expert's insights on how to tackle customer IAM now.  Continue Reading

• How a flaw in Apple DEP misuses an MDM server

  Hackers are able to enroll their devices in an organization's MDM server via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks.  Continue Reading

• How the SHA-3 competition declared a winning hash function

  NIST tested competing hash functions over a period of five years for the SHA-3 algorithm competition. Learn the details of what they discovered from Judith Myerson.  Continue Reading

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture.  Continue Reading

• What's different about Google Asylo for confidential computing?

  The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings.  Continue Reading

• Testing applications in production vs. non-production benefits

  To ensure proper application security testing, production and non-production systems should both be tested. In this tip, expert Kevin Beaver weighs the pros and cons.  Continue Reading

• How supply chain security has evolved over two decades

  Both physical and cyber supply chain security are critically important. Expert Ernie Hayden outlines the recent history of supply chain defenses and what enterprises need to know.  Continue Reading

• Is network traffic monitoring still relevant today?

  An increase in DNS protocol variants has led to a higher demand for network traffic monitoring. The SANS Institute's Johannes Ullrich explains what this means for enterprises.  Continue Reading

• How Google's cloud data deletion process can influence security policies

  Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it.  Continue Reading

• How bring-your-own-land attacks are challenging enterprises

  FireEye researchers developed a new technique called bring your own land, which involves attackers creating their own tools. Discover more about how this works with Nick Lewis.  Continue Reading

• How to configure a vTAP for cloud networks

  A vTAP can give enterprises better visibility into their cloud networks. Expert Frank Siemons of InfoSec Institute explains how virtual network TAPs work and the available options.  Continue Reading

• Zero-trust security means new thinking plus practical steps

  Implementing a security policy that, essentially, trusts no one and nothing doesn't have to be overwhelming if you understand the basics behind the security model.  Continue Reading

• How to configure browsers to avoid web cache poisoning

  Web cache poisoning poses a serious threat to web browser security. Learn how hackers can exploit unkeyed inputs for malicious use with expert Michael Cobb.  Continue Reading

• How the Microsoft Authenticator app integrates with Azure AD

  Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford explains how this tool is improving security.  Continue Reading

• Insider threat protection: Strategies for enterprises

  Insider threats pose a serious risk to enterprises. Peter Sullivan explains how enterprises can use background checks and risk assessments for insider threat protection.  Continue Reading

• Why entropy sources should be added to mobile application vetting

  NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made.  Continue Reading

• How testing perspectives helps find application security flaws

  Application security testing requires users to test from all the right perspectives. Discover testing techniques that help find application security flaws with expert Kevin Beaver.  Continue Reading

• How deception technologies improve threat hunting, response

  Deception tech tools enable more effective threat hunting and incident response. Learn how these tools can give security pros an edge in defending their company systems and data.  Continue Reading

• NIST incident response plan: 4 steps to better incident handling

  The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step.  Continue Reading

• What Microsoft's InPrivate Desktop feature could mean for enterprises

  Microsoft's secretive, potential new feature InPrivate Desktop could give security teams access to disposable sandboxes. Expert Ed Moyle explains how the feature could work.  Continue Reading

• Enterprises should reconsider SMS-based 2FA use after breach

  A Reddit breach was triggered by threat actors intercepting SMS messages used to authenticate employees to access sensitive data. Learn why enterprises should reconsider SMS for 2FA.  Continue Reading

• How to protect enterprise ICS networks with firewalls

  ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected.  Continue Reading

• Guide to identifying and preventing OSI model security risks: Layers 4 to 7

  Each layer of the Open Systems Interconnection presents unique vulnerabilities that could move to other layers if not properly monitored. Here's how to establish risk mitigation strategies for OSI layer security in Layers 4 through 7.  Continue Reading

• How security, compliance standards prevent OSI layer vulnerabilities

  Each layer of the Open Systems Interconnection presents unique -- but connected -- vulnerabilities. Here's how to establish OSI security and compliance best practices.  Continue Reading

• How do SLAs factor into cloud risk management?

  While you may not have much control over the infrastructure used by cloud service providers, you’re not completely at their mercy when it comes to cloud risk management.  Continue Reading

• The implications of the NetSpectre vulnerability

  The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe.  Continue Reading

• How to monitor AWS credentials with the new Trailblazer tool

  A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave Shackleford explains how it can bolster cloud security.  Continue Reading

• How entropy sources interact with security and privacy plans

  NIST published a draft of its 'Risk Management Framework for Information Systems and Organizations.' Learn what this report entails, as well as how entropy source controls play a key role.  Continue Reading

• Give your SIEM system a power boost with machine learning

  The enterprise SIEM is still essential to IT defenses, but the addition of AI, in the form of machine learning capabilities, gives it even more potential power.  Continue Reading

• The time to consider SIEM as a service has arrived

  Now even your SIEM comes in the as-a-service model. Assess whether it's time to consider outsourcing this fundamental tool in your defense lineup.  Continue Reading

• Prepping your SIEM architecture for the future

  Is your SIEM ready to face the future? Or is it time for a major tune-up or at least some tweaks around the edges? Learn how to approach your SIEM assessment and updates.  Continue Reading

• Picking the right focus for web application security testing

  Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas.  Continue Reading

• How Shodan helps identify ICS cybersecurity vulnerabilities

  Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security.  Continue Reading

• How is Android Accessibility Service affected by a banking Trojan?

  ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service.  Continue Reading

• How to collect open source threat intelligence in the cloud

  Threat intelligence analysis can be challenging and expensive for enterprises. Expert Frank Siemons explains how open source threat intelligence can simplify the process.  Continue Reading

• Why communication is critical for web security management

  Conveying the importance of web security to management can be difficult for many security professionals. Kevin Beaver explains how to best communicate with the enterprise.  Continue Reading

• Securing remote access for cloud-based systems

  Don't believe the hype: Access control in the cloud is not a lost cause. Read these tips to learn how you can better secure remote access to your cloud-based systems.  Continue Reading

• Understanding the risk SQL injection vulnerabilities pose

  SQL injection vulnerabilities put a system at risk and are often unknown to users. Discover how this web vulnerability works and how to prevent it with expert Kevin Beaver.  Continue Reading

• SaaS platform security: The challenges of cloud network security

  Organizations have the necessary tools to protect data stored and processed in IaaS platforms. Learn why SaaS platform security remains a challenge from expert Rob Shapland.  Continue Reading

• What about enterprise identity management for 'non-users'?

  Identity and access management for service, machine and application accounts is as important as it is for individuals, so be sure your IAM strategy considers so-called non-users.  Continue Reading

• How hardening options help handle unpatchable vulnerabilities

  Using multiple hardening options to endure unpatchable vulnerabilities is explored in a recent NIST report. Learn how entropy sources can be an additional option with Judith Myerson.  Continue Reading

• How the STARTTLS Everywhere initiative will affect surveillance

  The EFF's STARTTLS Everywhere initiative encrypts email during delivery and aims to prevent mass email surveillance. Expert Michael Cobb explains how STARTTLS works.  Continue Reading

• How Azure AD uses cloud access control to protect credentials

  Features such as Microsoft Azure AD Smart Lockout and Password Protection add security via trusted authentication. Learn more about cloud access control from expert Ed Moyle.  Continue Reading

• How insider fraud can be detected and avoided in the enterprise

  IT sabotage and insider threats can put an organization at great risk. Guest expert Peter Sullivan details preventative measures to take and employee training techniques.  Continue Reading

• How hard-coded credentials threaten ICS security

  Hard-coded credentials open industrial control systems up to unauthorized access by malicious actors and threaten ICS security. Expert Ernie Hayden explains the threat and what enterprises can do about it.  Continue Reading

• How to monitor and detect a cloud API vulnerability

  A REST API vulnerability in Salesforce's Marketing Cloud service put users at risk of data disclosure. Learn how to detect cloud API vulnerabilities from expert Rob Shapland.  Continue Reading

• Red team assessments and post-assessment posture improvement

  Testing an organization's security maturity is crucial for an organization to improve their post-assessment posture. Learn how red teaming can help this situation with Matt Pascucci.  Continue Reading

• Network reconnaissance: How to use SI6 Networks' IPv6 toolkit

  SI6 Networks' IPv6 toolkit can do network reconnaissance using search engines and the Certificate Transparency framework. Learn how to use IPv6 toolkits from expert Fernando Gont.  Continue Reading

• Why container orchestration platforms risk data exposure

  Container orchestration platforms expose interfaces and create the risk of data exposure and unauthorized access. Expert Dave Shackleford explains why these risks exist in enterprises.  Continue Reading

• How new cybersecurity problems emerge from fake news

  As fake news continues to emerge, new cybersecurity challenges for IT professionals arise. Learn why we should continue to care about cyber propaganda and what we can do.  Continue Reading

• How to mitigate the Efail flaws in OpenPGP and S/MIME

  Efail exploits vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext in encrypted emails. Learn more about the Efail vulnerabilities from expert Michael Cobb.  Continue Reading

• How criticality analysis benefits from an entropy engineer

  NIST published 'Criticality Analysis Process Model: Prioritizing Systems and Components' to guide organizations when prioritizing systems. Discover the key processes with Judith Myerson.  Continue Reading

• How online malware collection aids threat intelligence

  Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware.  Continue Reading

• What to do when IPv4 and IPv6 policies disagree

  Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules.  Continue Reading

• Four new Mac malware strains exposed by Malwarebytes

  Mac platforms are at risk after Malwarebytes discovered four new Mac malware strains. Learn how to protect your enterprise and how to mitigate these attacks with expert Nick Lewis.  Continue Reading

• Three steps to improve data fidelity in enterprises

  Ensuring data fidelity has become crucial for enterprises. Expert Char Sample explains how to use dependency modeling to create boundaries and gather contextual data.  Continue Reading

• How to identify and protect high-value data in the enterprise

  Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data.  Continue Reading

• Anonymity tools: Why the cloud might be the best option

  The cloud might be the best of the available anonymity tools. Expert Frank Siemons explains the other options for anonymity for security and why the cloud is the best for privacy.  Continue Reading

• Domain fronting: Why cloud providers are concerned about it

  Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why.  Continue Reading

• The risks of container image repositories compared to GitHub

  As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries.  Continue Reading

• Fine-tuning incident response automation for optimal results

  Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more.  Continue Reading