Tips
Tips
-
How criticality analysis benefits from an entropy engineer
NIST published 'Criticality Analysis Process Model: Prioritizing Systems and Components' to guide organizations when prioritizing systems. Discover the key processes with Judith Myerson. Continue Reading
-
How online malware collection aids threat intelligence
Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware. Continue Reading
-
What to do when IPv4 and IPv6 policies disagree
Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules. Continue Reading
-
Four new Mac malware strains exposed by Malwarebytes
Mac platforms are at risk after Malwarebytes discovered four new Mac malware strains. Learn how to protect your enterprise and how to mitigate these attacks with expert Nick Lewis. Continue Reading
-
Three steps to improve data fidelity in enterprises
Ensuring data fidelity has become crucial for enterprises. Expert Char Sample explains how to use dependency modeling to create boundaries and gather contextual data. Continue Reading
-
How to identify and protect high-value data in the enterprise
Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data. Continue Reading
-
Anonymity tools: Why the cloud might be the best option
The cloud might be the best of the available anonymity tools. Expert Frank Siemons explains the other options for anonymity for security and why the cloud is the best for privacy. Continue Reading
-
Domain fronting: Why cloud providers are concerned about it
Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why. Continue Reading
-
The risks of container image repositories compared to GitHub
As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
-
Fine-tuning incident response automation for optimal results
Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more. Continue Reading
-
How to integrate an incident response service provider
Adding a third-party incident response service to your cybersecurity program can bulk up enterprise defenses, but the provider must be integrated carefully to reap the benefits. Continue Reading
-
How to stop malicious browser add-ons from taking root
Researchers at Malwarebytes discovered several new browser extension threats. Discover how to avoid and properly removed malicious add-ons with expert Nick Lewis. Continue Reading
-
The threat of shadow admins in the cloud to enterprises
Having shadow admins in the cloud means unauthorized users can access everything a legitimate administrator can. Expert Ed Moyle explains how this works and how to stop it. Continue Reading
-
Common security oversights within an AWS environment
There's often an assumption that AWS systems can't be tested, as they're hosted in the cloud; however, this is not the case. Discover common security oversights in AWS environments. Continue Reading
-
How cyber resiliency is achieved via NIST's 14-step approach
Improving cyber resiliency helps organizations manage risk. Discover the 14 techniques NIST has identified to help achieve cyber resiliency with expert Judith Myerson. Continue Reading
-
Why a zero-trust network with authentication is essential
Zero-trust networks are often deemed compromised and untrusted, making authentication variables essential to security. Expert Matthew Pascucci explains a zero-trust security model. Continue Reading
-
How to use Packetbeat to monitor Docker container traffic
Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
-
Insider threats: Preventing intellectual property theft
IP theft is often committed by insiders or disgruntled employees who feel entitled to information. Peter Sullivan explains the threat and how to prevent these insider attacks. Continue Reading
-
How studying the black hat community can help enterprises
White hat hackers often assimilate themselves into the black hat community to track the latest threats. Discover how this behavior actually benefits the enterprise with David Geer. Continue Reading
-
Know your enemy: Understanding insider attacks
Insider attacks are a significant threat to enterprises. Expert Ernie Hayden provides an introduction to insider threats and how organizations can protect themselves. Continue Reading
-
How to secure cloud buckets for safer storage
Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
-
How white hat hackers can tell you more than threat intelligence
White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help. Continue Reading
-
How to use the OODA loop to improve network security
The OODA loop can be used to establish cyber deception against hackers to improve network security. Learn the OODA steps and how they can be applied to security with Kevin Fiscus. Continue Reading
-
Application security programs: Establishing reasonable requirements
Creating security program requirements can be a challenging task, especially with application security. In this tip, Kevin Beaver shares several ways to create an effective program. Continue Reading
-
Cloud risk management explained: Just how secure are you?
There is no shortage of vulnerabilities in the cloud, but the same is true of any outsourcing arrangement. Practicing cloud risk management is essential to staying secure. Continue Reading
-
Where machine learning for cybersecurity works best now
Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more. Continue Reading
-
AI and machine learning in network security advance detection
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals. Continue Reading
-
How lattice-based cryptography will improve encryption
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option. Continue Reading
-
How entropy sources help secure applications with SDLC
Some applications need cryptographic algorithms to test and work properly. Expert Judith Myerson discusses this division in terms of the software development lifecycle. Continue Reading
-
How layered security can help and hinder application security
The growth of technology includes the growth of layered security. Join expert Kevin Beaver as he explains the pros and cons of layered defenses for application security. Continue Reading
-
Cloud endpoint security: Balance the risks with the rewards
While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
-
Building an effective security program for beginners
Charles Kao explains why continuous learning, observation of merit and appreciation of others are key elements for an effective security program -- and for preventing cyberattacks. Continue Reading
-
How the Meltdown and Spectre vulnerabilities impact security
The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. Continue Reading
-
DeOS attacks: How enterprises can mitigate the threat
An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer. Continue Reading
-
Are Meltdown and Spectre real vulnerabilities or mere flaws?
There's been some debate over whether Meltdown and Spectre are true vulnerabilities. Expert Michael Cobb discusses what qualifies as a vulnerability and if these two make the cut. Continue Reading
-
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
How to prevent cloud cryptojacking attacks on your enterprise
As the value of bitcoin has risen over the last year, so has the prevalence of cloud cryptojacking attacks. Expert Rob Shapland explains how enterprises can prevent these attacks. Continue Reading
-
Three IoT encryption alternatives for enterprises to consider
The use of cryptography alternatives for IoT devices grants users certain benefits and potential security challenges. Learn more about each alternative with expert Judith Myerson. Continue Reading
-
Protecting the DNS protocol: How DNSSEC can help
Securing the DNS protocol is no joke. Learn what the DNS Security Extensions are and the efforts the United States government is taking to push DNSSEC adoption. Continue Reading
-
Ways to solve DNS security issues in your organization
Get up to speed fast on means and methods for reducing or eliminating security-related issues in DNS, an integral service upon which the internet depends. Continue Reading
-
How a cloud backdoor poses a threat to the enterprise
Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
-
How security automation and orchestration impacts enterprises
The use of security automation and orchestration systems is on the rise, as they have the ability to provide automatic responses to threats. Learn how this benefits the enterprise. Continue Reading
-
How the BloodHound tool can improve Active Directory security
Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help. Continue Reading
-
How enterprises should handle GDPR compliance in the cloud
GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland explains why it's not so different from on premises. Continue Reading
-
What the security incident response process should look like
An enterprise needs to have a strong security incident response process plan mapped out early. Expert Ernie Hayden shares how to turn an incident into a learning experience. Continue Reading
-
How TLS mutual authentication for cloud APIs bolsters security
Secure access to cloud APIs is necessary but challenging. One viable option to combat that is TLS mutual authentication, according to expert Ed Moyle. Continue Reading
-
Zero-trust model promises increased security, decreased risk
The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading
-
How to do risk management in cybersecurity using ERM
Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk. Continue Reading
-
How a Blizzard DNS rebinding flaw put millions of gamers at risk
A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it. Continue Reading
-
Imran Awan case shows lax security controls for IT staff
Investigations into the conduct of the IT staff of the House of Representatives raised alarms. Kevin McDonald explains what we can learn from the case of Imran Awan. Continue Reading
-
Emotet Trojan: How to defend against fileless attacks
An increase in fileless malware, including PowerShell malware, was reported in McAfee Labs' December 2017 Threat Report. Discover how enterprises can defend again fileless attacks. Continue Reading
-
Becoming a cybersecurity professional: What are the options?
A cybersecurity professional has several options for their career path. Expert Ernie Hayden reviews the cybersecurity career track options and what skills are required for each one. Continue Reading
-
Secure DevOps: Inside the five lifecycle phases
Secure DevOps and cloud computing are altering the design, build, deployment and operation of online systems. Learn more from Eric Johnson and Frank Kim of the SANS Institute. Continue Reading
-
Addressing vulnerable web systems that are often overlooked
Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws. Continue Reading
-
Software security training: Perspectives on best practices
Software development training with an emphasis on secure coding can improve enterprise security postures. Steve Lipner of SafeCode discusses different ways to get the job done. Continue Reading
-
Entropy sources: How do NIST rules impact risk assessments?
NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles. Continue Reading
-
What the Azure AD Connect vulnerability can teach enterprises
Enterprises should learn from a Microsoft Azure AD Connect vulnerability that security requires a hands-on approach. Expert Rob Shapland takes a closer look at the permissions flaw. Continue Reading
-
Patch management programs: Who should run them?
Patch management is a crucial part of enterprise security defenses, but should security teams be in charge of it? Charles Kao explains how to make patching programs successful. Continue Reading
-
Continuous security monitoring advances automated scanning
Battling threats in today's fast-paced cyberworld means shutting down vulnerabilities fast, which requires round-the-clock monitoring. Learn how to make it happen in your company. Continue Reading
-
Automated patch management and the challenges from IoT
From creating an inventory to scanning for IoT vulnerabilities, learn the key steps to take when it comes to automating patch management in your company. Continue Reading
-
Why the Bleichenbacher attack is still around
The Bleichenbacher attack got a new name after 20 years. Expert Michael Cobb reviews the ROBOT attack and discusses why it's still active this long after it emerged. Continue Reading
-
Web vulnerability scanners: What you won't learn from vendors
Web security flaws are a serious issue that web vulnerability scanners can manage. Discover your best fit scanner as expert Kevin Beaver shares tips that vendors won't tell you. Continue Reading
-
Protecting safety instrumented systems from malware attacks
Trisis malware targets safety instrumented systems and puts industrial control systems at risk. Expert Ernie Hayden reviews what to know about SIS and its security measures. Continue Reading
-
Use software forensics to uncover the identity of attackers
By analyzing the proverbial fingerprints of malicious software -- its program code -- infosec pros can gain meaningful insights into an attacker's intent and identity. Continue Reading
-
Embedded application security: Inside OWASP's best practices
OWASP released a draft of new guidelines for creating secure code within embedded software. Expert Judith Myerson discusses best practices, pitfalls to avoid and auditing tools. Continue Reading
-
How to prevent SQL injection attacks in your enterprise
SQL injection attacks threaten enterprise database security, but the use of cloud services can reduce the risk. Here's a look at some alternative SQL injection protection methods. Continue Reading
-
What enterprises need to know about ransomware attacks
Ransomware attacks on enterprises are often the result of a company's poor IT hygiene. Expert Joe Granneman looks at attacks like those by WannaCry and SamSam ransomware. Continue Reading
-
Mobile security issues require a unified approach
Security gaps in mobile devices can be many and varied, but they must be addressed immediately. Unified endpoint management is the next-gen way to close the gaps. Continue Reading
-
Counter mobile device security threats with unified tools
Attacks on enterprise mobile endpoints are more lethal than ever. To help infosec pros fight back, enterprise mobile management has unified to fortify defenses. Continue Reading
-
Dynamic application security testing, honeypots hunt malware
Stealth is an attacker's best friend, especially when it comes to sneaking malware past the firewall. Learn about some trusty tools that can stop malware in its tracks. Continue Reading
-
Cloud security lessons to learn from the Uber data breach
Any organization that uses cloud services can learn something from the 2016 Uber data breach. Expert Ed Moyle explains the main takeaways from the massive breach. Continue Reading
-
Information security certification guide: Specialized certifications
This information security certification guide looks at vendor-neutral certifications in specialized areas such as risk management, security auditing and secure programming. Continue Reading
-
How to manage application security risks and shortcomings
A lack of proper testing, communication and insight into best practices all contribute to application security shortcomings. Kevin Beaver explains how to manage the risks. Continue Reading
-
Fight a targeted cyberattack with network segmentation, monitoring
It takes a variety of tactics, including network segmenting and monitoring, to safeguard the network. Learn the latest defenses to keep your network safe. Continue Reading
-
Bypassing facial recognition: The means, motive and opportunity
Researchers bypassed Apple's facial recognition authentication program, Face ID, in under a week. Expert Michael Cobb explains why it's not a major cause for concern for users. Continue Reading
-
Information security certification guide: Forensics
This information security certificate guide looks at vendor-neutral computer forensics certifications for IT professionals interested in cyber attribution and investigations. Continue Reading
-
Cryptojacking: How to navigate the bitcoin mining threat
Due to the rising value of bitcoin and other cryptocurrency, hackers have started to use cryptojacking to mine bitcoin. Learn what this means for end users with expert Nick Lewis. Continue Reading
-
Information security certification guide: Advanced level
Part three of this information security certification guide looks at vendor-neutral advanced security certifications for more experienced IT professionals. Continue Reading
-
How are middleboxes affecting the TLS 1.3 release date?
Despite fixing important security problems, the official TLS 1.3 release date keeps getting pushed back, in part due to failures in middlebox implementations. Continue Reading
-
Insider threat behavior: How to identify warning signs
Enterprises can prevent insider threat incidents if they know what to look for. Peter Sullivan explains the precursors to and precipitating events for insider threat behavior. Continue Reading
-
How HTTP security headers can defend enterprise systems
HTTP security headers that have the right configurations can be used as defense methods against cyberattacks. Expert Judith Myerson outlines how to use headers this way. Continue Reading
-
TLS 1.3: What it means for enterprise cloud use
The latest draft version of TLS 1.3 is out, and it will likely affect enterprises that use cloud services. Expert Ed Moyle explains the impact on users and their monitoring controls. Continue Reading
-
What the OWASP IoT security project means for device creation
The OWASP IoT security project aims to get developers to incorporate security at the beginning of a device's life. Expert Ernie Hayden outlines how it is tackling the issue. Continue Reading
-
Security compliance standards as a guide in endpoint plans
Consider security compliance regulations for your industry as a starting point and a guide for planning your specific approach to enterprise endpoint protection. Continue Reading
-
The endpoint security controls you should consider now
With the perimeter wall gone, securing enterprise endpoints is even more essential. Learn how automation and other developments can up endpoint protection now. Continue Reading
-
IT sabotage: Identifying and preventing insider threats
Preventing IT sabotage from insider threats can be a challenge. Peter Sullivan explains how enterprises should monitor for characteristics of insider threat behavior. Continue Reading
-
The 12 biggest cloud security threats, according to the CSA
The Cloud Security Alliance reported what it found to be the biggest cloud security threats. Expert Rob Shapland looks at how cloud risks compare to on-premises risks. Continue Reading
-
Mobile app risks: Five things enterprises should consider
Just like any other risk in the enterprise, mobile app risks need to be a top priority. Join Kevin Beaver as he explains the dangers that unsecure mobile apps pose. Continue Reading
-
The ROCA vulnerability: How it works and what to do about it
The ROCA vulnerability is a serious flaw in cryptographic keys. Expert Michael Cobb explains what the flaw is, how it works and what can be done to lessen the risk to enterprises. Continue Reading
-
Information security certification guide: Intermediate level
Part two of this information security certificate guide looks at vendor-neutral intermediate certifications for IT professionals interested in midlevel positions. Continue Reading
-
A look at the key GDPR requirements and how to meet them
Meeting the most important GDPR requirements is a great first step to compliance with the new regulation. Expert Steve Weil outlines how to get started on GDPR compliance. Continue Reading
-
Get great results from authenticated vulnerability scanning
Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection. Continue Reading
-
Cryptographic keys: Your password's replacement is here
As passwords become targets of phishing attacks, password management has become increasingly difficult. Expert Nick Lewis explains how cryptographic keys could replace passwords. Continue Reading
-
Prevent attacks with these security testing techniques
Software bugs are more than a nuisance. Errors can expose vulnerabilities. Here’s the good news: These security testing tools and techniques can help you avoid them. Continue Reading
-
How to manage HTTP response headers for IIS, Nginx and Apache
HTTP response header configuration files on servers need to be set up properly to secure sensitive data. Expert Judith Myerson outlines how to do this on different types of servers. Continue Reading
-
Information security certifications: Introductory level
This series looks at the top information security certifications for IT professionals. Part one reviews basic, vendor-neutral certifications for entry-level positions. Continue Reading
-
How machine learning-powered password guessing impacts security
A new password guessing technique takes advantage of machine learning technologies. Expert Michael Cobb discusses how much of a threat this is to enterprise security. Continue Reading
-
Use caution with OAuth 2.0 protocol for enterprise logins
Many apps are using the OAuth 2.0 protocol for both authentication and authorization, but technically it's only a specification for delegated authorization, not for authentication. Continue Reading
-
Data breach litigation: What enterprises should know
Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach. Continue Reading
-
How a technology advisory group can benefit organizations
A technology advisory group can have an irreplaceable impact on an organization. Kevin McDonald explains how volunteer advisors can aid law enforcement and other organizations. Continue Reading