Bookshelf
-
How to prevent SQL injection with prepared statements
One of the top defenses against SQL injection is prepared statements. In this book excerpt, learn what prepared statements are and how to extend their defense. Continue Reading
-
How to maintain security with an understaffed security team
Unsurprisingly, many companies function without a complete security team. Security tasks often fall to others in the organization. Here's some advice for stand-in security members. Continue Reading
-
Data drives corporate social responsibility in tourism
Mohammed El Amine Abdelli explains the tourism industry's need for a corporate social responsibility framework in his book 'Sustainability, Big Data, and Corporate Social Responsibility.' Continue Reading
-
8 communication and collaboration books to read in 2022
Communication and collaboration tools are more important than ever as the workforce shifts to hybrid and remote work. Check out these books to learn more. Continue Reading
-
Defining requirements key to manage machine learning projects
Machine learning projects are likely to fail without proper planning. 'Managing Machine Learning Projects' provides guidance on how to plan by defining ML project requirements. Continue Reading
-
Consider ethical technology issues with data center growth
Authors Harry Lewis and Ken Ledeen discuss ethical issues organizations should consider when expanding data center, data collection and technological capabilities. Continue Reading
-
Advice for beginner computer forensic investigators
For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence. Continue Reading
-
8 cybersecurity books to read in 2023
Brush up on your cybersecurity skills by picking up one of these titles. Continue Reading
-
9 workplace diversity books to read in 2022
Learn to create and foster an inclusive culture for innovation and a sense of belonging for all employees. Continue Reading
-
Top 10 pen testing interview questions with answers
Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
-
Top IT security manager interview questions
Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
-
How to reap the benefits of data integration, step by step
A new book lays out a strong case for data integration and guides readers in how to carry out this essential process. Continue Reading
-
Why Kali Linux is the go-to distribution for penetration testing
Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
-
Explore the pros and cons of Go for DevOps
Author and Docker engineer Teiva Harsanyi explains the benefits of Golang -- including why he sees it as the future of back-end development -- and how to avoid common pitfalls. Continue Reading
-
Sample CompTIA CASP+ practice questions with answers
Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
-
How to prepare for the CompTIA CASP+ exam
Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
-
Techniques to get started with green networking
'Emerging Green Technologies' details how technology is a flexible tool organizations can use to make business operations more sustainable. Here's how to make your network green. Continue Reading
-
How energy-efficient networking supports sustainability
In this Q&A, 'Emerging Green Technologies' author Matthew N. O. Sadiku discusses the importance of going green and how to make networks energy-efficient to achieve this goal. Continue Reading
-
Funny JavaScript for programmers who love literature
Learn about the book 'If Hemingway Wrote JavaScript' by Angus Croll and how JavaScript gives programmers the ability to create interactive code. Continue Reading
-
Humorous AI is a riddle worth solving
Learn why Tony Veale -- author of the book 'Your Wit is my Command' -- believes comedic machines could change the world for the better. Continue Reading
-
A look inside the Cisco DevNet Professional study guide
Learn how network automation works with software development in this chapter excerpt from 'Cisco Certified DevNet Professional DEVCOR 350-901 Official Cert Guide.' Continue Reading
-
DevNet authors discuss Cisco DEVCOR book, automation
The authors of a Cisco DevNet Professional DEVCOR study guide provide insights about the growth of network automation, CI/CD and programmability. Continue Reading
-
11 practice questions for Cisco DEVCOR 350-901 exam
Think you know network automation? Take this practice exam from Chapter 10 of 'Cisco Certified DevNet Professional DEVCOR 350-901 Official Cert Guide' to test your expertise. Continue Reading
-
How to approach learning technologies in the workplace
Author Ria O'Donnell discusses the importance of continuing professional development and how to approach digital learning technologies in the workplace, including VR and AI. Continue Reading
-
Is ethical hacking legal? And more ethical hacking advice
Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker. Continue Reading
-
Ethical hacking: How to conduct a Sticky Keys hack
Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack. Continue Reading
-
Importance of enterprise endpoint security during a pandemic
Enterprises often focus greatly on communications security and less on endpoint security. Review the importance of enterprise endpoint security and best practices to implement it. Continue Reading
-
Cybersecurity lessons learned from COVID-19 pandemic
Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading
-
The white-box model approach aims for interpretable AI
The white-box model approach to machine learning makes AI interpretable since algorithms are easy to understand. Ajay Thampi, author of 'Interpretable AI,' explains this approach. Continue Reading
-
Why API naming conventions matter, and how to master the art
Naming APIs can be a daunting process, since it requires a balance between simplicity and clarity. JJ Geewax, author of 'API Design Patterns,' has some advice for developers. Continue Reading
-
Tips to plan storage elements of artificial intelligence
Author and data engineer Chinmay Arankalle explores how organizations can manage storage for AI. Management and storage options include data lakes and high-performance storage. Continue Reading
-
Considerations to plan AI storage architecture for big data
This chapter from 'The Artificial Intelligence Infrastructure Workshop' examines how to plan for AI data storage. Plan for factors like volume and scale for long-term success. Continue Reading
-
How businesses navigate the world of metaverse shopping
'The Metaverse Handbook' highlights the unique opportunity offered to retailers and game developers to join forces and gamify the shopping experience. Continue Reading
-
Clearing up cybersecurity architecture confusion, challenges
There's no lack of cybersecurity frameworks, but there is a lack of resources to help small and midsize organizations build a cybersecurity architecture -- until now. Continue Reading
-
4 criteria to measure cybersecurity goal success
Measuring the success of cybersecurity goals is challenging because they are components of larger goals and often probabilistic rather than deterministic. Continue Reading
-
How to write a cybersecurity job posting
Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading
-
A 'CISO evolution' means connecting business value to security
As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
-
How to find your niche in cybersecurity
It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading
-
Justice, equity, diversity and inclusion: Essentials for businesses
As the demographics in the modern workforce change, so, too, do the demands. Continue Reading
-
Podman: A worthy alternative to Docker for containers
Podman has long stood in Docker's shadow, but 'Podman in Action' author Daniel Walsh hopes to shine a light on Podman within the container market. Continue Reading
-
How to determine out-of-scope bug bounty assets
What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.' Continue Reading
-
An enterprise bug bounty program vs. VDP: Which is better?
Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground. Continue Reading
-
The link between employee experience and customer experience
A customer's experience with an organization is only as good as an employee's experience. Business leaders should know that empathy is key to employee and customer success. Continue Reading
-
Hybrid meeting best practices emphasize engagement
In this book excerpt from 'Suddenly Hybrid,' learn about some hybrid meeting best practices that support engagement, regardless of where attendees are located. Continue Reading
-
Effective hybrid meetings require training, equity, best practices
Authors Karin M. Reed and Joseph A. Allen discuss the need for proper training and best practices to support inclusive and effective hybrid meetings. Continue Reading
-
How ransomware kill chains help detect attacks
Reconstructing cyber attacks is a key step in incident response. Learn how ransomware kill chains can help security teams detect and mitigate the consequences of an attack. Continue Reading
-
How to improve cyber attack detection using social media
Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how. Continue Reading
-
Implementing wireless security in the enterprise
Learn how to properly secure your enterprise wireless network while considering UX, zero trust and commonly overlooked architectural mistakes. Continue Reading
-
How to design architecture for enterprise wireless security
Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture. Continue Reading
-
Whip up recipes with 'Elasticsearch 8.x Cookbook'
Elasticsearch is a powerful and potentially complicated tool. With 'Elasticsearch 8.x Cookbook,' users can split exercises into manageable bites. Continue Reading
-
Case study: Why it's difficult to attribute nation-state attacks
If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
-
Tips for using a threat profile to prevent nation-state attacks
Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading
-
Rethinking asynchronous communication in remote work
Remote work carries different expectations for communication. Learn how to shift to asynchronous communication to create more equitable collaboration among remote employees. Continue Reading
-
Remote work effectiveness requires adjusting expectations
Author James Stanier discusses the lessons from 'Effective Remote Work' in adapting to asynchronous communication and preparing for the hybrid workplace. Continue Reading
-
How to conduct Linux privilege escalations
Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts. Continue Reading
-
Why companies should focus on preventing privilege escalation
If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them. Continue Reading
-
An introduction to binary diffing for ethical hackers
Binary diffing is a useful tool in the ethical hacker's arsenal. This excerpt teaches aspiring penetration testers and red teamers how to get started. Continue Reading
-
Unethical vulnerability disclosures 'a disgrace to our field'
The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
-
Sound business process architecture requires key traits
Business processes require a coherent enterprise-level architecture. In this excerpt from his new book, Roger Burlton identifies key traits business processes should share. Continue Reading
-
Stochastic processes have various real-world uses
The breadth of stochastic point process applications now includes cellular networks, sensor networks and data science education. Data scientist Vincent Granville explains how. Continue Reading
-
Stochastic point processes and their practical value
Data scientists learn and utilize stochastic point processes for myriad pragmatic uses. Data scientist Vincent Granville explains this in his new book. Continue Reading
-
How to implement OpenID Connect for single-page applications
The OpenID Connect authentication protocol can be used to secure a variety of applications. This excerpt teaches developers how it works with single-page applications. Continue Reading
-
How to use OpenID Connect for authentication
OpenID Connect has become a trusted protocol to connect with identity providers. Explore how to use it for IAM, common threats to be aware of and how to connect to multiple IdPs. Continue Reading
-
The importance of HR's role in cybersecurity
HR teams must keep security top of mind when hiring and onboarding employees and enforcing data privacy policies. Get advice on the procedures and mechanisms to do so. Continue Reading
-
Why CISOs need to understand the business
While CISOs need technical skills, business skills help them push their team's agenda and get the support and funding they need to protect their company. Continue Reading
-
The role of NVMe network storage for the future
This chapter excerpt from 'Building a Future-Proof Cloud Infrastructure' examines the role networking and storage protocols, like NVMe, could have in the remote storage market. Continue Reading
-
New approaches create opportunity to turn data into value
Bill Schmarzo, a data science industry thought leader, discusses how organizations can reframe their view of data using economic concepts to turn data into value. Continue Reading
-
Improve data value by relying on economic principles
Bill Schmarzo, author of 'The Economics of Data, Analytics, and Digital Transformation,' discusses how organizations can improve data value by incorporating economic concepts. Continue Reading
-
Try a network configuration quiz to study for Network+ exam
Use these sample questions from CompTIA's 'Official CompTIA Network+ Self-Paced Study Guide (Exam N10-008)' in preparation for your certification exam. Continue Reading
-
Study various network types, topologies for configuration
Those looking to earn a Network+ certification need to learn about network types, topologies, network design best practices and more. James Pengelly's book covers those topics. Continue Reading
-
Network design considerations for Network+ exam prep
One of the first things network pros should learn is how to design a network. In this Q&A, author James Pengelly discusses best practices for network configuration. Continue Reading
-
Tips for creating a cybersecurity resume
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
-
How to manage imposter syndrome in cybersecurity
The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
-
Implement API rate limiting to reduce attack surfaces
Rate limiting can help developers prevent APIs from being overwhelmed with requests, thus preventing denial-of-service attacks. Learn how to implement rate limiting here. Continue Reading
-
API security methods developers should use
Developers can reduce the attack surface by implementing security early in the API development process and knowing methods to secure older APIs that can't be deprecated. Continue Reading
-
Enhancing the efficiency of remote team communication
Successful remote team communication requires thoughtfully examining how teams use collaboration tools and designing interactions that improve the efficiency of remote teams. Continue Reading
-
Remote communication best practices need mindful approach
Authors Matthew Skelton and Manuel Pais discuss how to apply the lessons from their 'Remote Teams Interactions Workbook' to develop remote communication best practices for teams. Continue Reading
-
Radical collaboration in enterprises: How does it work?
What would a world with 'no bureaucracies, no bosses and no bull' look like? Like success, says Matt Parker in his new book, 'A Radical Enterprise.' Continue Reading
-
Automated machine learning improves project efficiency
Until recently, machine learning projects had a small chance of success given the amount of time they require. Automated machine learning software speeds up the process. Continue Reading
-
Learn the benefits of interpretable machine learning
In this excerpt from 'Interpretable Machine Learning with Python,' read how machine learning models and algorithms add value when they are both interpretable and explainable. Continue Reading
-
AutoML platforms push data science projects to the finish line
Data science projects often have trouble reaching the production phase, but automated machine learning platforms are accelerating data scientists' work to help them come to fruition. Continue Reading
-
Interpretability and explainability can lead to more reliable ML
Interpretability and explainability as machine learning concepts make algorithms more trustworthy and reliable. Author Serg Masís assesses their practical value in this Q&A. Continue Reading
-
A day in the life of a cybersecurity manager
The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
-
Top cybersecurity leadership challenges and how to solve them
Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
-
How to prepare for malicious insider threats
Stopping malicious insider threats is just as important as preventing external ones. Uncover what to look for and strategies to prevent insider threats before they cause damage. Continue Reading
-
Include defensive security in your cybersecurity strategy
Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
-
Tableau dashboard tips and tricks from an expert author
In this excerpt from his new book on using Tableau CRM, data expert Mark Tossell takes readers step by step through best practices for dashboard creation. Continue Reading
-
Nmap use cases, tools and product comparisons
Nmap is historically known for port scanning, but thanks to several subprojects, its use cases have expanded. Learn how Nmap is used, along with other comparable tools. Continue Reading
-
How to use Nmap to scan specific ports
One of Nmap's primary functions is conducting port scans. In this walkthrough, learn how to launch a default scan, along with other options that affect Nmap port scan behavior. Continue Reading
-
New book explores business benefits of immersive technology
Immersive technologies will transform business, with weighty consequences for the global economy. Learn what extended reality can do in this book excerpt by PwC's XR chief. Continue Reading
-
'Building the Data Lakehouse' explores next-gen architecture
This book excerpt by 'father of the data warehouse' Bill Inmon and experts Mary Levins and Ranjeet Srivastava explores the latest methods for wrangling data into usable intel. Continue Reading
-
Top infosec best practices, challenges and pain points
Weak infosec practices can have irrevocable consequences. Read up on infosec best practices and challenges, as well as the importance of cybersecurity controls and risk management. Continue Reading
-
9 wireless questions for Cisco's CCT, CCNA exams
Those looking to pass the Cisco CCT and CCNA certification exams will need to understand how wireless networking works. This practice quiz covers the basics of wireless networking. Continue Reading
-
Guide on wireless networking concepts for CCT, CCNA exams
Cisco's CCT and CCNA exams include wireless networking questions. Use this excerpt from Glen Clarke's 'CCT/CCNA Routing and Switching All-in-One Exam Guide' as a tool to prepare. Continue Reading
-
Learn the basics of wireless networking for exam prep
In this Q&A, author Glen Clarke introduces readers to wireless networking and outlines what CCT and CCNA test-takers should study when prepping for their exams. Continue Reading
-
Experts lay out data illiteracy's dangers, propose remedies
In this excerpt from their new book 'Data Literacy,' top data management experts Peter Aiken and Todd Harbour outline a new way to gauge data learnedness. Continue Reading
-
Elastic Stack Security tutorial: How to create detection rules
This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data. Continue Reading
-
Elastic Security app enables affordable threat hunting
New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers. Continue Reading
-
The components and objectives of privacy engineering
Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives. Continue Reading
-
The intersection of privacy by design and privacy engineering
Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how. Continue Reading
