Ask the Experts

Ask the Experts

• Types of hackers: Black hat, white hat, red hat and more

  Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers.  Continue Reading

• How to protect port 139 from SMB attacks

  Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk.  Continue Reading

• SPF, DKIM and DMARC: What are they and how do they work together?

  Internet protocols for email authentication -- SPF, DKIM and DMARC -- coordinate defense against spammers, phishing and other spoofed email problems.  Continue Reading

• Port scan attacks: What they are and how to prevent them

  Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and defend against port scan attacks.  Continue Reading

• Zero trust vs. defense in depth: What are the differences?

  Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other.  Continue Reading

• Reporting ransomware attacks: Steps to take

  The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process.  Continue Reading

• The 7 core pillars of a zero-trust architecture

  Learn how Forrester's Zero Trust Extended framework can help IT leaders identify, organize and implement the appropriate cybersecurity tools for a zero-trust framework.  Continue Reading

• Top 6 benefits of zero-trust security for businesses

  The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the top six business benefits of zero trust here.  Continue Reading

• What is extortionware? How does it differ from ransomware?

  Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware.  Continue Reading

• Stateful vs. stateless firewalls: Understanding the differences

  Stateful firewalls are the norm in most networks, but there are still times where a stateless firewall fits the bill. Learn how these firewalls work and what approach might be best.  Continue Reading

• The differences between inbound and outbound firewall rules

  Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses.  Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.  Continue Reading

• Best practices to conduct a user access review

  User entitlement reviews ensure only authorized users have access to essential systems and data. Uncover the steps of a user access review and helpful best practices.  Continue Reading

• What are the most important email security protocols?

  Email was designed without security considerations. Email security protocols, including SMPTS, SPF and S/MIME, add mechanisms to keep messaging safe from threats.  Continue Reading

• How to defend against TCP port 445 and other SMB exploits

  Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place.  Continue Reading

• How to use a public key and private key in digital signatures

  Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents.  Continue Reading

• Defining policy vs. standard vs. procedure vs. control

  Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control.  Continue Reading

• 3 best professional certifications for CISOs and aspiring CISOs

  While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs.  Continue Reading

• Compare zero trust vs. the principle of least privilege

  Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies.  Continue Reading

• How DKIM records reduce email spoofing, phishing and spam

  Learn how implementing DomainKeys Identified Mail helps protect against phishing, spam and email forgery by digitally signing outgoing messages.  Continue Reading

• Symmetric vs. asymmetric encryption: What's the difference?

  Explore the differences between symmetric vs. asymmetric encryption, including how they work and common algorithms, as well as their pros and cons.  Continue Reading

• Are 14-character minimum-length passwords secure enough?

  When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe.  Continue Reading

• Zero trust vs. zero-knowledge proof: What's the difference?

  Zero-knowledge proofs can help companies implement a zero-trust framework. Learn about the two concepts and how they come together to better secure networks.  Continue Reading

• What are the benefits and challenges of microsegmentation?

  Administrators are assessing microsegmentation to beef up access control and security. But deploying microsegmentation can be complex.  Continue Reading

• Comparing network segmentation vs. microsegmentation

  Network segmentation and microsegmentation both control access but vary in how they do it, as well as how granular their approach is. Learn the differences here.  Continue Reading

• Use microsegmentation to mitigate lateral attacks

  Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement.  Continue Reading

• What is shellcode and how is it used?

  Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware term and how to mitigate the risk.  Continue Reading

• Is bitcoin safe? How to secure your bitcoin wallet

  As bitcoin use increases, so too have the number of cyber attacks on cryptocurrency exchanges and wallets. Learn how to keep bitcoin use secure.  Continue Reading

• The top 7 identity and access management risks

  An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that might arise?  Continue Reading

• How to prevent software piracy

  Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property.  Continue Reading

• The top 6 SSH risks and how regular assessments cut danger

  By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is secure.  Continue Reading

• What's the difference between sandboxes vs. containers?

  Understanding the differences between sandboxes vs. containers for security can help companies determine which best suits their particular use cases.  Continue Reading

• Explore benefits and challenges of cloud penetration testing

  Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help inform cloud pen test strategies.  Continue Reading

• Manage unsuccessful login attempts with account lockout policy

  Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to prevent credential-based attacks.  Continue Reading

• Site-to-site VPN security benefits and potential risks

  Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk.  Continue Reading

• How to send secure email attachments

  Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently, negating security benefits.  Continue Reading

• How to prevent network eavesdropping attacks

  One of the biggest challenges of network eavesdropping attacks is they are difficult to detect. Read about prevention measures to help keep your network safe from snoopers and sniffers.  Continue Reading

• 6 key identity and access management benefits

  Identity and access management is beneficial not just for users, security and IT admins, but also enterprises as a whole. Read up on the six key advantages of an IAM framework.  Continue Reading

• Identity management vs. authentication: Know the difference

  Andrew Froehlich breaks down how authentication and identity management differ and how each of them are intrinsic to an identity and access management framework.  Continue Reading

• How to protect workloads using a zero-trust security model

  Never trust, always verify. Learn how to implement a zero-trust security model to help manage risk and protect IT workloads at your organization.  Continue Reading

• Identifying and troubleshooting VPN session timeout issues

  Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet connection, the VPN vendor or the user device.  Continue Reading

• Is VPN split tunneling worth the security risks?

  Enabling VPN split tunneling may increase speed and decrease bandwidth use and costs, but it also increases the number of security vulnerabilities faced.  Continue Reading

• The risks and effects of spyware

  Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix infected devices.  Continue Reading

• The differences between web roles and worker roles in Azure

  What sets web roles and worker roles apart in Microsoft's Azure Cloud Services? Here's a look at how they are different.  Continue Reading

• Considering the differences in LAN vs. WAN security

  Given the differences in the security of LAN and WAN, enterprises need to guard against insider threats, secure against unauthorized access and potentially secure the edge, too.  Continue Reading

• Risk management vs. risk assessment vs. risk analysis

  Understanding risk is the first step to making informed budget and security decisions. Explore the differences between risk management vs. risk assessment vs. risk analysis.  Continue Reading

• Good cybersecurity thesis topics for a master's degree

  Writing a master's thesis? A strong topic positions you for academic and professional success, while a weak one promises to make an already intensive process arduous at best.  Continue Reading

• Wired vs. wireless network security: Best practices

  Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires.  Continue Reading

• How to combat the top 5 enterprise social media risks in business

  Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology.  Continue Reading

• What are the most common digital authentication methods?

  In order to build and maintain a comprehensive access management program, enterprise leaders must get to know the various forms of digital authentication at their disposal.  Continue Reading

• How effective are traditional authentication methods?

  Are you up to date on the most popular digital authentication methods and their potential cybersecurity risks? Learn how the right technology can improve and secure access management.  Continue Reading

• 7 TCP/IP vulnerabilities and how to prevent them

  While many TCP/IP security issues are in the protocol suite's implementation, there are some vulnerabilities in the underlying protocols to be aware of.  Continue Reading

• Host IDS vs. network IDS: Which is better?

  Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security.  Continue Reading

• How to prevent port scan attacks

  The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks.  Continue Reading

• How can companies identify IT infrastructure vulnerabilities?

  New, sophisticated technology is available to help infosec pros find IT infrastructure vulnerabilities. Automated pen testing and outsourcing threat intelligence services can help.  Continue Reading

• What are best practices for a modern threat management strategy?

  Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management strategy that helps with both.  Continue Reading

• IT security threat management tools, services to combat new risks

  Advances in tools and services are changing IT security threat management. Learn how infosec pros are using UTM platforms, AI and threat intelligence services to alleviate risk.  Continue Reading

• What is the role of CISO in network security?

  The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees.  Continue Reading

• The network security tools to combat modern threats

  Incorporating new network security tools and methods into your enterprise's infosec program may mean the difference between staying safe or falling victim to an attack.  Continue Reading

• What are the top network security techniques for modern companies?

  Protecting the enterprise network remains integral to overall IT security. Here are the top network security techniques enterprises are using to protect data.  Continue Reading

• Do you have the right set of penetration tester skills?

  Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path.  Continue Reading

• Comparing Diffie-Hellman vs. RSA key exchange algorithms

  See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown.  Continue Reading

• What are the roles and responsibilities of a liaison officer?

  While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them critical to incident response.  Continue Reading

• The difference between AES and DES encryption

  Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES.  Continue Reading

• Is a cybersecurity insurance policy a worthy investment?

  Variables such as third-party business partners create unique cyberthreats for organizations. Find out when a cybersecurity insurance policy is a wise investment to prevent risk.  Continue Reading

• How should I choose a cybersecurity insurance provider?

  To vet potential cybersecurity insurance providers, there are a few questions every customer should ask. Learn more about the questions to ask and how to get the answers you need.  Continue Reading

• What types of cybersecurity insurance coverage are available?

  Cybersecurity insurance coverage could prove invaluable to risk mitigation -- if it's chosen carefully. Find out which type of insurance plan is right for your organization.  Continue Reading

• Should I invest in attack simulation tools?

  Attack simulation tools -- along with third-party penetration testing -- can help improve an organization's enterprise security. Find out why.  Continue Reading

• Penetration testing vs. red team: What's the difference?

  Is penetration testing the same as red team engagement? There are similarities, but they're not the same. Understand the differences to improve your organization's cyberdefenses.  Continue Reading

• When should I use breach and attack simulation tools?

  Thanks to automation and other features, breach and attack simulation tools are an effective way to help network administrators keep their operations secure.  Continue Reading

• Do network layer and application layer DDoS attacks differ?

  Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects.  Continue Reading

• What's the purpose of CAPTCHA technology and how does it work?

  Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums and blog comment sections.  Continue Reading

• What's the best way to prevent XSS attacks?

  To prevent cross-site scripting attacks, software developers must validate user input and encode output. Review characters to filter out, as well as sources and sinks to avoid.  Continue Reading

• The difference between zero-day vulnerability and zero-day exploit

  A zero-day vulnerability isn't the same as a zero-day exploit. Learn the difference between these two zero-day terms, as well as why they should be high priority on any CISO's patching list.  Continue Reading

• Why is patch management important?

  Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.  Continue Reading

• How to build an enterprise penetration testing plan

  Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.  Continue Reading

• What are the pros and cons of outsourcing IT security?

  Companies are facing increased costs when maintaining an internal security group. Outsourcing IT security has its advantages, but there are some challenges to keep in mind.  Continue Reading

• What's the best way to approach multi-cloud security?

  Multi-cloud security can be challenging, but new tools promise to ease some of the problems associated with managing resources across multiple CSPs.  Continue Reading

• How can endpoint security features help combat modern threats?

  The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on.  Continue Reading

• Attackers turn the tables on incident response strategies

  Attackers expect incident response strategies and have a plan for when they encounter them. Find out how to take IR to the next level against attacker incident response counterstrategies.  Continue Reading

• Do I need to adopt a cybersecurity framework?

  A comprehensive cybersecurity framework can help businesses avoid costly attacks. But there are other advantages.  Continue Reading

• What's the best way to maintain top cybersecurity frameworks?

  Keeping top cybersecurity frameworks up to date means understanding how a business evolves and changes. What steps should you take to maintain your security strategy?  Continue Reading

• What are the core components of a cybersecurity framework?

  Cybersecurity frameworks differ from one company to another, but each plan has four fundamental stages. Find out what you need to know.  Continue Reading

• What is the best way to write a cloud security policy?

  Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these policy writing best practices.  Continue Reading

• What are the top cloud security certifications for 2019?

  Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications available from expert Nick Lewis.  Continue Reading

• How can developers avoid a Git repository security risk?

  Learn how managing web development content with the popular version control system can be risky without taking action to avoid these basic Git repository security risks.  Continue Reading

• What is subdomain takeover and why does it matter?

  Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks.  Continue Reading

• What is MTA-STS and how will it improve email security?

  Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers.  Continue Reading

• Why are fewer companies using SMS 2FA for authentication?

  Instead of SMS two-factor authentication, some companies are switching to 2FA through messaging apps and social media platforms. Learn what's behind this authentication trend.  Continue Reading

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together.  Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up.  Continue Reading

• How does an identity and access management framework work?

  A comprehensive identity and access management framework is an IT necessity. But how do the two components work together?  Continue Reading

• How important is security awareness training for executives?

  Corporate executives are prime targets for spies and hackers, and that is why security awareness training for executives is so important.  Continue Reading

• What are the most important security awareness training topics?

  Organizations looking to heighten security awareness among employees need to cover a wide variety of security awareness training topics, but social engineering tops the list.  Continue Reading

• Can PDF digital signatures be trusted?

  Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures.  Continue Reading

• What is post-quantum cryptography and should we care?

  Post-quantum cryptographic algorithms are aimed at securing encrypted data against super-powerful computers in the future, but will they even be necessary? Hanno Böck explains.  Continue Reading

• How concerned should I be about a padding oracle attack?

  Padding oracle attacks have long been well-known and well-understood. Find out how they work and why using modern encryption protocols can reduce the risks.  Continue Reading

• How can I detect fileless malware attacks?

  Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns.  Continue Reading

• How do I stop the screaming channel wireless threat?

  A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks?  Continue Reading

• Why do DDoS attack patterns rise in the autumn?

  DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks?  Continue Reading