Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
What is Common Vulnerabilities and Exposures (CVE)?
Common Vulnerabilities and Exposures (CVE) is a publicly listed catalog of known security threats. Continue Reading
What skills are needed for a successful career in IAM?
In the zero-trust era, identity management is critical to an organization's cybersecurity posture. What skills are required to transition into a career in IAM? Continue Reading
-
What is a whaling attack (whaling phishing)?
A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive ... Continue Reading
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers. Continue Reading
-
Definitions to Get Started
- What is Common Vulnerabilities and Exposures (CVE)?
- What is a whaling attack (whaling phishing)?
- What is a spam trap?
- What is identity governance and administration (IGA)?
- What is machine identity management?
- What is unified threat management (UTM)?
- What is two-factor authentication (2FA)?
- What is authentication, authorization and accounting (AAA)?
What is identity governance and administration (IGA)?
Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.Continue Reading
Identity management vs. authentication: Know the difference
Learn how authentication and identity management are both intrinsic to an identity and access management framework. Learn how they differ and the role each one plays.Continue Reading
How to build a Python port scanner
Python offers beginning coders a lot of flexibility and is a novel way to build tools designed to probe port performance across your network.Continue Reading
What is machine identity management?
Machine identity management focuses on the machines connected to and accessing resources on a network.Continue Reading
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.Continue Reading
-
How to create an incident response playbook with template
Using an incident response playbook can speed up an organization's responses to cyberattacks. Find out how to build repeatable playbooks to use for different types of incidents.Continue Reading
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution.Continue Reading
Types of cybersecurity controls and how to place them
A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset.Continue Reading
What is two-factor authentication (2FA)?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.Continue Reading
What is authentication, authorization and accounting (AAA)?
Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network.Continue Reading
Equipment to include in a computer forensic toolkit
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit.Continue Reading
EDR vs. EPP: How are they different and which is right for you?
Endpoint detection and response tools and endpoint protection platforms offer similar security features. Which is better for your organization: EDR, EPP or both?Continue Reading
How to detect DDoS attacks
DDoS attacks are on the rise -- again. While they usually strike without warning, there are some red flags to be aware of. Rapid detection is key to surviving such an attack.Continue Reading
How AI is making phishing attacks more dangerous
Cybercriminals are using AI chatbots, such as ChatGPT, to launch sophisticated business email compromise attacks. Cybersecurity practitioners must fight fire with fire.Continue Reading
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.Continue Reading
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.Continue Reading
What is extended detection and response (XDR)?
Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment.Continue Reading
What is OPSEC (operations security)?
OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.Continue Reading
What is user behavior analytics (UBA)?
User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems.Continue Reading
How to use security as code to achieve DevSecOps
Security as code helps organizations achieve DevSecOps and shift-left security. Learn about SaC's benefits, challenges and implementation best practices.Continue Reading
How to conduct firewall testing and analyze test results
A misconfigured firewall can wreak havoc throughout your organization. Firewall testing to ensure rules are written correctly and that any changes are validated is critical.Continue Reading
API security maturity model to assess API security posture
As API use proliferates, attackers are targeting them to exploit networks and data. This six-domain API security maturity model can assess weaknesses and vulnerabilities.Continue Reading
What is Android System WebView and should you uninstall it?
Android System WebView is a system component for the Android operating system (OS) that enables Android apps to display web content directly inside an application.Continue Reading
What is WPA3 (Wi-Fi Protected Access 3)?
WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance. WPA3 is the latest updated implementation of WPA2, which has been in use since 2004.Continue Reading
What is access control?
Access control is a security technique that regulates who or what can view or use resources in a computing environment.Continue Reading
5 online payment security best practices for enterprises
Ensuring the security of your company's online payment systems is key to preventing costly attacks, meeting compliance requirements and maintaining customer trust.Continue Reading
How to use tcpreplay to replay network packet files
The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility.Continue Reading
ASPM vs. ASOC: How do they differ?
Application security posture management and application security orchestration and correlation tools both aim to secure applications but use different methodologies.Continue Reading
How to prepare for post-quantum computing security
One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations.Continue Reading
What is email spam and how to fight it?
Email spam, also known as 'junk email,' refers to unsolicited email messages, usually sent in bulk to a large list of recipients. Humans send spam, but more often, botnets are responsible for sending it.Continue Reading
Explaining cybersecurity tabletop vs. live-fire exercises
Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ.Continue Reading
What is identity threat detection and response (ITDR)?
Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure.Continue Reading
What is MXDR, and do you need it?
Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment.Continue Reading
What is threat hunting? Key strategies explained
If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know.Continue Reading
What is cybercrime and how can you prevent it?
Cybercrime is any criminal activity that involves a computer, network or networked device.Continue Reading
Types of hackers: Black hat, white hat, red hat and more
Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers.Continue Reading
How to use Tor -- and whether you should -- in your enterprise
The Tor browser has sparked discussion and dissension since its debut. Does the software, which promises anonymous and secure web access, have a role to play in the enterprise?Continue Reading
How frictionless authentication works in online payments
Online retailers face a challenge: Make the payment process quick and easy for legitimate customers but not for fraudsters. Frictionless authentication can help.Continue Reading
What is cloud detection and response (CDR)?
Cloud computing requires a security approach that is different than traditional protections. Where does cloud detection and response fit into a cybersecurity strategy?Continue Reading
Guide to data detection and response (DDR)
Data is one of the most important assets in any organization. To truly protect it, you need a DDR strategy. Here's what you need to know, with tips on buying DDR tools.Continue Reading
What is an endpoint protection platform (EPP)?
An endpoint protection platform (EPP) is a security technology that safeguards endpoint devices.Continue Reading
The 5 different types of firewalls explained
The firewall remains a core fixture in network security. But, with five types of firewalls, three firewall deployment models and multiple placement options, things can get confusing.Continue Reading
12 types of endpoint security
With the rise of remote work, mobile devices and IoT, the traditional security perimeter extends beyond corporate networks, making endpoint security crucial for organizations.Continue Reading
What is endpoint security? How does it work?
Endpoint security is the protection of endpoint devices against cybersecurity threats.Continue Reading
What is cyber attribution?
Cyber attribution is the process of tracking and identifying the perpetrator of a cyberattack or other cyber operation.Continue Reading
What is SSH (Secure Shell) and How Does It Work?
SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network.Continue Reading
What is a computer exploit?
A computer exploit, or exploit, is a program or piece of code developed to take advantage of a vulnerability in a computer or network system.Continue Reading
What is malware? Prevention, detection and how attacks work
Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server.Continue Reading
Types of MDR security services: MEDR vs. MNDR vs. MXDR
Considering MDR security services? There's more than one option available; learn how to find the best for your organization's security needs.Continue Reading
Intro: How to use BlackArch Linux for pen testing
BlackArch Linux offers a lot of pen testing and security benefits, but it requires knowledgeable and independent professionals who can put the distribution to work.Continue Reading
What is exposure management?
Exposure management is a cybersecurity approach to protecting exploitable IT assets.Continue Reading
Cloud detection and response: CDR vs. EDR vs. NDR vs. XDR
Cloud detection and response is the latest detection and response tool. Explore how it differs from endpoint, network and extended detection and response tools.Continue Reading
How to use Pwnbox, the cloud-based VM for security testing
Pwnbox offers users the chance to hone their skills about security concepts and tools without having to build a costly lab environment.Continue Reading
How to conduct a cloud security assessment
Cloud computing presents organizations of all types with a nearly endless array of security challenges. Is your security team keeping up – and how do you know?Continue Reading
What a cybersecurity analyst does and how to become one
Security analysts play a critical role in defending organizations' sensitive information from cyberattacks. Learn more about the position and how to pursue it.Continue Reading
What is an intrusion detection system (IDS)?
An intrusion detection system monitors (IDS) network traffic for suspicious activity and sends alerts when such activity is discovered.Continue Reading
How API attacks work, plus 5 common types
A growing number of API attacks put enterprises at risk of serious data breaches. Learn how these attacks work, and explore some API security best practices.Continue Reading
What is a cyber attack? How they work and how to stop them
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage.Continue Reading
16 common types of cyberattacks and how to prevent them
To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks and what to do to prevent them.Continue Reading
Top 10 cybersecurity interview questions and answers
Interviewing for a job in cybersecurity? Memorizing security terms won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them.Continue Reading
How to use Social-Engineer Toolkit
Testing system components for vulnerabilities is just one part of the network security equation. What's the best way to measure users' resilience to social engineering threats?Continue Reading
How to become a cybersecurity architect
From help desk support personnel to network admin, learn about the multiple paths that can lead to becoming an effective and knowledgeable cybersecurity architect.Continue Reading
5 essential programming languages for cybersecurity pros
Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals.Continue Reading
What qualifies as a material cybersecurity incident?
In SEC rules, a cyberincident's materiality hinges on its potential impact on a public company's standing. Learn what this means for cybersecurity disclosure requirements.Continue Reading
SPF, DKIM and DMARC: What are they and how do they work together?
Internet protocols for email authentication -- SPF, DKIM and DMARC -- coordinate defense against spammers, phishing and other spoofed email problems.Continue Reading
12 common types of malware attacks and how to prevent them
The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them.Continue Reading
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software.Continue Reading
What is security information and event management (SIEM)?
Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system.Continue Reading
personally identifiable information (PII)
Personally identifiable information (PII) is any data that could potentially identify a specific individual.Continue Reading
Port scan attacks: What they are and how to prevent them
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and defend against port scan attacks.Continue Reading
zero-day vulnerability
A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it.Continue Reading
DNS attack
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system.Continue Reading
cloud security
Cloud security, also known as 'cloud computing security,' is a set of policies, practices and controls deployed to protect cloud-based data, applications and infrastructure from cyberattacks and cyberthreats.Continue Reading
privacy impact assessment (PIA)
A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.Continue Reading
Zero trust vs. defense in depth: What are the differences?
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other.Continue Reading
SASE vs. SSE: Explaining the differences
Most security professionals are familiar with secure access service edge, but now, there's a new tool for administrators to consider: security service edge.Continue Reading
proof of concept (PoC) exploit
A proof of concept (PoC) exploit is a nonharmful attack against a computer or network. PoC exploits are not meant to cause harm, but to show security weaknesses within software.Continue Reading
What is a cloud security framework? A complete guide
With so many apps and data residing in cloud, employing a security framework to help protect cloud infrastructure is an essential move for an organization.Continue Reading
Cloud security automation: Benefits and best practices
Automating security in the cloud can be invaluable for threat detection and mitigation. Explore key areas where security professionals should implement automation.Continue Reading
Reporting ransomware attacks: Steps to take
The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process.Continue Reading
The 7 core pillars of a zero-trust architecture
Learn how Forrester's Zero Trust Extended framework can help IT leaders identify, organize and implement the appropriate cybersecurity tools for a zero-trust framework.Continue Reading
What is extortionware? How does it differ from ransomware?
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware.Continue Reading
What role does an initial access broker play in the RaaS model?
Initial access brokers play an increasingly vital role in the ransomware ecosystem, establishing entry points from which RaaS groups can facilitate attacks against organizations.Continue Reading
virtual firewall
A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.Continue Reading
cloud penetration testing
Cloud penetration testing is a tactic an organization uses to assess its cloud security effectiveness by attempting to evade its own defenses.Continue Reading
cloud workload protection platform (CWPP)
A cloud workload protection platform (CWPP) is a security tool designed to protect workloads that run on premises, in the cloud or in a hybrid arrangement.Continue Reading
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password.Continue Reading
Common Vulnerability Scoring System (CVSS)
The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems.Continue Reading
cloud-native application protection platform (CNAPP)
Cloud-native application protection platform, or CNAPP, is a software product that bundles multiple cloud security tools into one package, thereby delivering a holistic approach for securing an organization's cloud infrastructure, its cloud-native ...Continue Reading
Cloud vulnerability management: A complete guide
Your security strategy might not grapple directly with cloud vulnerability management. Is it time to consider the possible benefits and challenges of this emerging product class?Continue Reading
How to create a cloud security policy, step by step
What are the necessary components of a cloud security policy, and why should an organization go to the trouble to create one? Download a template to get the process started.Continue Reading
Patch Tuesday
Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software.Continue Reading
Pegasus malware
Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram.Continue Reading
VM security in cloud computing explained
Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up.Continue Reading
risk-based patch management (RBPM)
Risk-based patch management (RBPM) is an approach to implementing patches to fix software code that prioritizes patches that address security issues posing the highest risk to the organization.Continue Reading