Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
How API attacks work, plus 5 common types
A growing number of API attacks put enterprises at risk of serious data breaches. Learn how these attacks work, and explore some API security best practices. Continue Reading
16 common types of cyberattacks and how to prevent them
To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks and what to do to prevent them. Continue Reading
cyber attack
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
-
Top 10 cybersecurity interview questions and answers
Interviewing for a job in cybersecurity? Memorizing security terms won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them. Continue Reading
How to use Social-Engineer Toolkit
Testing system components for vulnerabilities is just one part of the network security equation. What's the best way to measure users' resilience to social engineering threats? Continue Reading
How to become a cybersecurity architect
From help desk support personnel to network admin, learn about the multiple paths that can lead to becoming an effective and knowledgeable cybersecurity architect.Continue Reading
5 essential programming languages for cybersecurity pros
Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals.Continue Reading
What qualifies as a material cybersecurity incident?
In SEC rules, a cyberincident's materiality hinges on its potential impact on a public company's standing. Learn what this means for cybersecurity disclosure requirements.Continue Reading
SPF, DKIM and DMARC: What are they and how do they work together?
Internet protocols for email authentication -- SPF, DKIM and DMARC -- coordinate defense against spammers, phishing and other spoofed email problems.Continue Reading
12 common types of malware attacks and how to prevent them
The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them.Continue Reading
-
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software.Continue Reading
What is security information and event management (SIEM)?
Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system.Continue Reading
personally identifiable information (PII)
Personally identifiable information (PII) is any data that could potentially identify a specific individual.Continue Reading
Port scan attacks: What they are and how to prevent them
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and defend against port scan attacks.Continue Reading
zero-day vulnerability
A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it.Continue Reading
DNS attack
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system.Continue Reading
malware
Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server.Continue Reading
cloud security
Cloud security, also known as 'cloud computing security,' is a set of policies, practices and controls deployed to protect cloud-based data, applications and infrastructure from cyberattacks and cyberthreats.Continue Reading
privacy impact assessment (PIA)
A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.Continue Reading
Zero trust vs. defense in depth: What are the differences?
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other.Continue Reading
SASE vs. SSE: Explaining the differences
Most security professionals are familiar with secure access service edge, but now, there's a new tool for administrators to consider: security service edge.Continue Reading
proof of concept (PoC) exploit
A proof of concept (PoC) exploit is a nonharmful attack against a computer or network. PoC exploits are not meant to cause harm, but to show security weaknesses within software.Continue Reading
What is a cloud security framework? A complete guide
With so many apps and data residing in cloud, employing a security framework to help protect cloud infrastructure is an essential move for an organization.Continue Reading
Cloud security automation: Benefits and best practices
Automating security in the cloud can be invaluable for threat detection and mitigation. Explore key areas where security professionals should implement automation.Continue Reading
Reporting ransomware attacks: Steps to take
The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process.Continue Reading
The 7 core pillars of a zero-trust architecture
Learn how Forrester's Zero Trust Extended framework can help IT leaders identify, organize and implement the appropriate cybersecurity tools for a zero-trust framework.Continue Reading
What is extortionware? How does it differ from ransomware?
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware.Continue Reading
What role does an initial access broker play in the RaaS model?
Initial access brokers play an increasingly vital role in the ransomware ecosystem, establishing entry points from which RaaS groups can facilitate attacks against organizations.Continue Reading
virtual firewall
A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.Continue Reading
cloud penetration testing
Cloud penetration testing is a tactic an organization uses to assess its cloud security effectiveness by attempting to evade its own defenses.Continue Reading
cloud workload protection platform (CWPP)
A cloud workload protection platform (CWPP) is a security tool designed to protect workloads that run on premises, in the cloud or in a hybrid arrangement.Continue Reading
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password.Continue Reading
Common Vulnerability Scoring System (CVSS)
The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems.Continue Reading
cloud-native application protection platform (CNAPP)
Cloud-native application protection platform, or CNAPP, is a software product that bundles multiple cloud security tools into one package, thereby delivering a holistic approach for securing an organization's cloud infrastructure, its cloud-native ...Continue Reading
Cloud vulnerability management: A complete guide
Your security strategy might not grapple directly with cloud vulnerability management. Is it time to consider the possible benefits and challenges of this emerging product class?Continue Reading
How to create a cloud security policy, step by step
What are the necessary components of a cloud security policy, and why should an organization go to the trouble to create one? Download a template to get the process started.Continue Reading
Patch Tuesday
Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software.Continue Reading
Pegasus malware
Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram.Continue Reading
VM security in cloud computing explained
Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up.Continue Reading
risk-based patch management (RBPM)
Risk-based patch management (RBPM) is an approach to implementing patches to fix software code that prioritizes patches that address security issues posing the highest risk to the organization.Continue Reading
What is a cloud security engineer, and how do I become one?
A cloud security engineer has specific responsibilities for helping to secure cloud infrastructure, applications and IT assets.Continue Reading
SSPM vs. CSPM: What's the difference?
Posture management in the cloud is key, but evaluating different tools, such as SaaS security posture management and cloud security posture management platforms, can be confusing.Continue Reading
risk-based vulnerability management (RBVM)
Risk-based vulnerability management (RBVM) is an approach to identifying and addressing security vulnerabilities in an organization's IT environment that prioritizes remediating vulnerabilities that pose the greatest risk.Continue Reading
cloud infrastructure entitlement management (CIEM)
Cloud infrastructure entitlement management (CIEM) is a discipline for managing identities and privileges in cloud environments.Continue Reading
What is PCI DSS (Payment Card Industry Data Security Standard)?
The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal ...Continue Reading
What is a SSL (secure sockets layer)?
Secure sockets layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.Continue Reading
What is Data Encryption Standard (DES)?
Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.Continue Reading
What is role-based access control (RBAC)?
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.Continue Reading
What is a potentially unwanted program (PUP)?
A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading
remote access
Remote access is the ability for an authorized person to access a computer or network from a geographical distance through a network connection.Continue Reading
Federal Information Security Modernization Act (FISMA)
): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats.Continue Reading
cloud security posture management (CSPM)
Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud.Continue Reading
Cloud Security Alliance (CSA)
The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.Continue Reading
EDR vs. EPP: What's the difference?
Endpoint detection and response tools and endpoint protection platforms offer similar security features. Which is better for your organization: EDR, EPP or both?Continue Reading
Stateful vs. stateless firewalls: Understanding the differences
Stateful firewalls are the norm in most networks, but there are still times where a stateless firewall fits the bill. Learn how these firewalls work and what approach might be best.Continue Reading
identity management (ID management)
Identity management (ID management) is the organizational process for ensuring individuals have the appropriate access to technology resources.Continue Reading
single sign-on (SSO)
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a username and password -- to access multiple applications.Continue Reading
cryptanalysis
Cryptanalysis is the study of ciphertext, ciphers and cryptosystems to understand how they work and to find and improve techniques for defeating or weakening them.Continue Reading
Data protection impact assessment template and tips
Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information.Continue Reading
Fuzzy about fuzz testing? This fuzzing tutorial will help
Organizations are searching for ways to automate and improve their application security processes. Fuzz testing is one way to fill in some of the gaps.Continue Reading
virus (computer virus)
A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an infected system and it often propagates to other systems, much like a biological virus spreads from host to host.Continue Reading
Certified Information Security Manager (CISM)
Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.Continue Reading
How data poisoning attacks work
Generative AI brings business opportunities to the enterprise but also security risks. Learn about an evolving attack vector called data poisoning and how it works.Continue Reading
cryptography
Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is intended can read and process it.Continue Reading
4 types of prompt injection attacks and how they work
Compromised LLMs can expose sensitive corporate data and put organizations' reputations at risk. Learn about four types of prompt injection attacks and how they work.Continue Reading
asymmetric cryptography
Asymmetric cryptography, also known as public key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.Continue Reading
identity provider
An identity provider (IdP) is a system component that provides an end user or internet-connected device with a single set of login credentials that ensures the entity is who or what it says it is across multiple platforms, applications and networks.Continue Reading
vulnerability assessment
A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures.Continue Reading
The differences between inbound and outbound firewall rules
Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses.Continue Reading
DoS vs. DDoS: How they differ and the damage they cause
DoS and DDoS attacks may not be new, but that doesn't mean they are any less disruptive to organizations. Companies should understand what they are and how they work.Continue Reading
How dynamic malware analysis works
Security teams use dynamic malware analysis to uncover how malware works -- and thereby improve threat hunting and incident detection capabilities.Continue Reading
phishing
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.Continue Reading
Multi-cloud security challenges and best practices
Where multi-cloud goes, security complexity follows. From configuration to visibility, organizations must be aware of these main challenges and how to overcome them.Continue Reading
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.Continue Reading
How to use a jump server to link security zones
Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely.Continue Reading
cybersecurity
Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats.Continue Reading
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.Continue Reading
How to craft cyber-risk statements that work, with examples
A cyber-risk statement should be clear, concise and simple -- but that doesn't mean it's easy to write. Get tips and read our cyber-risk statement examples.Continue Reading
operational risk
Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations.Continue Reading
What is cybersecurity mesh and how can it help you?
The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments.Continue Reading
risk reporting
Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.Continue Reading
How to conduct a social engineering penetration test
Social engineering attacks are becoming more sophisticated and more damaging. Penetration testing is one of the best ways to learn how to safeguard your systems against attack.Continue Reading
Understand the pros and cons of enterprise password managers
Almost half of breaches occur because of compromised credentials. Using a password manager to control how users create their IDs may be a good step to protect enterprise assets.Continue Reading
cyberterrorism
Cyberterrorism is usually defined as any premeditated, politically motivated attack against information systems, programs, and data that threatens violence or results in violence.Continue Reading
keylogger (keystroke logger or system monitor)
A keylogger, sometimes called a keystroke logger, is a type of surveillance technology used to monitor and record each keystroke on a specific device, such as a computer or smartphone.Continue Reading
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning.Continue Reading
dictionary attack
A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.Continue Reading
SOAR (security orchestration, automation and response)
SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.Continue Reading
communications security (COMSEC)
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred.Continue Reading
Cybersecurity career path: 5-step guide to success
Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity.Continue Reading
security operations center (SOC)
A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks.Continue Reading
4 tips to find cyber insurance coverage in 2024
The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2024 and how to get the most from your organization's coverage this year.Continue Reading
10 must-have cybersecurity skills for career success in 2024
Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand.Continue Reading
What is incident response? A complete guide
Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs.Continue Reading
indicators of compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.Continue Reading
digital forensics and incident response (DFIR)
Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events.Continue Reading
Business continuity vs. disaster recovery vs. incident response
To stay in business, expect the unexpected. Learn how business continuity, disaster recovery and incident response differ -- and why organizations need plans for all three.Continue Reading
Incident response automation: What it is and how it works
Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder.Continue Reading
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.Continue Reading
information assurance (IA)
Information assurance (IA) is the practice of protecting physical and digital information and the systems that support the information.Continue Reading