Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
What is application allowlisting?
Application allowlisting, previously known as 'application whitelisting,' is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
What is Transport Layer Security (TLS)?
Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. Continue Reading
Penetration testing vs. vulnerability scanning: What's the difference?
Confused by the distinctions between penetration testing and vulnerability scanning? You're not alone. Learn the key differences between the two and when to use each. Continue Reading
-
What is a checksum?
A checksum is a value that represents the number of bits in a transmission message. IT professionals use it to detect high-level errors within data transmissions. Continue Reading
What is an attack vector?
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Continue Reading
What is email spoofing?
Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.Continue Reading
What is challenge-response authentication?
In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, programs and activities.Continue Reading
What is defense in depth?
Defense in depth is a cybersecurity strategy that uses multiple security measures to protect an organization's networks, systems and data.Continue Reading
What are social engineering attacks?
Social engineering is an attack vector that relies heavily on human interaction and often involves psychological manipulation of people into breaking normal security procedures and best practices to gain unauthorized access.Continue Reading
What is a botnet?
A botnet is a collection of internet-connected devices -- including PCs, servers, mobile devices and internet of things (IoT) devices -- infected and controlled by a common type of malware, often unbeknownst to their owners.Continue Reading
-
What is a denial-of-service attack?
A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to access computer systems, networks, services or other IT resources.Continue Reading
What is cyber hijacking?
Cyber hijacking, or computer hijacking, is a type of network security attack in which the threat actor takes control of computer systems, software programs and network communications.Continue Reading
What is antimalware?
Antimalware is a software program created to protect IT systems and individual computers from malicious software, or malware.Continue Reading
What is Blowfish?
Blowfish is a variable-length, symmetric, 64-bit block cipher.Continue Reading
What is the RSA algorithm?
The RSA algorithm (Rivest-Shamir-Adleman) is a public key cryptosystem that uses a pair of keys for securing digital communication and transactions over insecure networks, such as the internet.Continue Reading
What is a honeypot? How it protects against cyberattacks
A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to help organizations detect, deflect and study hacking attempts to gain unauthorized access to IT.Continue Reading
How to use pfSense: Use cases and initial configurations
Open source firewall and routing software pfSense offers a compelling mix of capabilities that can work for organizations large and small.Continue Reading
What is physical security and how does it work?
Physical security protects personnel, hardware, software, networks, facilities and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.Continue Reading
What is cyber insurance, and why is it important?
Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract a business or other organization can purchase to reduce the financial risks associated with doing business online.Continue Reading
How to create a third-party risk management policy
NIST's Cybersecurity Framework offers some helpful tips for organizations to fortify their third-party risk management strategies. Here's how to implement them.Continue Reading
What is Internet Key Exchange (IKE)?
Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).Continue Reading
What is a certificate revocation list (CRL) and how is it used?
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date.Continue Reading
What is cryptology?
Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.Continue Reading
What is biometric verification?
Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.Continue Reading
What is DOS (Disk Operating System)?
A DOS, or disk operating system, is an operating system (OS) that runs from a disk drive. The term can also refer to a particular family of disk operating systems, most commonly MS-DOS (Microsoft DOS).Continue Reading
What is biometrics?
Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.Continue Reading
What is a password?
A password is a string of characters used to verify the identity of a user during the authentication process.Continue Reading
What is a hardware security module?
A hardware security module (HSM) is a physical device that provides extra security for sensitive data.Continue Reading
What is spyware?
Spyware is a type of malicious software (malware) that is installed on a computing device without the end user's knowledge.Continue Reading
What is SAML (Security Assertion Markup Language)?
Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems.Continue Reading
What is threat modeling?
Threat modeling is the systematic process of identifying threats to and vulnerabilities in software applications, and then defining countermeasures to mitigate those threats and vulnerabilities to better protect business processes, networks, systems...Continue Reading
What is SSL (Secure Sockets Layer)?
SSL (Secure Sockets Layer) is a networking protocol that secures connections between web clients and web servers over internal networks or the internet by encrypting the data sent between those clients and servers.Continue Reading
What is hacktivism?
Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.Continue Reading
What is a private key?
A private key, also known as a secret key, is a variable in cryptography used with an algorithm to encrypt or decrypt data.Continue Reading
How to prevent living-off-the-land attacks
Living-off-the-land attacks have been around since the dawn of modern computing, but they're drawing new attention from threat actors eager to find ways to penetrate defenses.Continue Reading
What is password cracking?
Password cracking is the process of using an application program to identify an unknown or forgotten password that allows access to a computer or network resource.Continue Reading
Symmetric key encryption algorithms and security: A guide
Scrambling plaintext into ciphertext is essential to ensure data cannot be read or used by the wrong people. Learn the basics of symmetric key encryption algorithms here.Continue Reading
Top 12 online cybersecurity courses for 2025
Our panel of experts picked the best free and paid online cybersecurity courses for professionals looking to advance their careers and for newbies breaking into the field.Continue Reading
10 must-have cybersecurity skills for career success in 2025
Looking to advance your cybersecurity career? Here are the skills you need to win a CISO job, land a threat hunter gig and snag other security positions in high demand.Continue Reading
What is a public key and how does it work?
In cryptography, a public key is a large numerical value that is used to encrypt data.Continue Reading
What is a proxy firewall?
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer.Continue Reading
What is a public key certificate?
A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.Continue Reading
How to use the Hydra password-cracking tool
Ethical hackers: Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with this step-by-step tutorial and companion video.Continue Reading
What is PKI (public key infrastructure)?
PKI (public key infrastructure) is the underlying framework that enables the secure exchange of information over the internet using digital certificates and public key encryption.Continue Reading
What is passwordless authentication?
Passwordless authentication allows a user to sign into a service without using a password. This is often done using certificates, security tokens, one-time passwords (OTPs) or biometrics.Continue Reading
7 DevSecOps tools to secure each step of the SDLC
DevSecOps tools come in many shapes and sizes, helping organizations do everything from discovering software vulnerabilities to preventing software supply chain data breaches.Continue Reading
What is a block cipher?
A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.Continue Reading
What is a stream cipher?
A stream cipher is an encryption method in which data is encrypted one byte at a time.Continue Reading
What is user authentication?
User authentication refers to the process of verifying the identity of a user attempting to gain access to a computer network, system or device. This process runs in the background and can be done through different means, such as asking the user to ...Continue Reading
What is a session key?
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.Continue Reading
What is cipher block chaining (CBC)?
Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.Continue Reading
What is obfuscation and how does it work?
Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program.Continue Reading
What is IPsec (Internet Protocol Security)?
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.Continue Reading
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.Continue Reading
What is endpoint detection and response (EDR)?
Endpoint detection and response (EDR) is a system that gathers and analyzes security threat-related information from computer workstations and other endpoints.Continue Reading
How to test firewall rules with Nmap
Using Nmap to identify potential shortfalls in the rules used to govern firewall performance gives teams an easy and cost-effective way to plug holes in their security frameworks.Continue Reading
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission.Continue Reading
What is Common Vulnerabilities and Exposures (CVE)?
Common Vulnerabilities and Exposures (CVE) is a publicly listed catalog of known security threats.Continue Reading
What skills are needed for a successful career in IAM?
In the zero-trust era, identity management is critical to an organization's cybersecurity posture. What skills are required to transition into a career in IAM?Continue Reading
What is a whaling attack (whaling phishing)?
A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive ...Continue Reading
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers.Continue Reading
What is identity governance and administration (IGA)?
Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.Continue Reading
Identity management vs. authentication: Know the difference
Learn how authentication and identity management are both intrinsic to an identity and access management framework. Learn how they differ and the role each one plays.Continue Reading
How to build a Python port scanner
Python offers beginning coders a lot of flexibility and is a novel way to build tools designed to probe port performance across your network.Continue Reading
What is machine identity management?
Machine identity management focuses on the machines connected to and accessing resources on a network.Continue Reading
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.Continue Reading
How to create an incident response playbook with template
Using an incident response playbook can speed up an organization's responses to cyberattacks. Find out how to build repeatable playbooks to use for different types of incidents.Continue Reading
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution.Continue Reading
Types of cybersecurity controls and how to place them
A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset.Continue Reading
What is authentication, authorization and accounting (AAA)?
Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network.Continue Reading
What is two-factor authentication (2FA)?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.Continue Reading
Equipment to include in a computer forensic toolkit
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit.Continue Reading
EDR vs. EPP: How are they different and which is right for you?
Endpoint detection and response tools and endpoint protection platforms offer similar security features. Which is better for your organization: EDR, EPP or both?Continue Reading
How to detect DDoS attacks
DDoS attacks are on the rise -- again. While they usually strike without warning, there are some red flags to be aware of. Rapid detection is key to surviving such an attack.Continue Reading
How AI is making phishing attacks more dangerous
Cybercriminals are using AI chatbots, such as ChatGPT, to launch sophisticated business email compromise attacks. Cybersecurity practitioners must fight fire with fire.Continue Reading
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.Continue Reading
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies.Continue Reading
What is extended detection and response (XDR)?
Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment.Continue Reading
What is OPSEC (operations security)?
OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.Continue Reading
What is user behavior analytics (UBA)?
User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems.Continue Reading
How to use security as code to achieve DevSecOps
Security as code helps organizations achieve DevSecOps and shift-left security. Learn about SaC's benefits, challenges and implementation best practices.Continue Reading
How to conduct firewall testing and analyze test results
A misconfigured firewall can wreak havoc throughout your organization. Firewall testing to ensure rules are written correctly and that any changes are validated is critical.Continue Reading
API security maturity model to assess API security posture
As API use proliferates, attackers are targeting them to exploit networks and data. This six-domain API security maturity model can assess weaknesses and vulnerabilities.Continue Reading
What is Android System WebView and should you uninstall it?
Android System WebView is a system component for the Android operating system (OS) that enables Android apps to display web content directly inside an application.Continue Reading
What is WPA3 (Wi-Fi Protected Access 3)?
WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance. WPA3 is the latest updated implementation of WPA2, which has been in use since 2004.Continue Reading
What is access control?
Access control is a security technique that regulates who or what can view or use resources in a computing environment.Continue Reading
5 online payment security best practices for enterprises
Ensuring the security of your company's online payment systems is key to preventing costly attacks, meeting compliance requirements and maintaining customer trust.Continue Reading
How to use tcpreplay to replay network packet files
The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility.Continue Reading
ASPM vs. ASOC: How do they differ?
Application security posture management and application security orchestration and correlation tools both aim to secure applications but use different methodologies.Continue Reading
How to prepare for post-quantum computing security
One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations.Continue Reading
What is email spam and how to fight it?
Email spam, also known as 'junk email,' refers to unsolicited email messages, usually sent in bulk to a large list of recipients. Humans send spam, but more often, botnets are responsible for sending it.Continue Reading
Explaining cybersecurity tabletop vs. live-fire exercises
Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ.Continue Reading
What is identity threat detection and response (ITDR)?
Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure.Continue Reading
What is MXDR, and do you need it?
Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment.Continue Reading
What is threat hunting? Key strategies explained
If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know.Continue Reading
What is cybercrime and how can you prevent it?
Cybercrime is any criminal activity that involves a computer, network or networked device.Continue Reading
Types of hackers: Black hat, white hat, red hat and more
Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers.Continue Reading
How to use Tor -- and whether you should -- in your enterprise
The Tor browser has sparked discussion and dissension since its debut. Does the software, which promises anonymous and secure web access, have a role to play in the enterprise?Continue Reading
How frictionless authentication works in online payments
Online retailers face a challenge: Make the payment process quick and easy for legitimate customers but not for fraudsters. Frictionless authentication can help.Continue Reading
What is cloud detection and response (CDR)?
Cloud computing requires a security approach that is different than traditional protections. Where does cloud detection and response fit into a cybersecurity strategy?Continue Reading