Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
CISO as a service (vCISO, virtual CISO, fractional CISO)
A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider. Continue Reading
SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags
Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best. Continue Reading
How to protect your organization from IoT malware
IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks. Continue Reading
-
cardholder data environment (CDE)
A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores or transmits cardholder data or sensitive payment authentication data. Continue Reading
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system. Continue Reading
-
Definitions to Get Started
- What is a proxy firewall?
- What is a public key and how does it work?
- What is a public key certificate?
- What is passwordless authentication?
- What is PKI (public key infrastructure)?
- What is a block cipher?
- What is a stream cipher?
- What is a session key?
7 useful hardware pen testing tools
Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more.Continue Reading
cybersecurity asset management (CSAM)
Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its ...Continue Reading
authentication
Authentication is the process of determining whether someone or something is who or what they say they are.Continue Reading
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.Continue Reading
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits.Continue Reading
-
What does an IT security manager do?
IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection.Continue Reading
What an email security policy is and how to build one
Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company.Continue Reading
Top 12 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right ones for your organization.Continue Reading
How to create a company password policy, with template
Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use.Continue Reading
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.Continue Reading
How to use SDelete to ensure deleted data is gone for good
When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data.Continue Reading
Plundervolt
Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).Continue Reading
SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (...Continue Reading
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN).Continue Reading
Structured Threat Information eXpression (STIX)
Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.Continue Reading
antispoofing
Antispoofing is a technique for identifying and dropping packets that have a false source address.Continue Reading
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure ...Continue Reading
Cybersecurity vs. cyber resilience: What's the difference?
Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach.Continue Reading
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.Continue Reading
speculative risk
Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss.Continue Reading
Allowlisting vs. blocklisting: Benefits and challenges
Allowlisting and blocklisting are key components of access control. Learn the benefits and challenges of each approach and why a combination of the two is often the best strategy.Continue Reading
How to conduct a cyber-resilience assessment
It's a good cyber-hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment.Continue Reading
What are the most important email security protocols?
Email was designed without security considerations. Email security protocols, including SMPTS, SPF and S/MIME, add mechanisms to keep messaging safe from threats.Continue Reading
5 steps to achieve a risk-based security strategy
Learn about the five steps to implement a risk-based security strategy that helps naturally deliver compliance as a consequence of an improved security posture.Continue Reading
security awareness training
Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.Continue Reading
chief risk officer (CRO)
The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.Continue Reading
Security awareness training quiz: Questions and answers
From ransomware to passphrases, find out how much you know about preventing cybersecurity incidents in this security awareness training quiz.Continue Reading
Physical pen testing methods and tools
While companies regularly conduct network penetration tests, they may overlook physical office security. Here's how attackers -- with a baseball cap and smartphone -- get in.Continue Reading
risk appetite
Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.Continue Reading
CSSLP (Certified Secure Software Lifecycle Professional)
CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC).Continue Reading
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise.Continue Reading
Microsoft Schannel (Microsoft Secure Channel)
The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms.Continue Reading
risk assessment
Risk assessment is the process of identifying hazards that could negatively affect an organization's ability to conduct business.Continue Reading
compliance as a service (CaaS)
Compliance as a service (CaaS) is a cloud service that specifies how a managed service provider (MSP) helps an organization meet its regulatory compliance mandates.Continue Reading
security posture
Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats.Continue Reading
ISO 31000 Risk Management
The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.Continue Reading
voice squatting
Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced.Continue Reading
multifactor authentication
Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.Continue Reading
How to land a corporate board seat as a CISO
Any CISO who aspires to a corporate board seat needs a strategic approach. Learn how security executives can position themselves to become top-level decision-makers.Continue Reading
cyber insurance
Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help reduce the financial risks associated with doing business online.Continue Reading
How to use Wireshark to sniff and scan network traffic
Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list.Continue Reading
How to develop a cybersecurity strategy: Step-by-step guide
A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there.Continue Reading
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.Continue Reading
principle of least privilege (POLP)
The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.Continue Reading
How to create a SOAR playbook in Microsoft Sentinel
Using automation through tools such as SOAR and SIEM can improve incident response alert efficiency. One automated feature analysts can use is the SOAR playbook.Continue Reading
DNS over HTTPS (DoH)
DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.Continue Reading
governance, risk and compliance (GRC)
Governance, risk and compliance (GRC) refers to an organization's strategy for handling the interdependencies among the following three components: corporate governance policies, enterprise risk management programs, and regulatory and company ...Continue Reading
total risk
Total risk is an assessment that identifies all the risk factors associated with pursuing a specific course of action.Continue Reading
steganography
Steganography is the technique of hiding data within an ordinary, nonsecret file or message to avoid detection; the hidden data is then extracted at its destination.Continue Reading
triple extortion ransomware
Triple extortion ransomware is a type of ransomware attack where a cybercriminal extorts their victim multiple times, namely by encrypting data, exfiltrating data to expose and threatening a third attack vector.Continue Reading
double extortion ransomware
Double extortion ransomware is a novel form of malware that combines ransomware with elements of extortionware to maximize the victim's potential payout.Continue Reading
The 10 biggest ransomware attacks in history
From private organizations and manufacturers to healthcare organizations and entire countries, read up on 10 of the most famous ransomware attacks of all time.Continue Reading
risk avoidance
Risk avoidance is the elimination of hazards, activities and exposures that can negatively affect an organization and its assets.Continue Reading
6 stages of the ransomware lifecycle
Know thy enemy. By understanding the nuances of the ransomware lifecycle, enterprise security teams can best protect their organizations from attacks.Continue Reading
pure risk
Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.Continue Reading
risk exposure
Risk exposure is the quantified potential loss from business activities currently underway or planned.Continue Reading
risk profile
A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.Continue Reading
residual risk
Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made.Continue Reading
risk map (risk heat map)
A risk map (risk heat map) is a data visualization tool for communicating specific risks an organization faces.Continue Reading
email security
Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting against unauthorized access and email threats.Continue Reading
Types of ransomware and a timeline of attack examples
There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants.Continue Reading
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are.Continue Reading
network vulnerability scanning
Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points.Continue Reading
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication.Continue Reading
risk analysis
Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.Continue Reading
Google Play Protect
Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.Continue Reading
insecure deserialization
Insecure deserialization is a vulnerability in which untrusted or unknown data is used to inflict a denial-of-service attack, execute code, bypass authentication or otherwise abuse the logic behind an application.Continue Reading
orphan account
An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.Continue Reading
cryptosystem
A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.Continue Reading
SOC 2 (System and Organization Controls 2)
SOC 2 (System and Organization Controls 2), pronounced "sock two," is a voluntary compliance standard for ensuring that service providers properly manage and protect the sensitive data in their care.Continue Reading
Computer Fraud and Abuse Act (CFAA)
The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization.Continue Reading
national identity card
A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity.Continue Reading
cyber extortion
Cyber extortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading
The history and evolution of ransomware
Ransomware has evolved from a malicious floppy disk demanding $189 in ransom to a multibillion-dollar industry with ransom for rent, sophisticated techniques and big-name victims.Continue Reading
The history, evolution and current state of SIEM
SIEM met the need for a security tool that could pinpoint threats in real time. But new threats mean that the next evolution of SIEM will offer even more firepower.Continue Reading
How to map security gaps to the Mitre ATT&CK framework
Mapping security gaps to the Mitre ATT&CK framework enables SOC teams to prioritize, remediate and eliminate vulnerabilities before malicious actors exploit them.Continue Reading
Get started: Threat modeling with the Mitre ATT&CK framework
The Mitre ATT&CK framework may seem daunting at first, but it is a key tool that helps SOC teams conduct threat modeling. Learn how to get started.Continue Reading
bridge
A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network.Continue Reading
mobile authentication
Mobile authentication is the verification of a user's identity via a mobile device using one or more authentication methods for secure access.Continue Reading
cloud security architecture
Cloud security architecture is a security strategy designed around securing an organization's data and applications in the cloud.Continue Reading
single-factor authentication (SFA)
Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials.Continue Reading
knowledge-based authentication
Knowledge-based authentication (KBA) is an authentication method in which users are asked to answer at least one secret question.Continue Reading
WannaCry ransomware
WannaCry ransomware is a cyber attack that spreads by exploiting vulnerabilities in the Windows operating system.Continue Reading
security token
A security token is a physical or wireless device that provides two-factor authentication (2FA) for users to prove their identity in a login process.Continue Reading
Occupational Safety and Health Administration (OSHA)
The Occupational Safety and Health Administration (OSHA) is responsible for protecting worker health and safety in the United States.Continue Reading
Blockchain security: Everything you should know for safe use
Despite its reputation, blockchain is subject to many of the same vulnerabilities as other software. It helps to have a clear idea of its inherent strengths and weaknesses.Continue Reading
PCI compliance
PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.Continue Reading
Use IoT hardening to secure vulnerable connected devices
IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected.Continue Reading
How to calculate cybersecurity ROI with concrete metrics
Calculating and communicating cybersecurity ROI can help persuade top management to invest. Here's how to use meaningful, concrete metrics.Continue Reading
logon (or login)
In computing, a logon is a procedure that enables an entity to access a secure system such as an operating system, application, service, website or other resource.Continue Reading
security analytics
Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.Continue Reading
NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.Continue Reading
Smart contract benefits and best practices for security
While smart contracts promise enormous benefits in the enterprise, they also present opportunities for cybercriminals. Explore best practices to keep them secure.Continue Reading
How to use Wfuzz to find web application vulnerabilities
By learning how to use Wfuzz for web application fuzz testing, bug bounty hunters can automate vulnerability discovery. Learn more in this excerpt from 'Bug Bounty Bootcamp.'Continue Reading
How to become a bug bounty hunter: Getting started
Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter.Continue Reading