Get started

Get started

Bring yourself up to speed with our introductory content.

• SSAE 16

  The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (... Continue Reading

• soft token

  A soft token is a software-based security token that generates a single-use login personal identification number (PIN). Continue Reading

• Structured Threat Information eXpression (STIX)

  Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies. Continue Reading

• antispoofing

  Antispoofing is a technique for identifying and dropping packets that have a false source address. Continue Reading

• Google Authenticator

  Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure ... Continue Reading

• Definitions to Get Started

  • What is Common Vulnerabilities and Exposures (CVE)?
  • What is a spam trap?
  • What is a whaling attack (whaling phishing)?
  • What is identity governance and administration (IGA)?

  • What is machine identity management?
  • What is unified threat management (UTM)?
  • What is two-factor authentication (2FA)?
  • What is authentication, authorization and accounting (AAA)?

  View All Definitions

• Cybersecurity vs. cyber resilience: What's the difference?

  Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach.Continue Reading

• Secure Sockets Layer certificate (SSL certificate)

  A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.Continue Reading

• speculative risk

  Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss.Continue Reading

• Allowlisting vs. blocklisting: Benefits and challenges

  Allowlisting and blocklisting are key components of access control. Learn the benefits and challenges of each approach and why a combination of the two is often the best strategy.Continue Reading

• How to conduct a cyber-resilience assessment

  It's a good cyber-hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment.Continue Reading

• What are the most important email security protocols?

  Email was designed without security considerations. Email security protocols, including SMPTS, SPF and S/MIME, add mechanisms to keep messaging safe from threats.Continue Reading

• security awareness training

  Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.Continue Reading

• 5 steps to achieve a risk-based security strategy

  Learn about the five steps to implement a risk-based security strategy that helps naturally deliver compliance as a consequence of an improved security posture.Continue Reading

• chief risk officer (CRO)

  The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.Continue Reading

• Security awareness training quiz: Questions and answers

  From ransomware to passphrases, find out how much you know about preventing cybersecurity incidents in this security awareness training quiz.Continue Reading

• Physical pen testing methods and tools

  While companies regularly conduct network penetration tests, they may overlook physical office security. Here's how attackers -- with a baseball cap and smartphone -- get in.Continue Reading

• risk appetite

  Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.Continue Reading

• CSSLP (Certified Secure Software Lifecycle Professional)

  CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC).Continue Reading

• risk-based authentication (RBA)

  Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise.Continue Reading

• Microsoft Schannel (Microsoft Secure Channel)

  The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms.Continue Reading

• risk assessment

  Risk assessment is the process of identifying hazards that could negatively affect an organization's ability to conduct business.Continue Reading

• compliance as a service (CaaS)

  Compliance as a service (CaaS) is a cloud service that specifies how a managed service provider (MSP) helps an organization meet its regulatory compliance mandates.Continue Reading

• security posture

  Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats.Continue Reading

• ISO 31000 Risk Management

  The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.Continue Reading

• voice squatting

  Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced.Continue Reading

• multifactor authentication

  Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.Continue Reading

• How to land a corporate board seat as a CISO

  Any CISO who aspires to a corporate board seat needs a strategic approach. Learn how security executives can position themselves to become top-level decision-makers.Continue Reading

• cyber insurance

  Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help reduce the financial risks associated with doing business online.Continue Reading

• How to use Wireshark to sniff and scan network traffic

  Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list.Continue Reading

• How to develop a cybersecurity strategy: Step-by-step guide

  A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there.Continue Reading

• Protected Extensible Authentication Protocol (PEAP)

  Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.Continue Reading

• principle of least privilege (POLP)

  The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.Continue Reading

• How to create a SOAR playbook in Microsoft Sentinel

  Using automation through tools such as SOAR and SIEM can improve incident response alert efficiency. One automated feature analysts can use is the SOAR playbook.Continue Reading

• DNS over HTTPS (DoH)

  DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.Continue Reading

• governance, risk and compliance (GRC)

  Governance, risk and compliance (GRC) refers to an organization's strategy for handling the interdependencies among the following three components: corporate governance policies, enterprise risk management programs, and regulatory and company ...Continue Reading

• total risk

  Total risk is an assessment that identifies all the risk factors associated with pursuing a specific course of action.Continue Reading

• steganography

  Steganography is the technique of hiding data within an ordinary, nonsecret file or message to avoid detection; the hidden data is then extracted at its destination.Continue Reading

• triple extortion ransomware

  Triple extortion ransomware is a type of ransomware attack where a cybercriminal extorts their victim multiple times, namely by encrypting data, exfiltrating data to expose and threatening a third attack vector.Continue Reading

• double extortion ransomware

  Double extortion ransomware is a novel form of malware that combines ransomware with elements of extortionware to maximize the victim's potential payout.Continue Reading

• The 10 biggest ransomware attacks in history

  From private organizations and manufacturers to healthcare organizations and entire countries, read up on 10 of the most famous ransomware attacks of all time.Continue Reading

• risk avoidance

  Risk avoidance is the elimination of hazards, activities and exposures that can negatively affect an organization and its assets.Continue Reading

• 6 stages of the ransomware lifecycle

  Know thy enemy. By understanding the nuances of the ransomware lifecycle, enterprise security teams can best protect their organizations from attacks.Continue Reading

• pure risk

  Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.Continue Reading

• risk exposure

  Risk exposure is the quantified potential loss from business activities currently underway or planned.Continue Reading

• risk profile

  A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.Continue Reading

• residual risk

  Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made.Continue Reading

• risk map (risk heat map)

  A risk map (risk heat map) is a data visualization tool for communicating specific risks an organization faces.Continue Reading

• email security

  Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting against unauthorized access and email threats.Continue Reading

• Types of ransomware and a timeline of attack examples

  There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants.Continue Reading

• biometric authentication

  Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are.Continue Reading

• network vulnerability scanning

  Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points.Continue Reading

• BYOI (bring your own identity)

  BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication.Continue Reading

• risk analysis

  Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.Continue Reading

• Google Play Protect

  Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.Continue Reading

• insecure deserialization

  Insecure deserialization is a vulnerability in which untrusted or unknown data is used to inflict a denial-of-service attack, execute code, bypass authentication or otherwise abuse the logic behind an application.Continue Reading

• orphan account

  An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.Continue Reading

• cryptosystem

  A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.Continue Reading

• SOC 2 (System and Organization Controls 2)

  SOC 2 (System and Organization Controls 2), pronounced "sock two," is a voluntary compliance standard for ensuring that service providers properly manage and protect the sensitive data in their care.Continue Reading

• Computer Fraud and Abuse Act (CFAA)

  The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization.Continue Reading

• national identity card

  A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity.Continue Reading

• cyber extortion

  Cyber extortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading

• The history and evolution of ransomware

  Ransomware has evolved from a malicious floppy disk demanding $189 in ransom to a multibillion-dollar industry with ransom for rent, sophisticated techniques and big-name victims.Continue Reading

• The history, evolution and current state of SIEM

  SIEM met the need for a security tool that could pinpoint threats in real time. But new threats mean that the next evolution of SIEM will offer even more firepower.Continue Reading

• How to map security gaps to the Mitre ATT&CK framework

  Mapping security gaps to the Mitre ATT&CK framework enables SOC teams to prioritize, remediate and eliminate vulnerabilities before malicious actors exploit them.Continue Reading

• Get started: Threat modeling with the Mitre ATT&CK framework

  The Mitre ATT&CK framework may seem daunting at first, but it is a key tool that helps SOC teams conduct threat modeling. Learn how to get started.Continue Reading

• bridge

  A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network.Continue Reading

• mobile authentication

  Mobile authentication is the verification of a user's identity via a mobile device using one or more authentication methods for secure access.Continue Reading

• cloud security architecture

  Cloud security architecture is a security strategy designed around securing an organization's data and applications in the cloud.Continue Reading

• single-factor authentication (SFA)

  Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials.Continue Reading

• knowledge-based authentication

  Knowledge-based authentication (KBA) is an authentication method in which users are asked to answer at least one secret question.Continue Reading

• WannaCry ransomware

  WannaCry ransomware is a cyber attack that spreads by exploiting vulnerabilities in the Windows operating system.Continue Reading

• security token

  A security token is a physical or wireless device that provides two-factor authentication (2FA) for users to prove their identity in a login process.Continue Reading

• Occupational Safety and Health Administration (OSHA)

  The Occupational Safety and Health Administration (OSHA) is responsible for protecting worker health and safety in the United States.Continue Reading

• Blockchain security: Everything you should know for safe use

  Despite its reputation, blockchain is subject to many of the same vulnerabilities as other software. It helps to have a clear idea of its inherent strengths and weaknesses.Continue Reading

• PCI compliance

  PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.Continue Reading

• Use IoT hardening to secure vulnerable connected devices

  IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected.Continue Reading

• How to calculate cybersecurity ROI with concrete metrics

  Calculating and communicating cybersecurity ROI can help persuade top management to invest. Here's how to use meaningful, concrete metrics.Continue Reading

• logon (or login)

  In computing, a logon is a procedure that enables an entity to access a secure system such as an operating system, application, service, website or other resource.Continue Reading

• security analytics

  Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.Continue Reading

• NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

  The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.Continue Reading

• Smart contract benefits and best practices for security

  While smart contracts promise enormous benefits in the enterprise, they also present opportunities for cybercriminals. Explore best practices to keep them secure.Continue Reading

• How to use Wfuzz to find web application vulnerabilities

  By learning how to use Wfuzz for web application fuzz testing, bug bounty hunters can automate vulnerability discovery. Learn more in this excerpt from 'Bug Bounty Bootcamp.'Continue Reading

• How to become a bug bounty hunter: Getting started

  Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter.Continue Reading

• application blacklisting (application blocklisting)

  Application blacklisting --increasingly called application blocklisting -- is a network or computer administration practice used to prevent the execution of undesirable software programs.Continue Reading

• juice jacking

  Juice jacking is a security exploit in which an infected USB charging station is used to compromise devices that connect to it.Continue Reading

• hypervisor security

  Hypervisor security is the process of ensuring the hypervisor -- the software that enables virtualization -- is secure throughout its lifecycle.Continue Reading

• claims-based identity

  Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.Continue Reading

• Certified Cloud Security Professional (CCSP)

  Certified Cloud Security Professional (CCSP) is an International Information System Security Certification Consortium, or (ISC)2, certification that covers cloud-based cybersecurity best practices.Continue Reading

• How to implement principle of least privilege in Azure AD

  Restricting users' permissions in Microsoft Azure AD to only what they need to complete their job helps secure and reduce the cloud attack surface.Continue Reading

• password manager

  A password manager is a technology tool that helps internet users create, save, manage and use passwords across different online services.Continue Reading

• Hash-based Message Authentication Code (HMAC)

  Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function.Continue Reading

• Web application firewall (WAF)

  A web application firewall (WAF) is a firewall that monitors, filters and blocks Hypertext Transfer Protocol (HTTP) traffic as it travels to and from a website or web application.Continue Reading

• cloaking

  Cloaking is a technique where a different version of web content is returned to users than to the search engine crawlers.Continue Reading

• TrickBot malware

  TrickBot is sophisticated modular malware that started as a banking Trojan but has evolved to support many different types of attacks, including ransomware.Continue Reading

• How to create an SBOM, with example and template

  SBOMs help organizations inventory every component in their software. This free template, which includes an SBOM example, can help you secure your own software supply chain.Continue Reading

• cloud workload protection

  Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments. Businesses that use public and private clouds can use cloud workload protection platforms to help defend themselves against cyber attacks.Continue Reading

• firewall

  A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats.Continue Reading

• How to build a cybersecurity deception program

  In 'The Art of War,' Sun Tzu declared, 'All warfare is based on deception.' Learn how to apply this principle in the enterprise by building a cybersecurity deception program.Continue Reading

• International Information Systems Security Certification Consortium (ISC)2

  (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates.Continue Reading

• two-step verification

  Two-step verification is a process that involves two authentication steps performed one after the other to verify that someone or something requesting access is who or what they say they are.Continue Reading