Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
browser hijacker (browser hijacking)
A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. Continue Reading
Kerberos
Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Continue Reading
SIEM vs. SOAR vs. XDR: Evaluate the differences
SIEM, SOAR and XDR share similar definitions, but each has distinct drawbacks. Learn what each offers and how they differ for help deciding which to deploy in your company. Continue Reading
-
promiscuous mode
In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique. Continue Reading
macro virus
A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word. Continue Reading
certificate authority (CA)
A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates.Continue Reading
federated identity management (FIM)
Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks.Continue Reading
How to use Metasploit commands and exploits for pen tests
These step-by-step instructions demonstrate how to use the Metasploit Framework for enterprise vulnerability and penetration testing.Continue Reading
Malware analysis for beginners: Getting started
With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst.Continue Reading
Top static malware analysis techniques for beginners
Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage.Continue Reading
-
logic bomb
A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.Continue Reading
Electronic Code Book (ECB)
Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.Continue Reading
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b.Continue Reading
electronic discovery (e-discovery or ediscovery)
Electronic discovery -- also called e-discovery or ediscovery -- refers to any process of obtaining and exchanging evidence in a civil or criminal legal case.Continue Reading
spear phishing
Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.Continue Reading
MD5
The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.Continue Reading
ILOVEYOU virus
The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book.Continue Reading
certificate revocation list (CRL)
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their actual or assigned expiration date.Continue Reading
nonrepudiation
Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.Continue Reading
cryptology
Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.Continue Reading
cyberstalking
Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum.Continue Reading
How to use the NIST framework for cloud security
Aligning the NIST Cybersecurity Framework with cloud services such as AWS, Azure and Google Cloud can improve cloud security. Read how to best use the framework for the cloud.Continue Reading
How to prepare for the CompTIA CySA+ exam
The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more.Continue Reading
Sample CompTIA CySA+ test questions with answers
Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output.Continue Reading
Keycloak tutorial: How to secure different application types
IT pros and developers can secure applications with the open source IAM tool Keycloak. When you don't need to worry about passwords, it reduces the potential attack surface.Continue Reading
Secure applications with Keycloak authentication tool
As we look toward the future of authentication, open source tools, such as Keycloak, provide companies a way to secure applications to its specific needs.Continue Reading
private key
A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt data.Continue Reading
DOS (disk operating system)
A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular family of disk operating systems, most commonly MS-DOS, an acronym for Microsoft DOS.Continue Reading
hardware security module (HSM)
A hardware security module (HSM) is a physical device that provides extra security for sensitive data.Continue Reading
buffer overflow
A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold.Continue Reading
biometric verification
Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.Continue Reading
password
A password is a string of characters used to verify the identity of a user during the authentication process.Continue Reading
biometrics
Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.Continue Reading
Mitigating risk-based vulnerability management challenges
An onslaught of threats combined with constrained budgets leaves security teams wondering which risks to prioritize and how. Enter risk-based vulnerability management.Continue Reading
spyware
Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.Continue Reading
DMZ in networking
In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.Continue Reading
two-factor authentication (2FA)
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.Continue Reading
domain generation algorithm (DGA)
A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGA provides malware with new domains in order to evade security countermeasures.Continue Reading
Test yourself with this e-learning authentication quizlet
Integrity and authentication are two evergreen security topics. Try this quick quiz from Technic Publication's PebbleU, and see where to focus your continuing education.Continue Reading
What is the BISO role and is it necessary?
Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units.Continue Reading
Common Linux vulnerabilities admins need to detect and fix
Server admins need to prepare for a variety of common Linux vulnerabilities, from software and hardware vulnerabilities to employee-created ones and even digital espionage.Continue Reading
How to implement Linux security best practices
When setting up security for a company's infrastructure, admins need to focus on backups, patch management and regular vulnerability scans.Continue Reading
public key certificate
A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.Continue Reading
public key
In cryptography, a public key is a large numerical value that is used to encrypt data.Continue Reading
What are cloud containers and how do they work?
Containers in cloud computing have evolved from a security buzzword. Deployment of cloud containers is now an essential element of IT infrastructure protection.Continue Reading
end-to-end encryption (E2EE)
End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.Continue Reading
proxy firewall
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer.Continue Reading
security
Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.Continue Reading
OPSEC (operations security)
OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines what is required to protect sensitive information and prevent it from getting into the wrong hands.Continue Reading
How to get started with security chaos engineering
Introducing security chaos engineering: the latest methodology security teams can implement to proactively discover vulnerabilities or weaknesses in a company's system.Continue Reading
threat modeling
Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.Continue Reading
social engineering
Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations...Continue Reading
distributed denial-of-service (DDoS) attack
A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.Continue Reading
password cracking
Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.Continue Reading
MDM vs. MAM: What are the key differences?
Mobile workers are productive and even essential to business success. But IT has to protect corporate apps and data -- as well as worker privacy -- via MDM, MAM or both.Continue Reading
3 steps to zero-day threat protection
Don't let a zero-day threat bring down your networks. Follow these three steps to prepare for the unknown and minimize potential damage.Continue Reading
National Security Agency (NSA)
The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI).Continue Reading
Cryptography quiz questions and answers: Test your smarts
Put your encryption knowledge to the test, and perhaps even learn a new word or concept in the process with these cryptography quiz questions.Continue Reading
Try this cloud identity and access management quiz
Remote work and increased cloud adoption have dramatically changed identity and access management. Take this cloud IAM quiz for infosec pros to see if your knowledge is up to date.Continue Reading
ethical hacker
An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.Continue Reading
hacktivism
Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.Continue Reading
How to secure remote access for the hybrid work model
With the post-COVID-19 hybrid work model taking shape, discover the technologies and trends analysts and IT leaders view as the anchors to ensure secure remote access.Continue Reading
Create a remote access security policy with this template
The expansion of remote work has created complicated security risks. Get help developing and updating a remote access security policy. Download our free template to get started.Continue Reading
cipher block chaining (CBC)
Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.Continue Reading
What's the difference between sandboxes vs. containers?
Understanding the differences between sandboxes vs. containers for security can help companies determine which best suits their particular use cases.Continue Reading
block cipher
A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.Continue Reading
hacker
A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.Continue Reading
Extensible Authentication Protocol (EAP)
The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.Continue Reading
From EDR to XDR: Inside extended detection and response
As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms.Continue Reading
session key
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.Continue Reading
Types of MDR security services: MEDR vs. MNDR vs. MXDR
Organizations considering MDR security services should look into more tightly focused options hitting the market to find the best one for their security program's needs.Continue Reading
pass the hash attack
A pass the hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network.Continue Reading
watering hole attack
A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.Continue Reading
computer cracker
A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.Continue Reading
pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent.Continue Reading
stream cipher
A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.Continue Reading
IPsec (Internet Protocol Security)
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.Continue Reading
denial-of-service attack
A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources.Continue Reading
Get to know cloud-based identity governance capabilities
As enterprise cloud adoption increases, the market for cloud identity governance is expected to expand. Learn more about the use cases, benefits and available product options.Continue Reading
user authentication
User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a human-to-machine transfer of credentials during interactions on a network to confirm a user's authenticity.Continue Reading
Sample CCISO exam questions on security project management
This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions.Continue Reading
physical security
Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution.Continue Reading
unified threat management (UTM)
Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.Continue Reading
attack vector
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.Continue Reading
Advice on how to prepare for the CompTIA Security+ exam
The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more.Continue Reading
Sample CompTIA Security+ exam questions and answers
The CompTIA Security+ exam covers a wide swath of topics, from threats to compliance to architecture. Test what you know about malware with these sample test questions.Continue Reading
endpoint detection and response (EDR)
Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response ...Continue Reading
Transport Layer Security (TLS)
Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.Continue Reading
PKI (public key infrastructure)
PKI (public key infrastructure) is the underlying framework that enables entities -- users and servers -- to securely exchange information using digital certificates.Continue Reading
obfuscation
Obfuscation means to make something difficult to understand.Continue Reading
MDR vs. MSSP: Why it's vital to know the difference
When assessing MDR vs. MSSP, the key is understanding why the two aren't interchangeable and how each handles response.Continue Reading
dumpster diving
Dumpster diving is looking for treasure in someone else's trash.Continue Reading
cyber hijacking
Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.Continue Reading
challenge-response authentication
In computer security, challenge-response authentication is a set of protocols used to protect digital assets and services from unauthorized users, programs or activities.Continue Reading
antimalware (anti-malware)
Antimalware is a type of software program created to protect IT systems and individual computers from malicious software, or malware.Continue Reading
Data loss prevention quiz: Test your training on DLP features
Data loss prevention tools can help infosec manage insider threat, shadow IT and compliance initiatives. Test your know-how with this DLP quiz.Continue Reading
botnet
A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to ...Continue Reading
email spoofing
Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.Continue Reading
How to set up Palo Alto security profiles
Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network.Continue Reading
Author's advice on Palo Alto firewall, getting started
Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice.Continue Reading