Manage

Manage

Learn to apply best practices and optimize your operations.

• Information security risk management: Understanding the components

  An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading

• Preventing privilege creep: How to keep access and roles aligned

  Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned. Continue Reading

• Trusted? Certificate authority risks and how to manage them

  Trusted certificate authorities are essential in today's business climate, but that doesn't mean they are easy to come by. Certificate authority risks are many, certainly, but this three-part technical guide is designed to make plain the challenges ... Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies. Continue Reading

• When to take a bug bounty program public -- and how to do it

  Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public. Continue Reading

• Planning for an IPv6 attack: DDoS, neighbor discovery threats and more

  An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses.Continue Reading

• How to start building an enterprise application security program

  Building an effective application security program can be daunting. Sean Martin talks with experts about the best first steps enterprises should take.Continue Reading

• How tabletop exercises can help uncover hidden security risks

  A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.Continue Reading

• How can the AirDroid app phone hijacking be prevented?

  A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it.Continue Reading

• What new Asacub Trojan features should enterprises watch out for?

  The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for.Continue Reading

• Strong authentication methods: Are you behind the curve?

  Not sure who's really behind that username and password? Google, Facebook and others may finally give multifactor authentication technology the 'push' it needs.Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.Continue Reading

• Proper network segments may prevent the next breach

  Companies still fail to implement secure network segmentation and role-based access. Here's how to protect your sensitive data and stay out of the headlines.Continue Reading

• RSA Conference 2016 draws big crowds, strong encryption

  RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap.Continue Reading

• Securing VoIP: Keeping Your VoIP Networks Safe

  In this excerpt of Securing VoIP: Keeping your VoIP Network Safe, author Regis (Bud) Bates outlines different approaches to VoIP security and offers best practices to ensure infrastructure security is intact.Continue Reading

• Cybersecurity products: When is it time to change them?

  Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools.Continue Reading

• Breaking down the risks of VM escapes

  The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well.Continue Reading

• Why relying on network perimeter security alone is a failure

  A network perimeter security strategy alone can no longer protect enterprises. Expert Paul Henry explains why organizations must adapt.Continue Reading

• 'Going dark': Weighing the public safety costs of end-to-end encryption

  'Going dark' -- or the FBI's inability to access data because of encryption -- could put public safety at risk, intelligence officials say. But tech companies argue that strong encryption is needed to protect corporate and customer data.Continue Reading

• Adjusting your network perimeter security

  Expert Johna Till Johnson explains how the enterprise perimeter became obsolete, and how to replace network perimeter security with an approach to perimeterless security.Continue Reading

• Life after the Safe Harbor agreement: How to stay compliant

  Now that the Safe Harbor agreement is invalid, U.S. and EU organizations need to find new ways to securely handle data so they can stay in business.Continue Reading

• How to manage system logs using the ELK stack tool

  Centrally managing system logs is an important practice for enterprise security. Expert Dejan Lukan explains how to set up cloud servers, such as ELK stack, for this purpose.Continue Reading

• Lessons in mobile data loss protection for enterprise IT pros

  With mobile devices everywhere in the enterprise now, learning tactics for data loss protection must become an IT priority.Continue Reading

• How should enterprises manage social media compliance incidents?

  Social media compliance incidents in financial institutions are on the rise. Here are the most common violations and how to avoid them in the future.Continue Reading

• The basics of network intrusion prevention systems

  Expert Karen Scarfone explores intrusion prevention systems and their acquisition, deployment and management within the enterprise.Continue Reading

• Getting to the bottom of the software vulnerability disclosure debate

  The vulnerability disclosure debate rages on: Enterprises should know they are at risk, but vendors need time to patch flaws. Which side should prevail? Expert Michael Cobb discusses.Continue Reading

• Emerging security threats you're up against now

  Learn about the 'hacking as a service' and other emerging security threats.Continue Reading

• How to perform a forensic acquisition of a virtual machine disk

  Virtualization expert Paul Henry provides a step-by-step guide to imaging a virtual machine disk (*flat.vmdk) in a forensically sound manner.Continue Reading

• Cyber Reconnaissance, Surveillance and Defense

  In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works.Continue Reading

• Managed security service providers: Weighing the pros and cons

  Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing.Continue Reading

• Our AWS encryption keys were exposed accidentally -- now what?

  Exposing encryption keys is never a good thing, but knowing the steps to take after such an incident can help limit damage to an enterprise. Expert Dan Sullivan explains.Continue Reading

• How can I mitigate the risks of alternative Android browsers?

  Expert Michael Cobb explains the security risks surrounding alternative Web browsers, as well as approaches enterprises can take to prevent BYOD employees from using them.Continue Reading

• Certificate authorities are limited but new TLS versions can help

  SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing.Continue Reading

• From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan

  PCI DSS 3.1 requires enterprises to deplete SSL and early TLS use by June 30, 2016. Expert Michael Cobb offers advice for putting a migration plan to TLS 1.2 in place.Continue Reading

• What do organizations need to know about privacy in a HIPAA audit?

  A HIPAA audit covers privacy compliance, and organizations need to be prepared. Expert Mike Chapple discusses privacy in the audits.Continue Reading

• How to keep track of sensitive data with a data flow map

  Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored.Continue Reading

• State of the Network study: How security tasks are dominating IT staff

  The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it.Continue Reading

• Understanding and mitigating a FREAK vulnerability attack

  After the discovery that the FREAK vulnerability can affect a wide variety of OSes, enterprises should amp up mitigation efforts. Here's some background on the attack and how to stop it.Continue Reading

• Six criteria for procuring security analytics software

  Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs.Continue Reading

• Multifactor authentication: A buyer's guide to MFA products

  In this SearchSecurity buyer's guide, learn how to evaluate and procure the right multifactor authentication product for your organization.Continue Reading

• How should we hire for specialized information security roles?

  A rise in specialized roles puts extra pressure on security hiring. Expert Mike O. Villegas explains how to meet this demand and find talented security professionals.Continue Reading

• The CEO refuses cybersecurity best practices: Now what?

  Some executives don't think cybersecurity best practices apply to them. Expert Mike O. Villegas explains how to handle that situation.Continue Reading

• AWS security groups vs. traditional firewalls: What's the difference?

  AWS security groups provide network-based blocking mechanisms, much like traditional firewalls. Expert Dan Sullivan explains the differences between the two.Continue Reading

• New cyberthreats: Defending against the digital invasion

  The confluence of the Internet of Things and bring your own device may turn into a beachhead for attackers.Continue Reading

• Beyond the Page: New SIEM Battleground Unfolds with Advanced Analytics

  Robert Lemos looks at next-generation security information and event management analytic tools and cloud-based systems.Continue Reading

• SIEM systems: Using analytics to reduce false positives

  Combining data from a variety of sources with better analytics can reduce workloads.Continue Reading

• Final five considerations when evaluating intrusion detection tools

  Before making an investment in an intrusion detection and prevention system, be sure to read this list of five final considerations to keep in mind during intrusion detection system evaluation.Continue Reading

• Introduction to Web application firewalls in the enterprise

  Expert Brad Causey takes a close look at Web application firewalls, explains how WAF technology can prevent Internet-based attacks from known and unknown applications threats, and offers advice on WAF management and deployment.Continue Reading

• SSL/TLS security: Addressing WinShock, the Schannel vulnerability

  Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks.Continue Reading

• How emerging threat intelligence tools affect network security

  Up and coming threat intelligence tools aim to improve data security and even standardize threat intelligence across the industry. Expert Kevin Beaver explains how.Continue Reading

• A CISO's introduction to enterprise data governance strategy

  Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans.Continue Reading

• How to increase the importance of information security in enterprises

  Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.Continue Reading

• Targeted Cyber Attacks

  In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets.Continue Reading

• The Basics of Information Security

  In this excerpt of The Basics of Information Security, author Jason Andress outlines methods for improving operating systems security.Continue Reading

• Can setting a cache-control header improve application data security?

  Application security expert Michael Cobb reviews the cache-control header codes that can help prevent a Web application from storing sensitive data.Continue Reading

• The fundamentals of FDE: The business case for full disk encryption

  Expert Karen Scarfone outlines the benefits of FDE to help businesses decide if the storage encryption technology is right for their organization.Continue Reading

• The 10 questions to ask during a mobile risk assessment

  To both embrace the benefits of BYOD and shore up the security gaps created by it, ask these 10 questions when conducting a mobile risk assessment.Continue Reading

• SHA-2 algorithm: The how and why of the transition

  Is it time to make the move to the SHA-2 algorithm? Application security expert Michael Cobb discusses and offers tips to ease the transition.Continue Reading

• CISSP quiz: Cryptography CISSP certification practice test

  Test your knowledge of the CISSP exam's Cryptography Domain by taking this practice quiz, which covers topics including public and private keys, encryption algorithms, digital certificates and more.Continue Reading

• CISSP quiz: Access control models and components

  Test your knowledge of the CISSP exam's Access Control Domain by taking this practice quiz, which covers topics including access control models, one-time passwords, IPS/IDS and more.Continue Reading

• CISSP quiz: Information security governance and risk management

  Test your knowledge of the Information Security Governance and Risk Management domain of the CISSP exam by taking this practice quiz.Continue Reading

• The NoSQL challenge: What's in store for big data and security

  Big data offers horizontal scalability, but how do you get your database security to scale along with it?Continue Reading

• Are malicious mobile apps a mere inconvenience or a real threat?

  How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices?Continue Reading

• Threat intelligence versus risk: How much cybersecurity is enough?

  Learn how threat intelligence plays into global risk assessment as more security officers are tasked with damage control.Continue Reading

• Command-and-control servers: The puppet masters that govern malware

  Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels.Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.Continue Reading

• When single sign-on fails, is a second SSO implementation worthwhile?

  After a failed SSO implementation, is there any benefit to an enterprise trying again? Expert Michele Chubirka discusses.Continue Reading

• How Cisco's 'Application Centric Infrastructure' differs from SDN

  As Cisco rolls out a hardware-based alternative to software-defined networking approaches, what does it all mean for security?Continue Reading

• Linux Malware Incident Response

  In this excerpt from Linux Malware Incident Response, authors Cameron Malin, Eoghan Casey and James Aquilina discuss volatile data collection methodology, steps and preservation.Continue Reading

• Risk Management Framework

  In this excerpt from chapter 3 of Risk Management Framework, author James Broad discusses the four components of risk management.Continue Reading

• Why TCP traffic spikes with source port zero should sound an alarm

  Are spikes in TCP traffic with source port zero warning signs that future attacks are imminent? Discover why enterprises should be concerned.Continue Reading

• Tor networks: Stop employees from touring the deep Web

  Are employees using Tor to view blocked Web sites, or mining Bitcoins on corporate resources? Sinister or not, it needs to stop.Continue Reading

• Preventing plaintext password problems in Google Chrome

  Plaintext passwords are risky business. Michael Cobb discusses what Google says about the Chrome password vulnerability and potential exploits.Continue Reading

• Femtocell security: Defending against a femtocell hack

  The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack.Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.Continue Reading

• Return on security investment: The risky business of probability

  You are better off with real numbers when it comes to measuring probability and the elements of security risk, even if they are wrong.Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading

• Third-party risk management: Horror stories? You are not alone

  The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements.Continue Reading

• How to define SIEM strategy, management and success in the enterprise

  Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization.Continue Reading

• Are FedRAMP security controls enough?

  Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading

• Improving security management processes with SIEM

  In our newest Security School lesson, Mike Rothman covers how to get the best data to improve incident response.Continue Reading

• Quiz: Using SIEM technology to improve security management processes

  In this five question quiz, test your knowledge of our Security School lesson on using SIEM technology to improve security management processes.Continue Reading

• How to configure a VLAN to achieve the benefits of VLAN security

  Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.Continue Reading

• Managing big data privacy concerns: Tactics for proactive enterprises

  The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help companies get smarter while keeping consumers happy.Continue Reading

• Antivirus evasion techniques show ease in avoiding antivirus detection

  In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.Continue Reading

• Outsourcing security services in the enterprise: Where to begin

  Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services.Continue Reading

• Quiz: Managing BYOD endpoint security

  In this six question quiz, test your knowledge of our Security School lesson on managing BYOD endpoint security.Continue Reading

• How to implement firewall policy management with a 5-tuple firewall

  Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons.Continue Reading

• The Huawei security risk: Factors to consider before buying Chinese IT

  Cover story: The U.S. government says Chinese IT giants Huawei and ZTE pose too much risk. But do they? Joel Snyder offers his take.Continue Reading

• Thirteen principles to ensure enterprise system security

  Designing sound enterprise system security is possible by following Gary McGraw's 13 principles, many of which have held true for decades.Continue Reading

• Protecting Intellectual Property: Best Practices

  Organizations need to implement best practices to protect their trade secrets from both internal and external threats.Continue Reading

• Metasploit Review: Ten Years Later, Are We Any More Secure?

  Some say the pen testing framework is a critical tool for improving enterprise security, while others say it helps attackers.Continue Reading

• Security incident management in the cloud: Tackling the challenges

  Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process.Continue Reading

• Information Security Magazine: FEBRUARY 2012

  Learn about the latest malware threats targeting enterprises and what you can do to reduce the risk of infection.Continue Reading

• Identity and access management concepts and predictions to watch in 2011

  Forrester's Andras Cser discusses the emerging identity and access management concepts and market predictions enterprises should be prepared for in 2011.Continue Reading

• Virtualization 101: Best practices for securing virtual machines

  VMs introduce a new security dynamic, one that emphasizes asset discovery, change management and tweaks to existing security technology.Continue Reading

• Cloud security standards provide assessment guidelines

  The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls.Continue Reading

• User provisioning best practices: Access recertification

  User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...Continue Reading