New & Notable
News
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week.
News
Infoblox: 800,000 domains vulnerable to hijacking attack
While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive.
News
CISA, FBI confirm China breached telecommunication providers
The government agencies confirmed Wall Street Journal reports that China-backed threat actors breached telecommunication providers and access data for law enforcement requests.
News
Most widely exploited vulnerabilities in 2023 were zero days
While zero-day exploitation surged throughout 2023, CISA said threat actors continue to exploit known vulnerabilities that were disclosed and patched as far back as 2017.
Trending Topics
-
Data Security & Privacy News
MFA required for AWS Organizations member accounts in 2025
AWS is one of several cloud providers that will implement MFA requirements over the next year, with other relevant names including Google Cloud and Microsoft Azure.
-
Threats & Vulnerabilities News
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week.
-
IAM Evaluate
Top 10 identity and access management risks
Organizational security is undermined by a number of identity and access management problems. Learn what those risks are and get ideas on how to solve them.
-
Analytics & Automation News
Mastercard to acquire Recorded Future for $2.65B
Mastercard says the addition of threat intelligence vendor Recorded Future will bolster its cybersecurity services as threats against the financial sector continue to rise.
-
Network Security News
CISA, FBI confirm China breached telecommunication providers
The government agencies confirmed Wall Street Journal reports that China-backed threat actors breached telecommunication providers and access data for law enforcement requests.
-
Operations & Management News
CISA on 2024 election security: 'Good news' for democracy
CISA Director Jen Easterly says that despite disruptions including bomb threats in multiple states, Election Day 2024 was a success story from a security standpoint.
Sponsored Sites
-
Servers
Server Buying Considerations 2023
This site focusses on key server buying considerations for IT decision makers in 2023 and beyond, with an emphasis on innovations in server design, security, sustainability, automation, and financing flexibility from Dell Technologies and Intel®.
-
Security
Transform Your Network Security: Secure, Agile, and Ready for the Future
Experience a revolution in network security with Secure Network Transformation solutions. Learn how TATA Communications’ comprehensive approach ensures unparalleled protection, performance, and flexibility for your network infrastructure.
-
Connected Enterprise
Empowering the Truly Connected Enterprise
Learn how Software AG can help your organization become a truly connected enterprise.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
SIEM vs. SOAR vs. XDR: Evaluate the key differences
SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs.
-
EDR vs. XDR vs. MDR: Key differences and benefits
-
Top 10 identity and access management risks
-
Address skills shortages with third-party data discovery tools
-
-
Problem Solve
How to identify and prevent insecure output handling
Sanitation, validation and zero trust are essential ways to reduce the threat posed by large language models generating outputs that could cause harm to downstream systems and users.
-
DDoS mitigation: How to stop DDoS attacks
-
Threat intelligence vs. threat hunting: Better together
-
7 common intrusion detection system evasion techniques
-
-
Manage
How to create an enterprise cloud security budget
As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget.
-
API security testing checklist: 7 key steps
-
Insider threat hunting best practices and tools
-
EDR vs. SIEM: Key differences, benefits and use cases
-
Information Security Basics
-
Get Started
What is identity governance and administration (IGA)?
Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.
-
Get Started
Identity management vs. authentication: Know the difference
Learn how authentication and identity management are both intrinsic to an identity and access management framework. Learn how they differ and the role each one plays.
-
Get Started
How to build a Python port scanner
Python offers beginning coders a lot of flexibility and is a novel way to build tools designed to probe port performance across your network.
Multimedia
-
News
View All -
Data security and privacy
MFA required for AWS Organizations member accounts in 2025
AWS is one of several cloud providers that will implement MFA requirements over the next year, with other relevant names including Google Cloud and Microsoft Azure.
-
Threats and vulnerabilities
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week.
-
Threats and vulnerabilities
Infoblox: 800,000 domains vulnerable to hijacking attack
While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive.
Search Security Definitions
- What is identity governance and administration (IGA)?
- What is machine identity management?
- What is unified threat management (UTM)?
- What is two-factor authentication (2FA)?
- What is authentication, authorization and accounting (AAA)?
- What is the Mitre ATT&CK framework?
- What is extended detection and response (XDR)?
- What is OPSEC (operations security)?