New & Notable
News
AWS launches automated service for incident response
AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty.
Manage
How to build an effective third-party risk assessment framework
Don't overlook the threats associated with connecting vendors and partners to internal systems. Do your due diligence and use third-party risk assessments to prevent supply chain attacks.
Evaluate
How AI is reshaping threat intelligence
As promising as AI technology is for threat intelligence, organizations grapple with a long learning curve and other challenges that could impede successful adoption.
News
New York fines Geico, Travelers $11.3M over data breaches
The two insurance giants were fined millions by New York state regulators and are required to enhance security protocols around authentication and penetration testing.
Trending Topics
-
Data Security & Privacy News
Risk & Repeat: China hacks major telecom companies
The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests.
-
Threats & Vulnerabilities News
Russian hackers exploit Firefox, Windows zero-days in wild
RomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers.
-
IAM Manage
8 best practices for a bulletproof IAM strategy
IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges.
-
Analytics & Automation News
AWS launches automated service for incident response
AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty.
-
Network Security News
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities.
-
Operations & Management Evaluate
User provisioning and deprovisioning: Why it matters for IAM
Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary.
Sponsored Sites
-
IT Workflows
Transform Your Organization With Modern and Resilient IT Services
Learn how ServiceNow’s IT solutions can help your organization seize the upside of operational resilience and raise employee agility.
-
Cybersecurity
Kaspersky Next: Cybersecurity Redefined
-
Security
Transform Your Network Security: Secure, Agile, and Ready for the Future
Experience a revolution in network security with Secure Network Transformation solutions. Learn how TATA Communications’ comprehensive approach ensures unparalleled protection, performance, and flexibility for your network infrastructure.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
How AI is reshaping threat intelligence
As promising as AI technology is for threat intelligence, organizations grapple with a long learning curve and other challenges that could impede successful adoption.
-
U.S. data privacy protection laws: 2025 guide
-
User provisioning and deprovisioning: Why it matters for IAM
-
SIEM vs. SOAR vs. XDR: Evaluate the key differences
-
-
Problem Solve
Biometric privacy and security challenges to know
Fingerprints and facial scans can make identity access more convenient than passwords, but biometric tools present significant ethical and legal challenges.
-
How to identify and prevent insecure output handling
-
DDoS mitigation: How to stop DDoS attacks
-
Threat intelligence vs. threat hunting: Better together
-
-
Manage
8 best practices for a bulletproof IAM strategy
IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges.
-
How to build an effective third-party risk assessment framework
-
What CISOs need to know to build an OT cybersecurity program
-
How to create an enterprise cloud security budget
-
Information Security Basics
-
Get Started
What is obfuscation and how does it work?
Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program.
-
Get Started
What is IPsec (Internet Protocol Security)?
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
-
Get Started
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.
Multimedia
-
News
View All -
Security analytics and automation
AWS launches automated service for incident response
AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty.
-
Compliance
New York fines Geico, Travelers $11.3M over data breaches
The two insurance giants were fined millions by New York state regulators and are required to enhance security protocols around authentication and penetration testing.
-
Threats and vulnerabilities
Russian hackers exploit Firefox, Windows zero-days in wild
RomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers.
Search Security Definitions
- What is obfuscation and how does it work?
- What is Extensible Authentication Protocol (EAP)?
- What is IPsec (Internet Protocol Security)?
- What is endpoint detection and response (EDR)?
- What is Common Vulnerabilities and Exposures (CVE)?
- What is a spam trap?
- What is a whaling attack (whaling phishing)?
- What is identity governance and administration (IGA)?