Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

Video 18 Nov 2024
An explanation of cybercrime

Cybercrime is a real and illegal threat, just like traditional crime. Learn about cybercriminals and effective prevention strategies to safeguard yourself online. Continue Reading
By
- Sabrina Polin, Managing Editor
Tip 18 Nov 2024
What CISOs need to know to build an OT cybersecurity program

More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
- Sharon Shea, Executive Editor

Podcast 14 Nov 2024
CEO: GenAI changes multi-cloud security, network equation

Aviatrix CEO Doug Merritt sees generative AI apps forcing a more distributed approach to cloud infrastructure, but he believes it will also help SecOps catch up with threats. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 12 Nov 2024
SIEM vs. SOAR vs. XDR: Evaluate the key differences

SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs. Continue Reading
By
- Paul Kirvan
Podcast 12 Nov 2024
Lines blur between enterprise SecOps and cyberdefense

One expert predicts AI will ultimately benefit attackers more than defenders and, instead, urges businesses to take a page out of military and government cyberdefense handbooks. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 12 Nov 2024
EDR vs. XDR vs. MDR: Key differences and benefits

One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help. Continue Reading
By
- Paul Kirvan
Tip 07 Nov 2024
How to create an enterprise cloud security budget

As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 06 Nov 2024
CISA on 2024 election security: 'Good news' for democracy

CISA Director Jen Easterly says that despite disruptions including bomb threats in multiple states, Election Day 2024 was a success story from a security standpoint. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Nov 2024
CISA: U.S. election disinformation peddled at massive scale

CISA said the U.S. cybersecurity agency has seen small-scale election incidents 'resulting in no significant impacts to election infrastructure,' such as low-level DDoS attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 01 Nov 2024
Could SBOMs save lives? SecOps in critical infrastructure

'We live in glass houses,' said a seasoned cybersecurity expert of the U.S. water supply, healthcare and other lifeline services. 'And people are about to start throwing rocks.' Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 01 Nov 2024
API security testing checklist: 7 key steps

APIs are a common attack vector for malicious actors. Use our API security testing checklist and best practices to protect your organization and its data. Continue Reading
By
- Dave Shackleford, Voodoo Security
- Michael Cobb
Definition 01 Nov 2024
What is unified threat management (UTM)?

Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
By
- Paul Kirvan
- Linda Rosencrance
Feature 29 Oct 2024
How to configure and customize Kali Linux settings

Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
News 28 Oct 2024
Delta sues CrowdStrike over IT outage fallout

Delta said it suffered $500 million in damages. CrowdStrike said the airline company's claims 'demonstrate a lack of understanding of how modern cybersecurity works.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 28 Oct 2024
Types of cybersecurity controls and how to place them

A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset. Continue Reading
By
- Isabella Harford, TechTarget
- Packt Publishing
Definition 28 Oct 2024
What is authentication, authorization and accounting (AAA)?

Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Podcast 25 Oct 2024
Relearning past lessons in assessing cloud risk

Those who do not learn from history are doomed to repeat it -- even when that history is only about a decade or two old, according to one security analyst in this podcast episode. Continue Reading
By
- Beth Pariseau, Senior News Writer
Feature 16 Oct 2024
How to build an incident response plan, with examples, template

With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
By
- Paul Kirvan
Feature 16 Oct 2024
How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Wiley Publishing
Podcast 11 Oct 2024
SecOps from the IT infrastructure operations perspective

The CrowdStrike outage capped a decade of deepening divide between SecOps and the rest of IT ops -- and should bring about its end, according to one industry veteran. Continue Reading
By
- Beth Pariseau, Senior News Writer
Definition 10 Oct 2024
What is threat intelligence?

Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
By
Definition 10 Oct 2024
What is extended detection and response (XDR)?

Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment. Continue Reading
By
- Paul Kirvan
- Sean Michael Kerner
Podcast 08 Oct 2024
Risk & Repeat: Is Microsoft security back on track?

Microsoft has made significant changes to its cybersecurity practices and policies under the Secure Future Initiative. Are they enough to right the ship? Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 07 Oct 2024
How to use security as code to achieve DevSecOps

Security as code helps organizations achieve DevSecOps and shift-left security. Learn about SaC's benefits, challenges and implementation best practices. Continue Reading
By
- Paul Kirvan
News 03 Oct 2024
Microsoft SFI progress report elicits cautious optimism

Infosec experts say the Secure Future Initiative progress report shows Microsoft has made important changes to its policies, practices and accountability structures. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 03 Oct 2024
Microsoft security overhaul offers blueprint for SecOps

Better late than never: Microsoft lags major cloud competitors in making security a top priority. But other enterprises might learn from how the company is catching up. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 01 Oct 2024
T-Mobile reaches $31.5M breach settlement with FCC

After suffering several breaches, T-Mobile agreed to pay a $15.75 million civil penalty and make a $15.75 million investment to bolster its security over the next two years. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report

The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By
- Rob Wright, Senior News Director
Podcast 26 Sep 2024
The double-edged swords of cloud security and AI

DevSecOps expert Kyler Middleton examines the ways modern technologies such as cloud computing and AI both enable and complicate the future of SecOps. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tutorial 24 Sep 2024
How to use tcpreplay to replay network packet files

The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 23 Sep 2024
How to prepare a system security plan, with template

To help keep your systems and applications secure, a system security plan is essential. Learn how to create a plan and keep it up to date. Continue Reading
By
- Paul Kirvan
News 23 Sep 2024
Microsoft issues first Secure Future Initiative report

In the first progress report since the launch of its Secure Future Initiative, Microsoft said it's made key improvements to identity and supply chain security. Continue Reading
By
- Arielle Waldman, News Writer
Feature 20 Sep 2024
How to prepare for post-quantum computing security

One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations. Continue Reading
By
- Kyle Johnson, Technology Editor
Podcast 19 Sep 2024
SecOps' new frontier in the remote work era: HR

A CISO shares the story of how his SOC staff caught and contained a North Korean agent posing as a software engineer, saying he hopes to raise awareness of a growing threat. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 16 Sep 2024
Explaining cybersecurity tabletop vs. live-fire exercises

Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ. Continue Reading
By
- Rob Shapland
Tip 16 Sep 2024
Microsoft Copilot for Security: 5 use cases

Copilot for Security can assist security pros -- from managers and CISOs to incident responders and SOC members -- in maintaining security posture and addressing security gaps. Continue Reading
By
- Matthew Smith, Seemless Transition LLC
Tip 10 Sep 2024
8 key aspects of a mobile device security audit program

Auditing is a crucial part of mobile device security, but IT admins must ensure their approach is thorough and consistent. Learn what aspects make up a mobile device audit program. Continue Reading
By
- Michael Goad, CDW
Tip 09 Sep 2024
How to create an AI acceptable use policy, plus template

With great power comes -- in the case of generative AI -- great security and compliance risks. Learn how an AI acceptable use policy can help ensure safe use of the technology. Continue Reading
By
- Jerald Murphy
Podcast 09 Sep 2024
An expert's big-picture view of the state of SecOps

In this first episode of 'IT Ops Query' Season 2, a SANS institute instructor and 20-year cybersecurity veteran assesses the past, present and future of SecOps. Continue Reading
By
- Beth Pariseau, Senior News Writer
Tip 06 Sep 2024
Threat hunting frameworks, techniques and methodologies

Threat hunting's proactive approach plays a vital role in defending against cyberattacks. Learn about the frameworks, methodologies and techniques that make it so effective. Continue Reading
By
- Dave Shackleford, Voodoo Security
Definition 06 Sep 2024
What is identity threat detection and response (ITDR)?

Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure. Continue Reading
By
- Mary K. Pratt
Definition 06 Sep 2024
What is MXDR, and do you need it?

Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment. Continue Reading
By
- Char Sample, ICF International
Tip 05 Sep 2024
What is threat hunting? Key strategies explained

If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know. Continue Reading
By
- Ed Moyle, Drake Software
News 28 Aug 2024
Infosec experts applaud DOJ lawsuit against Georgia Tech

The Department of Justice joined a whistleblower lawsuit against Georgia Tech for allegedly misleading the Department of Defense about its cybersecurity posture. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 28 Aug 2024
Why is SecOps becoming both easier and more difficult?

While SecOps has become easier in some ways, enterprises still struggle with areas such as data volumes, threat intelligence analysis and security alert volume and complexity. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tutorial 27 Aug 2024
How to use Tor -- and whether you should -- in your enterprise

The Tor browser has sparked discussion and dissension since its debut. Does the software, which promises anonymous and secure web access, have a role to play in the enterprise? Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 27 Aug 2024
Port of Seattle grappling with 'possible cyberattack'

A possible cyberattack against Washington's Port of Seattle has caused significant service disruptions to airline travel at the Seattle-Tacoma International Airport. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 27 Aug 2024
What is LDAP (Lightweight Directory Access Protocol)?

LDAP (Lightweight Directory Access Protocol) is a software protocol used for locating data about organizations, individuals and other resources, such as files and devices, on public and corporate networks. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Alexander S. Gillis, Technical Writer and Editor
Tip 26 Aug 2024
How to use the NIST CSF and AI RMF to address AI risks

Companies are increasingly focused on how they can use AI but are also worried about their exposure to AI-fueled cybersecurity risks. Two NIST frameworks can help. Continue Reading
By
- Matthew Smith, Seemless Transition LLC
News 22 Aug 2024
CrowdStrike exec refutes Action1 acquisition reports

A CrowdStrike vice president said the cybersecurity giant had an exploratory group conversation with Action1 and then 'disengaged after a surface level conversation.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 19 Aug 2024
Guide to data detection and response (DDR)

Data is one of the most important assets in any organization. To truly protect it, you need a DDR strategy. Here's what you need to know, with tips on buying DDR tools. Continue Reading
By
- Sean Michael Kerner
Tip 19 Aug 2024
Too many cloud security tools? Time for consolidation

Does your organization need every cloud security platform and service currently in use? Tool consolidation can reduce the chances of coverage gaps and increase security. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 19 Aug 2024
CrowdStrike outage lessons learned: Questions to ask vendors

In light of the recent CrowdStrike outage, security teams should ask their vendors 10 key questions to ensure they're prepared should a similar event occur. Continue Reading
By
- Ed Moyle, Drake Software
News 13 Aug 2024
What the Delta-CrowdStrike lawsuit may mean for IT contracts

The recent exchange of allegations between Delta and CrowdStrike reveals legal arguments Delta could use to recover the massive losses suffered in the CrowdStrike outage. Continue Reading
By
- Antone Gonsalves, News Director
News 13 Aug 2024
Law enforcement disrupts Radar/Dispossessor ransomware group

The now-disrupted Radar/Dispossessor ransomware gang was launched in August 2023, and its members have targeted dozens of SMBs across critical sectors via dual extortion. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 12 Aug 2024
Risk & Repeat: Recapping Black Hat USA 2024

Highlights from Black Hat USA 2024 include a keynote panel on securing election infrastructure as well as several sessions on potential threats against new AI technology. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Aug 2024
How to fix Windows 11 desktops after CrowdStrike outage

IT administrators had to jump into action after the CrowdStrike outage to recover faulty desktops. Learn how to use the Microsoft Recovery Tool to fix Windows 11 issues. Continue Reading
By
- Brien Posey
Tip 12 Aug 2024
How to conduct a mobile app security audit

To keep corporate and user data safe, IT must continuously ensure mobile app security. Mobile application security audits are a helpful tool to stay on top of data protection. Continue Reading
By
- Will Kelly
News 12 Aug 2024
Flashpoint CEO: Cyber, physical security threats converging

Although Flashpoint is known for their cybersecurity threat intelligence services, the vendor also provides physical security intelligence to its clientele. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Aug 2024
EDR testing: How to validate EDR tools

Cutting through an EDR tool's marketing hype is difficult. Ask vendors questions, and conduct testing before buying a tool to determine if it solves your organization's pain points. Continue Reading
By
- Rob Shapland
News 08 Aug 2024
CrowdStrike, AI dominate conversation at Black Hat USA 2024

Although the trend of vendors pitching AI-powered products nonstop has continued at Black Hat USA 2024, CrowdStrike and the recent IT outage was an even larger point of discussion. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Aug 2024
CISA: Election infrastructure has never been more secure

CISA Director Jen Easterly emphasized at Black Hat 2024 that election stakeholders cannot be complacent because 'the threat environment has never been so complex.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Aug 2024
CrowdStrike details errors that led to mass IT outage

CrowdStrike's investigation into the recent defective update found that a 'confluence' of issues led to the release of the channel file last month, causing a mass IT outage. Continue Reading
By
- Rob Wright, Senior News Director
News 06 Aug 2024
Security framework to determine whether defenders are winning

Columbia University researcher and longtime security practitioner Jason Healey will present at Black Hat USA a new framework to determine defensive advantage. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 05 Aug 2024
CrowdStrike fires back at Delta over outage allegations

After Delta Air Lines said it would seek damages against CrowdStrike over last month's IT outage, the cybersecurity vendor's legal counsel warned it would 'respond aggressively.' Continue Reading
By
- Rob Wright, Senior News Director
News 01 Aug 2024
InfoSec community sounds off on CrowdStrike outage, next steps

Security experts offered their thoughts on the recent IT outage, praising CrowdStrike's response time but saying the outage highlights issues in the software updating process. Continue Reading
By
- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
Tip 01 Aug 2024
How to assess SOC-as-a-service benefits and challenges

While in-house SOCs are costly and complex to build and maintain, SOC as a service provides a more affordable, cloud-based alternative. Explore benefits and challenges. Continue Reading
By
- John Burke, Nemertes Research
- Alissa Irei, Senior Site Editor
Definition 31 Jul 2024
What is cyber attribution?

Cyber attribution is the process of tracking and identifying the perpetrator of a cyberattack or other cyber operation. Continue Reading
By
- Robert Sheldon
News 30 Jul 2024
Microsoft, SecOps pros weigh kernel access post-CrowdStrike

Microsoft will explore alternatives to direct kernel access for partners following the CrowdStrike outage. But some IT pros worry that change could do more harm than good. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 29 Jul 2024
5 key capabilities for effective cyber-risk management

Faced with relentless cyberattacks, organizations need to shore up their cyber-risk management programs by updating legacy tools and checking out new vendor options. Continue Reading
By
- David Vance
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 26 Jul 2024
CrowdStrike outage underscores software testing dilemmas

Experts say efforts to avoid incidents such as last week's CrowdStrike outage will face time-honored tradeoffs between velocity, stability, access and security. Continue Reading
By
- Beth Pariseau, Senior News Writer
Opinion 26 Jul 2024
CISO advice for addressing cyber-risk management challenges

Cyber-risk management is simple in concept and difficult in practice. CISOs weigh in on some potential ways to reign in the chaos, educate executives and mitigate cyber-risks. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 26 Jul 2024
BitLocker workaround may offer aid for CrowdStrike customers

CrowdStrike customers grappling with blue screens of death from the recent IT outage may be able to sidestep BitLocker encryption schemes and recover their Windows systems. Continue Reading
By
- Rob Wright, Senior News Director
News 26 Jul 2024
CrowdStrike: 97% of Windows sensors back online after outage

While most Windows systems are back online after last week's outage, CrowdStrike CEO George Kurtz said the vendor remains 'committed to restoring every impacted system.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 25 Jul 2024
CrowdStrike disaster exposes a hard truth about IT

Growing third-party dependencies mean more CrowdStrike-like disasters ahead. Preventing these requires a commitment to quality from vendors and robust backup plans from users. Continue Reading
By
- Patrick Thibodeau, Editor at Large
Feature 25 Jul 2024
The differences between open XDR vs. native XDR

Extended detection and response tools are open or native. Learn the differences between them, and get help choosing the right XDR type for your organization. Continue Reading
By
- Kyle Johnson, Technology Editor
News 24 Jul 2024
CrowdStrike: Content validation bug led to global outage

CrowdStrike said last week's global outage was caused by a bug in the Falcon platform's content validator, which missed a defective configuration update for its Windows sensor. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 24 Jul 2024
Types of MDR security services: MEDR vs. MNDR vs. MXDR

Considering MDR security services? There's more than one option available; learn how to find the best for your organization's security needs. Continue Reading
By
- Diana Kelley, SecurityCurve
Podcast 23 Jul 2024
Risk & Repeat: Faulty CrowdStrike update causes global outage

Friday's outage, which was caused by a defective CrowdStrike channel file update, resulted in significant disruptions for airlines, critical infrastructure and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 23 Jul 2024
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
By
- Craig Stedman, Industry Editor
Tip 19 Jul 2024
Why mobile security audits are important in the enterprise

Mobile devices bring their own set of challenges and risks to enterprise security. To handle mobile-specific threats, IT should conduct regular mobile security audits. Continue Reading
By
- Michael Goad, CDW
News 19 Jul 2024
Defective CrowdStrike update triggers mass IT outage

A faulty update for CrowdStrike's Falcon platform crashed customers' Windows systems, causing outages at airlines, government agencies and other organizations across the globe. Continue Reading
By
- Rob Wright, Senior News Director
Answer 19 Jul 2024
How to protect port 139 from SMB attacks

Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By
- Michael Cobb
News 18 Jul 2024
Judge tosses most of SEC's lawsuit against SolarWinds

A judge dismissed many of the charges in the U.S. Securities and Exchange Commission's lawsuit against SolarWinds and its CISO, Timothy Brown, though some charges remain. Continue Reading
By
- Rob Wright, Senior News Director
Tutorial 18 Jul 2024
How to use Pwnbox, the cloud-based VM for security testing

Pwnbox offers users the chance to hone their skills about security concepts and tools without having to build a costly lab environment. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 18 Jul 2024
Amazon CISO discusses the company's cautious approach to AI

At the recent AWS re:Inforce 2024 conference, Amazon CISO CJ Moses spoke about the risks and threats associated with new AI technology and how the cloud giant addresses them. Continue Reading
By
- Rob Wright, Senior News Director
Opinion 09 Jul 2024
CISOs on how to improve cyberthreat intelligence programs

Organizations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 08 Jul 2024
How AI-driven SOC tech eased alert fatigue: Case study

Alert fatigue is real, and it can cause big problems in the SOC. Learn how generative AI can improve security outcomes and reduce analysts' frustration in this case study. Continue Reading
By
- Alissa Irei, Senior Site Editor
Feature 03 Jul 2024
RSA security conference video roundup: 2024 perspectives

We chatted on camera with attendees and presenters at RSAC 2024. To get the highlights of one of the world's major cybersecurity conferences, check out this video collection. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
News 28 Jun 2024
TeamViewer breached by Russian state actor Midnight Blizzard

TeamViewer says a Russian state-sponsored threat actor known as Midnight Blizzard gained accessed to the company's corporate network via compromised employee credentials. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tutorial 28 Jun 2024
How to use Social-Engineer Toolkit

Testing system components for vulnerabilities is just one part of the network security equation. What's the best way to measure users' resilience to social engineering threats? Continue Reading
By
- Ed Moyle, Drake Software
News 25 Jun 2024
CISA discloses breach of Chemical Security Assessment Tool

The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 25 Jun 2024
digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Alexander S. Gillis, Technical Writer and Editor
- Ben Lutkevich, Site Editor
News 21 Jun 2024
Biden administration bans Kaspersky Lab products in US

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
How Amazon's decision to ditch Active Directory paid off

Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By
- Rob Wright, Senior News Director
Podcast 18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall

Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Jun 2024
Alex Stamos on how to break the cycle of security mistakes

In an interview, SentinelOne's Alex Stamos discussed the importance of security by design and why it needs to be applied to emerging technologies, including generative AI. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Jun 2024
Congress grills Microsoft president over security failures

Microsoft President Brad Smith testifies on a wide range of issues, including Chinese and Russian nation-state attacks, the controversial AI-powered Recall feature and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 14 Jun 2024
The enduring importance of digital trust

Digital trust is an increasingly important issue, yet confusion remains about what exactly it is, how to achieve it and how to get started. Continue Reading
By
- Greg Shields
News 12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024

AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By
- Rob Wright, Senior News Director
Tip 05 Jun 2024
How to write a useful cybersecurity incident report

Reacting to a cybersecurity event is just half the battle. An incident report can help companies understand why the attack occurred and how to avoid future security issues. Continue Reading
By
- Paul Kirvan
Opinion 30 May 2024
RSA Conference wrap-up: The state of cybersecurity disconnect

The cybersecurity industry isn't prepared for massive changes in play. It needs to focus more on the mission rather than cybersecurity technology widgets. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.