Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
News
19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack
CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
-
Tip
18 Nov 2024
What CISOs need to know to build an OT cybersecurity program
More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program. Continue Reading
-
Feature
27 Jul 2017
Sophos Endpoint Protection and an overview of its features
Expert Ed Tittel examines Sophos Endpoint Protection, an endpoint security platform with antivirus, antimalware and more. Continue Reading
-
Tip
24 Jul 2017
IPv6 addresses: Security recommendations for usage
IPv6 addresses can be used in a number of ways that can strengthen information security. Expert Fernando Gont explains the basics of IPv6 address usage for enterprises. Continue Reading
-
Answer
19 Jul 2017
How does an Intel AMT flaw enable attackers to gain device access?
A vulnerability in Intel AMT enables attackers to gain remote access to PCs and devices. Expert Judith Myerson explains how the attack works and what can be done to prevent it. Continue Reading
-
Answer
14 Jul 2017
Android sandboxing tools: How can work data separation be bypassed?
Android for Work's sandboxing tools, which split work and personal profiles, can be bypassed with a proof-of-concept attack. Expert Michael Cobb explains how the attack works. Continue Reading
-
Feature
13 Jul 2017
Evaluating endpoint security products for antimalware protection
Expert contributor Ed Tittel explores key criteria for evaluating endpoint security products to determine the best option for antimalware protection for your organization. Continue Reading
-
Feature
10 Jul 2017
Advanced endpoint protection takes on the latest exploits
Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints. Continue Reading
-
Opinion
10 Jul 2017
Do thoughts of your least secure endpoint keep you up at night?
Some days, 'secure endpoint' feels like an oxymoron, but that soon may change. From smart sandboxes to advanced behavior analytics, learn what's new in endpoint security technologies. Continue Reading
-
News
07 Jul 2017
Flawed Broadcom Wi-Fi chipsets get a fix, but flaw remains a mystery
Broadpwn, a flaw in Broadcom Wi-Fi chipsets, is patched, but Google withholds details. Plus, the latest in the antivirus drama between the U.S. and Russia, and more. Continue Reading
- 05 Jul 2017
- 05 Jul 2017
- 05 Jul 2017
-
Answer
04 Jul 2017
How did Webroot's antivirus signature update create false positives?
A Webroot antivirus signature update flagged Windows and Windows applications as dangerous. Expert Matthew Pascucci explains how it happened and what Webroot did about it. Continue Reading
-
News
22 Jun 2017
Malware in encrypted traffic uncovered with machine learning
Cisco claims it can accurately detect malware activity in encrypted traffic using machine learning, but some experts worry about privacy implications. Continue Reading
-
Answer
20 Jun 2017
Heartbleed vulnerability: Why does it persist on so many services?
The Heartbleed flaw still impacts almost 200,000 services connected to the internet. Expert Nick Lewis explains why these services remain unpatched and vulnerable. Continue Reading
-
News
16 Jun 2017
Hidden Cobra hackers target U.S. with DeltaCharlie malware
News roundup: DeltaCharlie malware is a threat to the U.S., according to a US-CERT warning about Hidden Cobra. Plus, a DVR flaw could create a bigger botnet than Mirai, and more. Continue Reading
-
Answer
15 Jun 2017
How do Linksys router vulnerabilities expose user data?
Router vulnerabilities in over 20 Linksys models expose user data to attackers. Expert Judith Myerson explains how the flaws work and how to protect against them. Continue Reading
-
Tip
13 Jun 2017
IPv6 update: A look at the security and privacy improvements
The recent IPv6 update from the IETF introduces new security and privacy recommendations. Expert Fernando Gont explains these changes and what they mean for organizations. Continue Reading
-
Answer
09 Jun 2017
How can a NULL pointer dereference flaw create a DoS attack?
A flaw in the open source graphics library libpng enabling denial-of-service attacks was discovered. Expert Michael Cobb explains how the vulnerability works. Continue Reading
-
News
08 Jun 2017
Hardcoded passwords could cause full IoT camera compromise
IoT cameras could be fully compromised due to multiple vulnerabilities, including hardcoded passwords that can be used regardless of user settings. Continue Reading
-
Answer
24 May 2017
How does the Stegano exploit kit use malvertising to spread?
A malvertising campaign by the AdGholas group has been found spreading the Stegano exploit kit. Expert Nick Lewis explains how web advertisements are used in this attack. Continue Reading
-
Answer
23 May 2017
How does Rakos malware attack embedded Linux systems?
Rakos malware is attempting to build a botnet by attacking embedded Linux systems. Expert Nick Lewis explains how enterprises can prevent attacks on their systems. Continue Reading
-
Answer
19 May 2017
Can BGP anycast addressing be used for DDoS attacks?
The BGP anycast addressing technique could potentially be used for malicious purposes. Expert Judith Myerson explains how this might work and what types of attacks to look out for. Continue Reading
-
News
19 May 2017
Q&A: Juniper's Kevin Walker on data manipulation, ransomware threats
Juniper's Kevin Walker talks with SearchSecurity about the evolving threat landscape and how some attackers are incorporating data manipulation into their schemes. Continue Reading
-
Answer
17 May 2017
How can a smart TV security vulnerability be mitigated?
A smart TV security vulnerability could potentially be exploited to steal the owner's data. Expert Judith Myerson explains how this works and offers tips on how to protect yourself. Continue Reading
-
Tip
16 May 2017
Why WPA2-PSK can be a security risk even with an uncracked key
WPA2-PSK is a popular way to bolster wireless security, but it's not perfect. Expert Joseph Granneman explains WPA2 and other aspects of the complicated history of Wi-Fi security. Continue Reading
-
News
09 May 2017
Intel AMT security risk could lead to system access
Servers may have been at risk of attack for years because of an Intel AMT security risk that was recently disclosed before manufacturers could patch. Continue Reading
-
News
05 May 2017
SS7 vulnerability allows attackers to drain bank accounts
News roundup: Attackers exploit SS7 vulnerability and drain bank accounts. Plus, Trump signs government IT executive order, an Intel AMT flaw threatens millions and more. Continue Reading
-
Tip
24 Apr 2017
The security pros and cons of using a free FTP tool
A free FTP tool can help move enterprise files to a managed file transfer service, but there are security factors to consider. Expert Judith Myerson explains what they are. Continue Reading
-
Answer
24 Apr 2017
How does Ticketbleed affect session ID security?
The Ticketbleed bug in some F5 Networks products caused session IDs and uninitialized memory to leak. Expert Judith Myerson explains what a session ID is and how attackers use it. Continue Reading
-
Answer
04 Apr 2017
How does a WebKit framework flaw enable denial-of-service attacks?
A vulnerability in Apple's WebKit framework allows attackers to initiate phone calls through mobile apps on victims' devices. Expert Michael Cobb explains how the attack works. Continue Reading
-
Opinion
03 Apr 2017
Outsourcing security services rises as MSSPs focus on industries
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing. Continue Reading
- 30 Mar 2017
-
Tip
28 Mar 2017
Android VPN apps: How to address privacy and security issues
New research on Android VPN apps revealed the extent of their privacy and security flaws. Expert Kevin Beaver explains how IT professionals can mitigate the risks. Continue Reading
-
News
22 Mar 2017
HTTPS interception, middlebox models under fire
HTTPS interception in security products and services may be reducing security rather than improving it, according to US-CERT, which puts middleboxes in a precarious position. Continue Reading
-
Answer
20 Mar 2017
Pork Explosion Android flaw: How is it used to create a backdoor?
The Pork Explosion vulnerability present in some Foxconn-created app bootloaders can be used to create an Android backdoor. Expert Nick Lewis explains how the flaw works. Continue Reading
-
Feature
15 Mar 2017
Pulse Connect Secure offers a variety of authentication options
Expert Karen Scarfone takes a look at the Pulse Connect Secure series of SSL VPNs for securing the connection between clients and networks through encrypted tunnels. Continue Reading
-
Feature
15 Mar 2017
SonicWALL SSL VPN provides security for organizations of any size
The SonicWALL SSL VPN protects remote client devices by creating a secure connection to enterprise networks, with many options for customized security features. Continue Reading
-
News
14 Mar 2017
Deprecated SHA-1 certificates trip up SAP Ariba
SHA-1 certificates are still in play, despite browser deprecation, as SAP Ariba advises legacy users to use unpatched browsers to avoid error messages, blocked access. Continue Reading
-
Feature
13 Mar 2017
Cisco IOS SSL VPN offers security through internet routers
Expert Karen Scarfone outlines the features of the Cisco IOS SSL VPN and explains how it secures enterprise communications. Continue Reading
-
Tip
13 Mar 2017
How a single ICMPv6 packet can cause a denial-of-service attack
Expert Fernando Gont explains how Internet Control Message Protocol version 6 can be used by threat actors to stage a simple, yet effective, denial-of-service attack. Continue Reading
-
Tip
06 Mar 2017
Why authorization management is paramount for cybersecurity readiness
After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work. Continue Reading
-
Answer
28 Feb 2017
What basic steps can improve network device security in enterprises?
Network device security is a big problem for enterprises, but there are some basic steps they can take to improve it. Expert Matthew Pascucci outlines the process. Continue Reading
-
News
27 Feb 2017
Chrome backs out of TLS 1.3 support after proxy issues
After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser. Continue Reading
-
News
24 Feb 2017
Suspect in Mirai malware attack on Deutsche Telekom arrested
News roundup: U.K. authorities arrested a suspect in the Mirai malware attack on Deutsche Telekom. Plus, a judge denies a government request to collect fingerprints, and more. Continue Reading
-
Podcast
22 Feb 2017
Top three steps to ensure security in big data environments
Ensuring security in big data implementations remains a problem for most enterprises. Learn about the reasons why this is, and how your company can protect sensitive data. Continue Reading
-
Answer
21 Feb 2017
How does BENIGNCERTAIN exploit Cisco PIX firewalls?
The BENIGNCERTAIN exploit affects certain versions of Cisco systems using the IKEv1 protocol. Expert Nick Lewis explains what the protocol does and how the vulnerability works. Continue Reading
-
Feature
20 Feb 2017
Ransomware prevention tools to win the fight
Fighting malware today means battling ransomware. Learn what ransomware prevention tools you need to acquire and how to perfect using the tools your company already owns. Continue Reading
-
Tip
13 Feb 2017
How to use DNS reverse mapping to scan IPv6 addresses
Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works. Continue Reading
-
Answer
09 Feb 2017
How did iOS 10 security checks open brute force risk on local backups?
A password-verification flaw in iOS 10 allowed attackers to decrypt local backups. Expert Michael Cobb explains how removing certain security checks led to this vulnerability. Continue Reading
-
News
08 Feb 2017
Rapid7's Brown and Beardsley address IoT security issues
Rapid7's Rebekah Brown and Tod Beardsley talk about IoT security issues, including new cars, blaming users for poor implementations and why NAT is the best firewall ever. Continue Reading
-
News
07 Feb 2017
Corero Network Security on why DDoS mitigation strategy must improve
Corero Network Security's Dave Larson talks with SearchSecurity about how the Mirai botnet attacks have forced companies to change their DDoS mitigation strategy. Continue Reading
-
News
01 Feb 2017
Tatu Ylonen explains the risks of IoT SSH implementations
SSH creator Tatu Ylonen explains why IoT SSH implementations can be dangerous and presents real-world examples of threat actors abusing SSH keys to attack enterprises. Continue Reading
-
Answer
01 Feb 2017
How does DNSChanger take advantage of WebRTC protocols?
WebRTC protocols are being targeted by a new version of the DNSChanger exploit kit. Judith Myerson explains how these attacks work and what enterprises should know. Continue Reading
-
Tip
31 Jan 2017
Preventing DoS attacks: The best ways to defend the enterprise
Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches. Continue Reading
-
News
31 Jan 2017
Q&A: Rapid7's Beardsley and Brown dish on Mirai botnet, pen testing
Rapid7's Beardsley and Brown offer insight on Mirai botnet attacks, while also sharing some of their craziest penetration testing and incident response experiences. Continue Reading
-
News
27 Jan 2017
How improper SSH key management is putting enterprises at risk
In part two of his interview with SearchSecurity, SSH creator Tatu Ylonen explains why proper SSH key management is crucial and how attackers can use lost or exposed keys. Continue Reading
-
Answer
27 Jan 2017
How does a Netgear vulnerability enable command injection attacks?
A Netgear vulnerability exposed a number of wireless router models to command injection attacks. Expert Judith Myerson explains how the attack works and how to stop it. Continue Reading
-
News
20 Jan 2017
Tatu Ylonen: Bad SSH security practices are exposing enterprises
SSH creator Tatu Ylonen talks with SearchSecurity about how the cryptographic network protocol has grown over the years and why poor SSH security is jeopardizing enterprises today. Continue Reading
-
News
13 Jan 2017
St. Jude Medical finally patches vulnerable medical IoT devices
News roundup: St. Jude Medical patches vulnerable medical IoT devices after a five-month controversy. Plus, the Email Privacy Act is reintroduced; Juniper warns of a firewall flaw; and more. Continue Reading
-
News
09 Jan 2017
In a post-Mirai world, the FTC wants more secure routers from D-Link
The Federal Trade Commission filed a lawsuit against D-Link, and experts said the move was likely to push more secure routers in the wake of the Mirai botnet attacks. Continue Reading
-
Podcast
06 Jan 2017
Risk & Repeat: Corero on DDoS defense in the IoT era
In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats. Continue Reading
-
News
06 Jan 2017
FTC launches competition to improve IoT device security
News roundup: FTC starts a contest to create a better IoT device security tool. Plus, ransomware is now illegal in California; Google patches 29 critical Android flaws; and more. Continue Reading
-
Feature
30 Dec 2016
Industrial Network Security
In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity. Continue Reading
-
Tip
23 Dec 2016
SWIFT network communications: How can bank security be improved?
The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security. Continue Reading
-
Feature
09 Nov 2016
Tripwire IP360: Vulnerability management product overview
Expert Ed Tittel examines vulnerability management products from Tripwire, including the rack-mounted IP360 appliance and the cloud- based PureCloud Enterprise service. Continue Reading
-
Answer
04 Jul 2016
How can the AirDroid app phone hijacking be prevented?
A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it. Continue Reading
-
Feature
22 Jun 2016
Aruba RFProtect WIPS: Product overview
Expert Karen Scarfone examines the features of Aruba RFProtect, a wireless intrusion prevention system to detect and block WLAN attacks against enterprise networks. Continue Reading
-
Feature
20 Jun 2016
Check Point Next Generation Firewall: Product overview
Check Point Next Generation Firewall family combines firewalls with unified threat management technology, VPNs and more. Expert Mike O. Villegas takes a closer look. Continue Reading
-
Feature
17 Jun 2016
Cisco ASA with FirePOWER: NGFW product overview
Cisco combined the ASA series firewall with SourceFire's FirePOWER threat and malware detection capabilities. Expert Mike O. Villegas takes a closer look at this NGFW. Continue Reading
-
News
13 Jun 2016
Symantec acquisition of Blue Coat shakes up security industry
Symantec agreed to acquire Blue Coat Systems for $4.65 billion, with Blue Coat CEO Greg Clark taking over as new CEO of the combined company. Continue Reading
-
Feature
02 May 2016
Proper network segments may prevent the next breach
Companies still fail to implement secure network segmentation and role-based access. Here's how to protect your sensitive data and stay out of the headlines. Continue Reading
-
Answer
13 Apr 2016
How does the M-Pesa service work and what are the risks?
How does mobile microfinancing service M-Pesa allow users to make transactions without a bank account? Expert Michael Cobb explains how it works and M-Pesa security measures. Continue Reading
-
Feature
01 Apr 2016
Securing VoIP: Keeping Your VoIP Networks Safe
In this excerpt of Securing VoIP: Keeping your VoIP Network Safe, author Regis (Bud) Bates outlines different approaches to VoIP security and offers best practices to ensure infrastructure security is intact. Continue Reading
-
Tip
07 Mar 2016
How to protect an origin IP address from attackers
Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat. Continue Reading
-
Feature
25 Feb 2016
Comparing the best network access control products
Expert Rob Shapland takes a look at the best network access control products on the market today and examines the features and capabilities that distinguish the top vendors in this space. Continue Reading
-
Feature
05 Feb 2016
Windows 10 Wi-Fi Sense for hotspot sharing: Is it safe?
Microsoft's Windows 10 Wi-Fi Sense was designed to make hotspot sharing easy, but experts debate if the security risks are real and whether the new feature offers substantial benefits and relative safety. Continue Reading
-
Feature
22 Jan 2016
Fortinet FortiGate UTM: Product overview
Expert Ed Tittel looks at Fortinet FortiGate UTM appliances, which combine different network infrastructure protection features into a single device. Continue Reading
-
Feature
21 Jan 2016
Cisco Meraki MX appliances: UTM product overview
Expert Ed Tittel examines Cisco's Meraki MX UTM Appliances, a series of UTM products that combines various network security and protection features into a single device. Continue Reading
-
Feature
20 Jan 2016
Check Point UTM Threat Prevention Appliances: Product review
Check Point UTM Threat Prevention Appliances are recognized by our reviewer as consistent software architectures that are easy to configure. Continue Reading
-
Answer
07 Dec 2015
Moose worm: How can enterprises stop social media fraud?
A Linux-based Moose worm causes social media fraud through infected routers. Expert Nick Lewis explains how the Moose worm works and how to avoid it. Continue Reading
-
Tip
17 Nov 2015
How to manage system logs using the ELK stack tool
Centrally managing system logs is an important practice for enterprise security. Expert Dejan Lukan explains how to set up cloud servers, such as ELK stack, for this purpose. Continue Reading
-
Feature
11 Nov 2015
Lessons in mobile data loss protection for enterprise IT pros
With mobile devices everywhere in the enterprise now, learning tactics for data loss protection must become an IT priority. Continue Reading
-
Feature
02 Nov 2015
Readers’ top picks for enterprise firewalls
The companies and key functionality organizations seek out when they upgrade or add firewall technology to their enterprise environments. Continue Reading
-
Tip
15 Oct 2015
Is a security cloud service your best endpoint defense?
Cloud technologies often have a bad reputation when it comes to security, but that may be unfair. Is the cloud the best answer for securing the endpoints in your enterprise? Continue Reading
-
Feature
17 Sep 2015
The best SSL VPN products in the market
SSL VPNs are essential for securing network connections and communications. Here's a look at the best SSL VPN products in the industry. Continue Reading
-
Answer
13 Aug 2015
How can I mitigate the risks of alternative Android browsers?
Expert Michael Cobb explains the security risks surrounding alternative Web browsers, as well as approaches enterprises can take to prevent BYOD employees from using them. Continue Reading
-
Feature
04 Aug 2015
Comparing the top wireless intrusion prevention systems
Expert Karen Scarfone examines the top wireless intrusion prevention systems (WIPS) to help readers determine which may be best for them. Continue Reading
-
Feature
22 Jul 2015
Comparing the best UTM products in the industry
Expert Ed Tittel examines the top unified threat management appliances to determine which one could be the best for your organization. Continue Reading
-
Feature
16 Jul 2015
Six criteria for purchasing unified threat management appliances
Expert Ed Tittel explores key criteria for evaluating unified threat management (UTM) appliances to determine the best choice for your organization. Continue Reading
-
Tip
15 Jul 2015
Certificate authorities are limited but new TLS versions can help
SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing. Continue Reading
-
Tip
13 Jul 2015
From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan
PCI DSS 3.1 requires enterprises to deplete SSL and early TLS use by June 30, 2016. Expert Michael Cobb offers advice for putting a migration plan to TLS 1.2 in place. Continue Reading
-
Feature
09 Jul 2015
How UTM products can benefit your enterprise network environment
Expert Ed Tittel explains why unified threat management is the right holistic IT security approach for SMBs and how it can fit into the enterprise, as well. Continue Reading
-
Feature
06 May 2015
Introduction to unified threat management appliances
Expert Ed Tittel describes unified threat management (UTM) appliances and features, and explains its advantages to organizations of all sizes. Continue Reading
-
Feature
28 Apr 2015
Comparing the top SSL VPN products
Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them. Continue Reading
-
Feature
22 Apr 2015
The three enterprise benefits of SSL VPN products
Expert Karen Scarfone outlines the ways SSL VPN products can secure network connections and communications for organizations. Continue Reading
-
Answer
10 Apr 2015
AWS security groups vs. traditional firewalls: What's the difference?
AWS security groups provide network-based blocking mechanisms, much like traditional firewalls. Expert Dan Sullivan explains the differences between the two. Continue Reading
-
Tip
06 Apr 2015
The secrets of proper firewall maintenance and security testing techniques
The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks. Continue Reading
-
Feature
05 Mar 2015
Six ways to use wireless intrusion prevention systems in the enterprise
Expert George V. Hulme presents six real-world use cases for the deployment of WIPS to beef up wireless network security in the enterprise. Continue Reading
-
Feature
03 Mar 2015
Introduction to wireless intrusion prevention systems in the enterprise
Expert contributor George V. Hulme explains how wireless intrusion prevention systems (WIPS) protect enterprise networks from attacks and prying eyes. Continue Reading
-
Tip
19 Feb 2015
What the Community Health Systems breach can teach your organization
The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach. Continue Reading