Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

News 24 Jan 2025
DOJ indicts 5 individuals in North Korea IT worker scam

An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Jan 2025
Zero-day vulnerability in SonicWall SMA series under attack

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation. Continue Reading
By
- Arielle Waldman, News Writer

News 19 Nov 2021
Cybercriminals discuss new business model for zero-day exploits

Digital Shadows observed increased chatter on dark web forums about the possible emergence of a new business model that would rent out zero-day exploits as a service. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Nov 2021
CISA, Microsoft warn of rise in cyber attacks from Iran

CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises. Continue Reading
By
- Shaun Nichols
News 18 Nov 2021
New side channel attack resurrects DNS poisoning threat

A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites. Continue Reading
By
- Shaun Nichols
Definition 16 Nov 2021
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs. Continue Reading
By
- Katie Terrell Hanna
- Linda Rosencrance
News 15 Nov 2021
FBI email system compromised to issue fake alerts

An unknown threat actor sent emails warning of a supply chain attack through an FBI portal used by law enforcement agencies to communicate with one another. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 15 Nov 2021
Reduce the risk of cyber attacks with frameworks, assessments

Don't rely on a compliance mandate to reduce the risk of cyber attacks or on a cyber insurer to cover an attack's aftermath. Assessments and frameworks are key to staying safe. Continue Reading
By
- Kayne McGladrey
Tip 15 Nov 2021
How zero-trust SDP can work with a VPN for remote work

Implementing software-defined perimeter and zero-trust security models with a corporate VPN adds significant layers of user and device verification and authentication. Continue Reading
By
- Paul Kirvan
News 11 Nov 2021
AT&T launches a managed SASE offering with Cisco

AT&T aims its latest managed SASE service at enterprises using Cisco hardware. The offering's features range from firewall and secure web gateway functionality to DNS layer security. Continue Reading
By
- Madelaine Millar, TechTarget
News 11 Nov 2021
Aruba Central breach exposed customer data

HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear. Continue Reading
By
- Shaun Nichols
News 11 Nov 2021
Trend Micro reveals 'Void Balaur' cybermercenary group

New Trend Micro research revealed a cybermercenary group that has been actively targeting high-profile organizations and individuals across the globe since 2015. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Nov 2021
Citrix DDOS bug leaves networks vulnerable

Citrix patched a critical bug in its Application Delivery Controller and Gateway software that left networks open to DDOS attacks. It also fixed a less-severe SD-WAN WANOP bug. Continue Reading
By
- Madelaine Millar, TechTarget
Guest Post 10 Nov 2021
4 concepts that help balance business and security goals

The goal of enterprise security is to maintain connectivity, while remaining protected. Use these four concepts to balance business and security goals. Continue Reading
By
- Mark Pierpoint
News 04 Nov 2021
DDoS botnet exploiting known GitLab vulnerability

A botnet is using a critical GitLab vulnerability, which was disclosed and patched in April, to launch powerful DDoS attacks that have surpassed 1 Tbps. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Oct 2021
Researcher cracks 70% of neighborhood Wi-Fi passwords

A CyberArk researcher showed that $50 worth of hardware and some attack scripts are all you need to break into home and small business Wi-Fi networks. Continue Reading
By
- Shaun Nichols
News 20 Oct 2021
'LightBasin' hackers spent 5 years hiding on telco networks

A state-sponsored hacking group has been moving undetected on the networks of more than a dozen telecommunications providers, observing traffic and collecting data for years. Continue Reading
By
- Shaun Nichols
News 12 Oct 2021
Cybereason and Google Cloud join forces for new XDR service

Cybereason and Google Cloud have teamed up to combat future security threats with accelerated XDR capabilities. Continue Reading
By
- Arielle Waldman, News Writer
Definition 07 Oct 2021
What is an SSL VPN (Secure Sockets Layer virtual private network)?

An SSL VPN is a type of virtual private network (VPN) that uses the Secure Sockets Layer (SSL) protocol -- or, more often, its successor, the Transport Layer Security (TLS) protocol -- in standard web browsers to provide secure, remote access VPN capability. Continue Reading
By
- Linda Rosencrance
Definition 07 Oct 2021
What is a next-generation firewall (NGFW)?

A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software. Continue Reading
By
- Casey Clark, TechTarget
- Sharon Shea, Executive Editor
News 30 Sep 2021
Researchers hack Apple Pay, Visa 'Express Transit' mode

Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Sep 2021
Telegram bots allowing hackers to steal OTP codes

A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
By
- Shaun Nichols
News 22 Sep 2021
Symantec: Staging activity observed on Exchange servers

Threat actors appear to be targeting Microsoft Exchange servers with pre-ransomware activity, including one attempt to exfiltrate data. Continue Reading
By
- Arielle Waldman, News Writer
Definition 13 Sep 2021
promiscuous mode

In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique. Continue Reading
By
- Rahul Awati
News 02 Sep 2021
FTC drops the hammer on SpyFone for privacy violations

The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app. Continue Reading
By
- Shaun Nichols
News 02 Sep 2021
Accellion-related breach disclosures continue to unfold

Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Sep 2021
Beware of proxyware: Connection-sharing services pose risks

Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats. Continue Reading
By
- Shaun Nichols
News 27 Aug 2021
T-Mobile offers details of data breach that affected 40M

According to T-Mobile, the hackers who stole its customer database had knowledge of the company's network and testing setup. The hack was a carefully planned network breach. Continue Reading
By
- Shaun Nichols
Definition 27 Aug 2021
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Definition 23 Aug 2021
MD5

The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Peter Loshin, Former Senior Technology Editor
Guest Post 18 Aug 2021
How attackers use open source intelligence against enterprises

Cato Networks' Etay Maor explains how cybercriminals use open source intelligence to detect and attack vulnerable enterprise networks and employees. Continue Reading
By
- Etay Maor
News 17 Aug 2021
Palo Alto Networks: Personal VPNs pose risks to enterprises

Researchers from Palo Alto Networks published a new report detailing the risks that personal VPNs pose to enterprise networks, including evasion tactics to bypass firewalls. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Aug 2021
Apple's M1 silicon brings new challenges for malware defenders

Noted security researcher Patrick Wardle told Black Hat 2021 attendees that catching malware attacks on new macOS systems requires learning the subtleties of ARM64 architecture. Continue Reading
By
- Shaun Nichols
News 04 Aug 2021
Researchers crack new Let's Encrypt validation feature

Multiperspective validation can be thwarted with a traffic-throttling technique that could lead to attackers obtaining digital certificates for domains they don't own. Continue Reading
By
- Shaun Nichols
Definition 09 Jul 2021
DMZ in networking

In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet. Continue Reading
By
- Ben Lutkevich, Site Editor
News 30 Jun 2021
SentinelOne IPO raises $1.2 billion, beating estimates

the endpoint security vendor has gone public in one of the largest IPOs in the cybersecurity industry. Continue Reading
By
- Arielle Waldman, News Writer
Feature 28 Jun 2021
What are cloud containers and how do they work?

Containers in cloud computing have evolved from a security buzzword. Deployment of cloud containers is now an essential element of IT infrastructure protection. Continue Reading
By
- Rob Shapland
- Ben Cole, Executive Editor
- Kyle Johnson, Technology Editor
Opinion 25 Jun 2021
Hybrid workforce model needs long-term security roadmap

From SASE to ZTNA to EDR to VPNs, enterprises need to deploy the technologies to develop a secure hybrid workforce model now that can work into the future. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 24 Jun 2021
HPE jumps into zero trust with Project Aurora

Enterprise giant HPE says its new zero-trust offering, dubbed Project Aurora, will make its debut later this year with the GreenLake hybrid cloud platform. Continue Reading
By
- Shaun Nichols
Answer 10 Jun 2021
The top 6 SSH risks and how regular assessments cut danger

By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is secure. Continue Reading
By
- Michael Cobb
Tip 04 Jun 2021
5 steps to secure the hybrid workforce as offices reopen

Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Definition 03 Jun 2021
distributed denial-of-service (DDoS) attack

A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. Continue Reading
By
- Ben Lutkevich, Site Editor
- Kevin Beaver, Principle Logic, LLC
Feature 02 Jun 2021
What is secure remote access in today's enterprise?

Out with the old, in with the new. The meaning of secure remote access, and how organizations achieve it, is changing. Here's what you need to know. Continue Reading
By
- Alissa Irei, Senior Site Editor
Tip 01 Jun 2021
Who is responsible for secure remote access management?

The pandemic exposed the need for a strong secure remote access strategy. Now, organizations need to figure out which team must make it happen. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Feature 28 May 2021
MDM vs. MAM: What are the key differences?

Mobile workers are productive and even essential to business success. But IT has to protect corporate apps and data -- as well as worker privacy -- via MDM, MAM or both. Continue Reading
By
- Gary Olsen
- Matt Kosht
Guest Post 24 May 2021
Why cloud changes everything around network security

Vishal Jain examines why the data center mindset doesn't work for network security when it comes to using the public cloud and how companies should think instead. Continue Reading
By
- Vishal Jain
Feature 21 May 2021
How to secure remote access for the hybrid work model

With the post-COVID-19 hybrid work model taking shape, discover the technologies and trends analysts and IT leaders view as the anchors to ensure secure remote access. Continue Reading
By
- Alicia Landsberg, Senior Managing Editor
News 20 May 2021
CrowdStrike breaks down 'Golden SAML' attack

The nightmare scenario, demonstrated at RSA Conference 2021, was used by threat actors in the SolarWinds breach and gave them control over both cloud and on-premises systems. Continue Reading
By
- Shaun Nichols
Tip 20 May 2021
Create a remote access security policy with this template

The expansion of remote work has created complicated security risks. Get help developing and updating a remote access security policy. Download our free template to get started. Continue Reading
By
- Paul Kirvan
News 19 May 2021
Cisco shares lessons learned in zero-trust deployment

The networking giant explained at RSA Conference 2021 how it was able to deploy a company-wide zero trust model in less than six months, and what it learned along the way. Continue Reading
By
- Shaun Nichols
Tip 19 May 2021
How to build a cloud security observability strategy

Security observability in the cloud involves more than workload monitoring. Read up on the essential observability components and tools needed to reap the security benefits. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 19 May 2021
12 essential features of advanced endpoint security tools

In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security tools to monitor operation functions and DLP strategies. Continue Reading
By
- Kyle Johnson, Technology Editor
- Linda Rosencrance
Feature 14 May 2021
Endpoint security strategy: Focus on endpoints, apps or both?

Companies know how to secure traditional endpoints, but what about mobile devices outside the network? They should decide if they want to protect devices, apps or both. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 14 May 2021
Enterprises mull 5G vs. Wi-Fi security with private networks

While Wi-Fi security can be implemented just as securely as 5G, mechanisms built into 5G offer some compelling benefits to enterprises considering private 5G networks. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 13 May 2021
'FragAttacks' eavesdropping flaws revealed in all Wi-Fi devices

Security researcher Mathy Vanhoef said every Wi-Fi device is impacted by at least one of the 12 vulnerabilities, and most devices are vulnerable to several of the flaws. Continue Reading
By
- Shaun Nichols
Feature 10 May 2021
From EDR to XDR: Inside extended detection and response

As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading
By
- Sharon Shea, Executive Editor
News 06 May 2021
'BadAlloc' vulnerabilities spell trouble for IoT, OT devices

A week after Microsoft revealed 25 memory allocation vulnerabilities in several IoT and OT products, some devices have been patched, while others have not. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Apr 2021
Hackers targeting VPN vulnerabilities in ongoing attacks

As remote work increased during the pandemic, threat actors increasingly targeted known vulnerabilities. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Apr 2021
Zero-day flaw in Pulse Secure VPN exploited in attacks

A remote code execution vulnerability found in Pulse Secure VPN appliances has been exploited in attacks affecting government, defense and financial organizations. Continue Reading
By
- Arielle Waldman, News Writer
Tip 16 Apr 2021
6 SSH best practices to protect networks from attacks

SSH is essential, but default installations can be costly. Auditing and key management are among critical SSH best practices to employ at any organization. Continue Reading
By
- Michael Cobb
Definition 16 Apr 2021
denial-of-service attack

A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources. Continue Reading
By
- Kevin Ferguson
- Peter Loshin, Former Senior Technology Editor
Tip 15 Apr 2021
Unify on-premises and cloud access control with SDP

One security framework available to organizations struggling with on-premises and cloud access control issues is a software-defined perimeter. Learn how SDP can help. Continue Reading
By
- John Burke, Nemertes Research
Definition 12 Apr 2021
Transport Layer Security (TLS)

Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Kevin Beaver, Principle Logic, LLC
- Michael Cobb
News 08 Apr 2021
Cring ransomware attacking vulnerable Fortigate VPNs

A vulnerability impacting Fortinet's Fortigate VPN, first disclosed and patched in 2019, is being exploited by Cring ransomware operators to extort bitcoin from enterprises. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 07 Apr 2021
MDR vs. MSSP: Why it's vital to know the difference

When assessing MDR vs. MSSP, the key is understanding why the two aren't interchangeable and how each handles response. Continue Reading
By
- Diana Kelley, SecurityCurve
Tip 01 Apr 2021
5 endpoint security best practices to keep company data safe

With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Feature 22 Mar 2021
How to set up Palo Alto security profiles

Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Feature 22 Mar 2021
Author's advice on Palo Alto firewall, getting started

Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice. Continue Reading
By
- Kyle Johnson, Technology Editor
Guest Post 18 Mar 2021
With 5G, security by design is a must

New tech means new security strategies. Deloitte's Wendy Frank and Shehadi Dayekh explain why this is especially true with 5G. Security by design, they advise, is a critical approach. Continue Reading
By
- Wendy Frank and Shehadi Dayekh
Tip 18 Mar 2021
6 AIOps security use cases to safeguard the cloud

Explore six AIOps security use cases in cloud environments, such as threat intelligence analysis and malware detection, as well as expert advice on implementation considerations. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 15 Mar 2021
Endpoint security vs. network security: Why both matter

As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 04 Mar 2021
Microsoft's security roadmap goes all-in on 365 Defender

Microsoft 365 Defender's new threat analytics feature includes step-by-step reports on attacks, vulnerabilities and more, as well as links to relevant alerts in each report. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Feb 2021
Oldsmar water plant computers shared TeamViewer password

In addition to the advisory published by Massachusetts officials, the FBI issued a private industry notification Tuesday that referenced poor password security. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Jan 2021
Akamai: Extortion attempts increase in DDoS attacks

New research from Akamai Technologies shows record-breaking DDoS attacks surged in 2020 while extortion-related campaigns against a variety of targets also increased. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 Jan 2021
Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading
By
- Michael Cobb
Quiz 23 Dec 2020
Endpoint security quiz: Test your knowledge

Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading
By
- Katie Donegan, Social Media Manager
Tip 16 Dec 2020
6 remote workforce cybersecurity strategies for 2021

Remote worker data security has quickly evolved into a top concern for IT security. Here are six strategies to ensure remote workforce cybersecurity in 2021. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 10 Dec 2020
Zero-trust initiatives rely on incremental security improvements

Despite implementation challenges, enterprise security leaders see zero trust as the security model of the future and are moving forward with adoption plans. Continue Reading
By
- Mary K. Pratt
Tip 04 Dec 2020
Counter threats with these top SecOps software options

SecOps tools offer many capabilities to address common threats enterprises face, including domain name services, network detection and response, and anti-phishing. Continue Reading
By
- Kevin Tolly, The Tolly Group
Tip 20 Nov 2020
What are the biggest hardware security threats?

Hardware security threats -- and strategies to overcome them -- are evolving as enterprises increasingly install autonomous capabilities for smart building and IoT projects. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 03 Nov 2020
Using SDP as a VPN alternative to secure remote workforces

Software-defined perimeter has been touted as a VPN alternative for secure remote access. How do you know if SDP or a traditional VPN is right for your company? Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 02 Nov 2020
Weighing the future of firewalls in a zero-trust world

Cybersecurity pros have been predicting the firewall's demise for years, yet the device is still with us. But does it have a place in zero-trust networks? One analyst says yes. Continue Reading
By
- Alissa Irei, Senior Site Editor
02 Nov 2020

Weighing the future of firewalls in a zero-trust world

Continue Reading
Opinion 02 Nov 2020
Cybersecurity for remote workers: Lessons from the front

Tackle the security challenges COVID-19 wrought by using this playbook from an experienced disaster-zone responder. Continue Reading
By
- Rich Mogull, Securosis
02 Nov 2020

Cybersecurity for remote workers: Lessons from the front

Continue Reading
Tip 29 Oct 2020
Understanding the zero trust-SDP relationship

Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading
By
- John Burke, Nemertes Research
Guest Post 23 Oct 2020
Why SASE should be viewed as an evolution, not revolution

The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals. Continue Reading
By
- Mike McGlynn
Tip 22 Oct 2020
How to prepare for a zero-trust model in the cloud

Zero-trust security in the cloud is different than it is on premises. Learn the concepts and policies to effectively achieve a zero-trust model in the cloud. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 19 Oct 2020
Zero-trust implementation begins with choosing an on-ramp

Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading
By
- Johna Till Johnson, Nemertes Research
Tip 16 Oct 2020
How enterprise cloud VPN protects complex IT environments

Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 28 Sep 2020
Critical IIoT security risks cloud IoT's expansion into industry

The convergence of IoT with industrial processes increases productivity, improves communications and makes real-time data readily available. But serious IIoT security risks must be considered as well. Continue Reading
By
- Peter Sullivan
Tip 18 Sep 2020
Top 4 firewall-as-a-service security features and benefits

Firewall-as-a-service offerings implement security policies across consolidated traffic headed to all locations. Learn about four security features and benefits of FWaaS. Continue Reading
By
- Mike Chapple, University of Notre Dame
Tip 10 Sep 2020
Combination of new, old tech driving remote access security

The massive shift to home-based workforces left IT vulnerable to unexpected threats, but organizations are combining old and new strategies to maintain remote access security. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 31 Aug 2020
Cisco issues alert for zero-day vulnerability under attack

Cisco discovered attempted exploitation of a high-severity vulnerability found in the IOS XR software used in some of its networking equipment. Continue Reading
By
- Arielle Waldman, News Writer
Answer 28 Aug 2020
Site-to-site VPN security benefits and potential risks

Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk. Continue Reading
By
- Michael Heller, TechTarget
- Judith Myerson
Tip 25 Aug 2020
Infrastructure as code's security risks and rewards

Infrastructure as code can yield some exciting security benefits for enterprises, but they each come with drawbacks. Learn more about the most critical IaC security impacts. Continue Reading
By
- Ed Moyle, SecurityCurve
Feature 21 Aug 2020
Cybersecurity new normal needs change in process, CISOs say

As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal. Continue Reading
By
- Michael Heller, TechTarget
Tip 18 Aug 2020
10 RDP security best practices to prevent cyberattacks

Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more. Continue Reading
By
- Michael Cobb
News 06 Aug 2020
Ripple20 vulnerabilities still plaguing IoT devices

Months after Ripple20 vulnerabilities were reported, things haven't gotten much better, say experts at Black Hat USA 2020. In fact, the world may never be fully rid of the flaws. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 22 Jul 2020
Zero-trust framework ripe for modern security challenges

What is zero-trust security, and why deploy it now? Analysts explain its importance in the current IT era and how to get started with evaluation and implementation. Continue Reading
By
- Alicia Landsberg, Senior Managing Editor
News 29 Jun 2020
Record-setting DDoS attacks indicate troubling trend

Akamai Technologies recently mitigated two of the largest DDoS attacks ever recorded on its platform, including a massive 809 million packets per second attack against a bank. Continue Reading
By
- Arielle Waldman, News Writer
News 22 Jun 2020
Microsoft acquires CyberX to strengthen IoT security offering

Microsoft is acquiring CyberX to boost its IoT security offerings, though it's unknown whether CyberX will remain a separate entity or be integrated into Microsoft. Continue Reading
By
- Alexander Culafi, Senior News Writer