Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
Tip
20 Nov 2024
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
-
News
19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack
CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
-
Tip
17 Mar 2020
4 tips to ensure secure remote working during COVID-19 pandemic
Don't let teleworkers compromise your enterprise's security. Follow these tips to ensure secure remote working in the event of a teleworker boom during a pandemic. Continue Reading
-
News
05 Mar 2020
Amid expansion, BlackBerry security faces branding dilemma
BlackBerry continues its push into security by addressing a number of endpoint devices. But analysts discuss whether the former mobile device maker has a perception problem. Continue Reading
-
Answer
26 Feb 2020
Wired vs. wireless network security: Best practices
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
-
Feature
05 Feb 2020
The Mirai IoT botnet holds strong in 2020
More than three years after its first appearance, the Mirai botnet is still one of the biggest threats to IoT. Learn about its variants and how to protect against them. Continue Reading
-
News
05 Feb 2020
Cisco Discovery Protocol flaws jeopardize 'tens of millions' of devices
Armis Security disclosed five vulnerabilities, dubbed 'CDPwn,' in Cisco's Discovery Protocol, which impact 'tens of millions' of Cisco devices such as routers and IP phones. Continue Reading
-
News
22 Jan 2020
Netgear under fire after TLS certificates found in firmware -- again
Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor. Continue Reading
-
News
17 Jan 2020
Unpatched Citrix vulnerability expands as mitigations fall short
Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability. Continue Reading
-
News
14 Jan 2020
Citrix patches for ADC and Gateway flaw to begin rolling out next week
Citrix announced security fixes on the way one month after disclosing a vulnerability in its ADC and Gateway appliances, which has already seen preliminary attacks in the wild. Continue Reading
-
News
10 Jan 2020
Threat actors scanning for vulnerable Citrix ADC servers
Scans for vulnerable Citrix servers were discovered by security researchers following the disclosure of a remote code execution flaw in Citrix ADC and Gateway products. Continue Reading
-
Tip
30 Dec 2019
IT vs. OT security -- and how to get them to work together
While IT and OT security have historically been separate, the advent of IoT is forcing the two together. Cross-pollinating IT with OT is critical to ensuring IoT security. Continue Reading
-
Tip
19 Dec 2019
What cloud workload security tools and controls work best?
Read on to learn how to build a cloud security model that allows your team to embed controls and monitor deployment without getting in the way of business processes. Continue Reading
-
Feature
19 Dec 2019
ICS security challenges and how to overcome them
Security cannot be an afterthought in internet-connected industrial control systems. IEEE member Kayne McGladrey offers best practices to stay safe in a connected world. Continue Reading
-
Answer
19 Dec 2019
Host IDS vs. network IDS: Which is better?
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
-
Tip
17 Dec 2019
Perimeterless security still has borders -- and APIs need it
Many people believe perimeterless security means borders are a thing of the past. But virtual borders secure APIs needed by mobile users and cloud workloads. Check out how to manage them. Continue Reading
-
Tip
12 Dec 2019
Master IoT and edge computing security challenges
Edge devices are not necessarily designed with security in mind. Organizations need to think critically about how to approach today's edge computing security challenges. Continue Reading
-
Tip
05 Dec 2019
How to implement zero-trust cloud security
The nature of cloud environments and workloads is changing. Security team approaches must evolve in response. Learn how to implement zero-trust cloud security from expert Dave Shackleford. Continue Reading
-
News
04 Dec 2019
NSS Labs drops antitrust suit against AMTSO, Symantec and ESET
NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market. Continue Reading
-
Answer
22 Nov 2019
What are the top network security techniques for modern companies?
Protecting the enterprise network remains integral to overall IT security. Here are the top network security techniques enterprises are using to protect data. Continue Reading
-
Tip
22 Nov 2019
The top 3 use cases for AI endpoint security tools
Endpoint attack surfaces are growing, and cybersecurity pros struggle to keep up. Consider the following use cases for AI endpoint security techniques in the enterprise. Continue Reading
-
Opinion
20 Nov 2019
What's the answer for 5G security?
Learn about the planning of 3GPP in developing specifications for 5G security in this synopsis of 5G Americas' white paper, 'The Evolution of Security in 5G.' Continue Reading
-
Tip
19 Nov 2019
Boost network security visibility with these 4 technologies
The network is where it's at if you want to stop malicious actors. But first you need to up your network visibility. Learn about four technologies that can help. Continue Reading
-
Tip
19 Nov 2019
Network visibility and monitoring tools now amp up security
Three technology trends are currently making network visibility even more central to security tools. Learn more about the impact of big data, AI and APIs. Continue Reading
-
Tip
12 Nov 2019
A fresh look at enterprise firewall management
Enterprises need to know where and how to install firewalls for maximum protection. Find out firewall management best practices that can help protect your organization. Continue Reading
-
News
05 Nov 2019
First BlueKeep attacks in the wild may be dark portents
Following months of warnings from law enforcement and the infosec community, the first BlueKeep exploit campaign was discovered in the wild and experts say it won't be the last. Continue Reading
-
News
29 Oct 2019
Adobe exposure includes data on 7.5 million users
Adobe exposed data on 7.5 million users and employees and one expert says the incident highlights why production data shouldn't be used in test environments. Continue Reading
-
News
22 Oct 2019
Forcepoint Web Security offering reaches for the edge
Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location. Continue Reading
-
News
14 Oct 2019
Imperva breach update puts blame on exposed AWS API keys
Imperva CTO Kunal Anand posted updated information regarding the recent breach affecting Cloud WAF customers and admitted poor security controls led to the compromise. Continue Reading
-
News
11 Oct 2019
Cybersecurity threats on the rise, prey on human nature
Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice. Continue Reading
-
Tip
08 Oct 2019
Defining and evaluating SOC as a service
As cloud use increases, many enterprises outsource some security operations center functions. Evaluate if SOCaaS is the best model for your enterprise. Continue Reading
-
News
08 Oct 2019
NSA warns VPN vulnerabilities exploited by nation-state hackers
Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA. Continue Reading
-
Feature
08 Oct 2019
Choosing between an SSL/TLS VPN vs. IPsec VPN
Infosec pros need to know the ins and outs of SSL/TLS VPNs vs. IPsec VPNs to better understand which product's features will fulfill the needs of their organization. Get help comparing here. Continue Reading
-
Feature
03 Oct 2019
How security teams benefit from traffic mirroring in the cloud
Enterprises with the resources to deploy traffic mirroring are gaining security benefits. Frank Siemons explains how traffic mirroring has adapted to new and evolving cyber-risks. Continue Reading
-
Tip
02 Oct 2019
How can DNS privacy issues be addressed?
Learn two techniques for improving end-user DNS privacy protection that prevent DNS from exposing information about websites users visit and the people users communicate with. Continue Reading
-
Tip
30 Sep 2019
The 3 types of DNS servers and how they work
DNS is a core internet technology, instrumental in mapping human-readable domains into corresponding IP addresses. Learn about the three DNS server types and their roles in the internet. Continue Reading
-
Answer
25 Sep 2019
Do network layer and application layer DDoS attacks differ?
Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects. Continue Reading
-
Tip
23 Sep 2019
How software-defined perimeter authentication ups security
Find out how the emerging software-defined perimeter model increases security by its design and how it can serve as a building block to zero-trust security. Continue Reading
-
Tip
20 Sep 2019
Create a manageable, secure IT/OT convergence strategy in 3 steps
An effective IT/OT strategy requires at least three things: an evangelist, an infrastructure reference architecture and a plan to sanely divide operations between IT and OT. Continue Reading
-
Tip
20 Sep 2019
Tips and tricks to integrate IT and OT teams securely
IT and operational teams can work in tandem to support IoT projects, but their separate roles and responsibilities to one another must be clearly defined. Continue Reading
-
Tip
20 Sep 2019
What's the role of people in IT/OT security?
To enable a smoother, more secure IT/OT convergence, get wise to the potential conflicts between IT and OT historical priorities and traditional work cultures. Continue Reading
-
Feature
10 Sep 2019
Designing IoT security: Experts warn against cutting corners
Security, though costly, is essential for IoT devices; a single breach can destroy a company's reputation. IoT security by design can avoid devastating incidents. Continue Reading
-
News
06 Sep 2019
Trustwave security platform provides visibility, control
Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored. Continue Reading
-
News
05 Sep 2019
Hackers earn nearly $2M in HackerOne's hacking event
One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub. Continue Reading
-
Tip
04 Sep 2019
IoT security risks persist; here's what to do about them
Nontech manufacturers building IoT devices combined with resource constraints is a recipe for disaster. It's the reality of IoT security issues, and the problem isn't going away. Continue Reading
-
News
04 Sep 2019
USBAnywhere vulnerabilities put Supermicro servers at risk
Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives. Continue Reading
-
Feature
28 Aug 2019
VMware's internal Service-defined Firewall reimagines firewalling
VMware's internal firewall uses a global view of known-good behavior at the network and host level to minimize the attack surface for on-premises and cloud environments. Continue Reading
-
News
28 Aug 2019
Imperva security incident exposes cloud WAF customer data
Imperva told its cloud WAF customers to change passwords and SSL certificates after a security incident exposed data and potentially put customers at risk for further attacks. Continue Reading
-
News
23 Aug 2019
Carbon Black acquisition bolsters VMware's security play
VMware announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion. Continue Reading
-
Opinion
23 Aug 2019
Securing IoT involves developers, manufacturers and end users alike
Who's to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating legislation enforcing security measures? Continue Reading
-
Opinion
14 Aug 2019
IoT botnets reach new threshold in Q2 of 2019
Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them. Continue Reading
-
News
12 Aug 2019
Black Hat 2019 brings out new security, protection offerings
The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch. Continue Reading
-
News
05 Aug 2019
New features added to Juniper Networks security platform
New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network. Continue Reading
-
Infographic
01 Aug 2019
IoT cybersecurity: Do third parties leave you exposed?
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues. Continue Reading
-
News
31 Jul 2019
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
-
News
30 Jul 2019
URGENT/11 VxWorks vulnerabilities affect millions of devices
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system. Continue Reading
-
Tip
29 Jul 2019
SD-WAN security benefits go beyond the obvious
SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
23 Jul 2019
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading
-
News
17 Jul 2019
Claroty extends platform to include IoT device security
Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. Continue Reading
-
News
03 Jul 2019
FTC settles lawsuit over D-Link security claims
D-Link settled a U.S. Federal Trade Commission lawsuit, which alleged the company failed to take basic steps to address security flaws and weaknesses in its products. Continue Reading
-
Tip
26 Jun 2019
IPsec vs. SSL VPN: Comparing speed, security risks and technology
IPsec VPNs and SSL VPNs both encrypt network data, but they do it differently. Learn about the differences and how to determine the right solution for your organization. Continue Reading
-
News
19 Jun 2019
Fortinet launches new WAN and edge security platform
Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges. Continue Reading
-
News
13 Jun 2019
CrowdStrike IPO success puts spotlight on endpoint security
Cybersecurity firm CrowdStrike made its successful Wall Street debut Wednesday. The company closed its trading with a share price of $58. Continue Reading
-
Tip
04 Jun 2019
Zero-trust security model means more than freedom from doubt
A zero-trust security model has a catchy name, but the methodology means more than not trusting any person or device on the network. What you need to know. Continue Reading
-
News
31 May 2019
New Sophos endpoint security software releases
Sophos has released Intercept X for Server with endpoint detection and response to protect users against blended threats and proactively detect stealthy attacks. Continue Reading
-
News
29 May 2019
Tortuga launches Radix-M, new firmware security product
Tortuga Logic has launched a firmware security platform that automatically performs security validation of firmware on SoC designs using an existing platform from Cadence. Continue Reading
-
News
24 May 2019
CrowdStrike, NSS Labs settle legal disputes over product testing
CrowdStrike and NSS Labs have ended their legal dispute with a confidential settlement agreement, which resolves all lawsuits including NSS Labs' antitrust suit against the vendor. Continue Reading
-
Tip
17 May 2019
Endpoint security tools get an essential upgrade
Malware, APTs and other threats are getting smarter, but so are endpoint detection and response products. Learn what the latest versions can do to keep threats away. Continue Reading
-
Feature
13 May 2019
DDoS attacks among top 5G security concerns
DDoS attacks top the list of primary security concerns for mobile operators now that 5G wireless is advancing as the number of connected devices grows. Continue Reading
-
Feature
13 May 2019
Next-generation firewall comparison based on company needs
Compare leading next-generation firewalls to help find the option that best fits your IT environment and security needs. Continue Reading
-
News
02 May 2019
CrowdStrike tackles BIOS attacks with new Falcon features
CrowdStrike added firmware attack detection capabilities to its Falcon platform and also expanded its partnership with Dell to help organizations tackle BIOS threats. Continue Reading
-
Opinion
01 May 2019
Cloud security threats need a two-pronged approach
You'll need to burn the security 'candle' at both ends to keep cloud safe from both nation-state hackers and vulnerabilities caused by human error. Continue Reading
-
Tip
23 Apr 2019
How to build a strong cloud network security strategy
Building a secure network in the cloud is different from securing a traditional network. Learn what the main differences are and how to establish cloud networking security. Continue Reading
-
Feature
23 Apr 2019
10 endpoint security products to protect your business
Check out this product roundup and discover all the features endpoint security protection offers, such as patch management, email protection and reporting. Continue Reading
-
News
22 Apr 2019
IoT device testing made possible with BeStorm X
BeStorm X, a black-box fuzzer by Beyond Security and Ubiquitous AI, tests IoT devices to identify security weaknesses and vulnerabilities before they're exploited. Continue Reading
-
News
12 Apr 2019
WPA3 flaws found in Dragonfly handshake
Researchers discovered vulnerabilities in the WPA3 protocol, specifically in the Dragonfly handshake authentication, allowing for multiple exploits branded Dragonblood. Continue Reading
-
News
11 Apr 2019
Huawei security questioned around the world
Troubles continue for Huawei as new bans and government reports put security into question, but the company is attempting to fight back against the criticism. Continue Reading
-
News
10 Apr 2019
Nokia: 5G network slicing could be a boon for security
According to Nokia's Kevin McNamee, the rise of 5G will mean more danger of IoT botnets, but also more options to secure those devices -- including using network slicing for segmentation. Continue Reading
-
News
09 Apr 2019
NSS Labs CTO Jason Brvenik talks security testing challenges
NSS Labs CTO Jason Brvenik talks about his company's relationship with security vendors following the company's antitrust suit against several endpoint protection vendors last year. Continue Reading
-
News
05 Apr 2019
Radware: DDoS amplification attacks increasing, evolving
As DDoS attacks continue to evolve, planning for DDoS attack prevention and mitigation has become a critical business priority. Radware's Daniel Smith offers advice. Continue Reading
-
News
29 Mar 2019
Fortinet: 5G to present new edge computing security concerns
Although the rollout of 5G connectivity will enable new edge computing opportunities, John Maddison, executive VP at Fortinet, said it will also require new security considerations. Continue Reading
-
News
28 Mar 2019
NSS Labs CTO discusses advanced endpoint protection testing, challenges
NSS Labs released the results of its new endpoint protection group test at RSA Conference 2019. NSS Labs CTO Jason Brvenik talks about the results, testing challenges and more. Continue Reading
-
Tip
27 Mar 2019
How to secure network devices in a hostile world
Find out how to secure network devices by locking down the biggest, riskiest holes to protect them from exploits long before some or all of the network crashes. Continue Reading
-
Tip
26 Mar 2019
Protect your enterprise against shadow IT in the cloud
More technologies than ever are available to people now that the cloud is so pervasive, and, as a result, shadow IT has become a problem. Expert Michael Cobb explains what to do. Continue Reading
-
Answer
21 Mar 2019
How can I detect fileless malware attacks?
Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading
-
Tip
21 Mar 2019
8 ways to protect building management systems
Security threats to building management systems can come from numerous sources. Expert Ernie Hayden outlines these potential threats and how to protect against them. Continue Reading
-
Tip
20 Mar 2019
How does BGP hijacking work and what are the risks?
The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it. Continue Reading
-
Answer
18 Mar 2019
How do I stop the screaming channel wireless threat?
A screaming channel attack is a new wireless threat making networks -- particularly those with IoT components -- vulnerable. Are there any safeguards to prevent these attacks? Continue Reading
-
Feature
18 Mar 2019
Find the right tool using this antimalware software comparison
Compare endpoint antimalware software products for organizations based on features, level of protection and vendor offerings. Continue Reading
-
Answer
14 Mar 2019
Why do DDoS attack patterns rise in the autumn?
DDoS attack patterns indicate a sharp escalation in the fall. Why does that occur and what can be done to guard against these attacks? Continue Reading
-
News
08 Mar 2019
VMware firewall strategy to focus on 'known good' behavior
VMware is taking a different approach to firewalls by focusing on 'known good' behavior to better police east-west traffic within enterprise environments. Continue Reading
-
Answer
08 Mar 2019
Should I worry about the Constrained Application Protocol?
The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack. Continue Reading
-
News
07 Mar 2019
Microsoft promotes zero-trust security over firewalls
Microsoft told RSA Conference attendees a zero-trust model is better than firewalls for protecting corporate data -- a stance that some said doesn't go far enough. Continue Reading
-
News
07 Mar 2019
FBI: How we stopped the Mirai botnet attacks
FBI Special Agent Elliott Peterson gave RSA attendees a behind-the-scenes look at the investigation into the Mirai botnet following the devastating DDoS attacks in 2016. Continue Reading
-
News
06 Mar 2019
Cisco: Network security strategy requires IT, OT to play nice
Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment. Continue Reading
-
News
26 Feb 2019
Android brings FIDO2 certification to 1 billion devices
The FIDO Alliance announced Android has received FIDO2 certification, which will bring the ability to sign into websites and apps with biometrics, rather than passwords. Continue Reading
-
Tip
18 Feb 2019
How to deploy deep packet inspection in the cloud
Despite privacy concerns about deep packet inspection, it can help improve cloud network security for enterprises. Expert Frank Siemons explains how to avoid potential pitfalls. Continue Reading
-
Answer
18 Feb 2019
How do I stop the Vidar malvertising attack?
The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises protect themselves? Continue Reading
-
News
12 Feb 2019
Senators want potential VPN threat investigated by DHS
Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries. Continue Reading
-
News
31 Jan 2019
Dell unveils endpoint security portfolio with CrowdStrike, Secureworks
Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape. Continue Reading
-
Tip
29 Jan 2019
How a Windows antimalware tool helps endpoint security
The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it. Continue Reading