Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Feature
20 Dec 2024
Identity and access management tools and features for 2025
The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
19 Dec 2024
Add gamification learning to your pen testing training playbook
Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Definition
25 Jun 2024
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Alexander S. Gillis, Technical Writer and Editor
- Ben Lutkevich, Site Editor
-
News
21 Jun 2024
Biden administration bans Kaspersky Lab products in US
The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Jun 2024
How Amazon's decision to ditch Active Directory paid off
Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall
Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Jun 2024
Alex Stamos on how to break the cycle of security mistakes
In an interview, SentinelOne's Alex Stamos discussed the importance of security by design and why it needs to be applied to emerging technologies, including generative AI. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Jun 2024
Congress grills Microsoft president over security failures
Microsoft President Brad Smith testifies on a wide range of issues, including Chinese and Russian nation-state attacks, the controversial AI-powered Recall feature and more. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Guest Post
14 Jun 2024
The enduring importance of digital trust
Digital trust is an increasingly important issue, yet confusion remains about what exactly it is, how to achieve it and how to get started. Continue Reading
By- Greg Shields
-
News
12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024
AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
05 Jun 2024
How to write a useful cybersecurity incident report
Reacting to a cybersecurity event is just half the battle. An incident report can help companies understand why the attack occurred and how to avoid future security issues. Continue Reading
By -
Opinion
30 May 2024
RSA Conference wrap-up: The state of cybersecurity disconnect
The cybersecurity industry isn't prepared for massive changes in play. It needs to focus more on the mission rather than cybersecurity technology widgets. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
29 May 2024
How to converge networking and security teams: Key steps
Companies can reap a lot of benefits by merging their networking and security teams. But it takes careful planning to make it work. Continue Reading
By- John Burke, Nemertes Research
-
Feature
23 May 2024
The 10 most common ERP security issues and ways to fix them
Today's ERP systems are exposed like never before. Learn about the most common ERP security issues companies are facing and how IT and security teams can address them. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
News
23 May 2024
CISA executive director discusses CIRCIA, incident reporting
CISA Executive Director Brandon Wales speaks with TechTarget Editorial to discuss CIRCIA and the importance of incident reporting to the larger cybersecurity ecosystem. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 May 2024
Arctic Wolf CPO: Most AI deployment is generic, 'pretty weak'
Dan Schiappa, chief product officer at Arctic Wolf, said that while generative AI technology has enormous potential, many companies are deploying it for the wrong reasons. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
21 May 2024
5 Mitre ATT&CK framework use cases
The Mitre ATT&CK framework helps security teams better protect their organizations. Read up on five Mitre ATT&CK use cases to consider adopting, from red teaming to SOC maturity. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Feature
17 May 2024
How AI-driven patching could transform cybersecurity
At RSAC 2024, a Google researcher described how the search giant has already seen modest but significant success using generative AI to patch vulnerabilities. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Definition
15 May 2024
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password. Continue Reading
By- Nick Barney, Technology Writer
-
Opinion
14 May 2024
AI PCs need apps with broad use cases to gain traction
There are many ways local AI on PC hardware can help users, but the broader use cases aren't there yet. Learn about the emerging AI PC market and where it still needs to grow. Continue Reading
By- Gabe Knuth, Senior Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
14 May 2024
SonicWall CEO talks transformation, security transparency
SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
10 May 2024
US officials optimistic on AI but warn of risks, abuse
Federal government leaders at RSA Conference 2024 touted the benefits of AI pilot programs but also outlined how a variety of threat actors are currently abusing the technology. Continue Reading
By- Rob Wright, Senior News Director
-
News
09 May 2024
'Secure by design' makes waves at RSA Conference 2024
Cybersecurity vendors and public sector organizations heavily promoted the secure by design approach, particularly for generative AI tools and projects. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
08 May 2024
Experts highlight progress, challenges for election security
Infosec professionals at RSA Conference 2024 discuss digital and physical security challenges for election cycles across the globe in a post-COVID-19 landscape. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
08 May 2024
Microsoft touts expansion of Secure Future Initiative
At RSA Conference 2024, Microsoft vice president Vasu Jakkal discussed some of the criticisms leveled against the company and how the Secure Future Initiative will address them. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
07 May 2024
How to detect deepfakes manually and using AI
Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Tutorial
07 May 2024
How to configure sudo privilege and access control settings
Learn how to use the sudo command for access control configurations, from granting full administrative privileges to delegating roles. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
06 May 2024
Google unveils new threat intelligence service at RSAC 2024
Google Threat Intelligence combines investigation findings from Mandiant with crowdsourced intelligence from VirusTotal and operationalizes the data with Google's Gemini AI model. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 May 2024
Recorded Future observes 'concerning' hacktivism shift
At RSA Conference 2024, Recorded Future detailed alarming trends as nation-state attackers operate under the guise of hacktivism to cover real threats to organizations. Continue Reading
By- Arielle Waldman, News Writer
-
News
06 May 2024
IBM study shows security for GenAI projects is an afterthought
IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 May 2024
Cisco details Splunk security integrations, AI developments
Just two months after Cisco completed its $28 billion acquisition of analytics giant Splunk, the company added XDR capabilities into Splunk Enterprise Security. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
02 May 2024
What is role-based access control (RBAC)?
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
-
News
01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%
Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
01 May 2024
Federal Information Security Modernization Act (FISMA)
): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats. Continue Reading
By- Paul Kirvan
- Alexander S. Gillis, Technical Writer and Editor
-
Conference Coverage
01 May 2024
RSA Conference 2024 focuses on collaboration, resilience
Follow TechTarget Security's RSAC 2024 guide for pre-conference insights and the most pressing presentations and breaking news at the world's biggest infosec event. Continue Reading
By- Sharon Shea, Executive Editor
-
Definition
30 Apr 2024
cloud security posture management (CSPM)
Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Tip
29 Apr 2024
Top 11 cloud security challenges and how to combat them
Before jumping feet first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading
By- Sharon Shea, Executive Editor
-
News
24 Apr 2024
Coalition: Insurance claims for Cisco ASA users spiked in 2023
Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
23 Apr 2024
Creating a patch management policy: Step-by-step guide
A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
Guest Post
19 Apr 2024
4 steps CISOs can take to raise trust in their business
When CISOs align their investments with CIOs' tech investments, both can fuel business success and enable greater trust with customers, employees and partners. Continue Reading
By- Sandy Carielli
-
News
18 Apr 2024
CrowdStrike extends cloud security to Mission Cloud customers
CrowdStrike Falcon Cloud Security and Falcon Complete Cloud Detection and Response (CDR) will be made available through the Mission Cloud One AWS MSP platform. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Apr 2024
OT security vendor Nozomi Networks lands Air Force contract
Nozomi Networks CEO Edgard Capdevielle said the $1.25 million contract will be a guarantee that 'our products will continue to meet the requirements of the Air Force.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
10 Apr 2024
Benefits and challenges of NetOps-SecOps collaboration
Organizations need to tread carefully when planning how to converge their networking and security teams to achieve potential benefits and mitigate the challenges. Continue Reading
By- John Burke, Nemertes Research
-
Feature
04 Apr 2024
The ultimate guide to mobile device security in the workplace
Mobile devices provide connectivity for employees to access business data and communicate with colleagues, but these unique benefits come with specific security challenges for IT. Continue Reading
By- John Powers, Senior Site Editor
-
News
03 Apr 2024
Sophos: Ransomware present in 70% of IR investigations
Sophos' Active Adversary Report said securing remote desktop protocols and Active Directories and hardening credentials can help limit the influx of successful ransomware attacks. Continue Reading
By- Arielle Waldman, News Writer
-
News
03 Apr 2024
Cyber Safety Review Board slams Microsoft security failures
The Department of Homeland Security's Cyber Safety Review Board said a 'cascade' of errors at Microsoft allowed nation-state hackers to access U.S. government emails last year. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Apr 2024
Microsoft Copilot for Security brings GenAI to SOC teams
Microsoft's latest AI-powered tool, now generally available, has been beneficial for security teams regarding efficiency, but infosec experts see some room for improvements. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
02 Apr 2024
Cloud computing forensics techniques for evidence acquisition
With the proper tools and methodologies, security teams can provide analysts with the critical pieces required to complete cloud computing forensics investigations. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
29 Mar 2024
5 tips for building a cybersecurity culture at your company
As a company's cyber-risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees. Continue Reading
By- Jerald Murphy, Nemertes Research
-
Opinion
28 Mar 2024
5 areas to help secure your cyber-risk management program
To meet the challenges of managing cyber-risk, organizations need to have a cyber-risk management plan in place. Look at five areas to better secure your organization's assets. Continue Reading
By- David Vance
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Feature
28 Mar 2024
11 core elements of a successful data protection strategy
Your organization's data protection strategy might not include all 11 core elements and associated activities, but the important thing is to have a comprehensive strategy in place. Continue Reading
By -
Tutorial
27 Mar 2024
Use sudo insults to add spice to incorrect password attempts
The life of an admin doesn't have to be dry. When a user enters a wrong password, for example, why not respond with a message that says, 'You're fired!' With sudo insults, you can. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tip
25 Mar 2024
Agent vs. agentless security: Learn the differences
Enterprises can either use an agent or agentless approach to monitor and secure their networks. Each approach has benefits and drawbacks. Continue Reading
By -
Tip
22 Mar 2024
Data protection impact assessment template and tips
Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
By -
Tutorial
22 Mar 2024
Fuzzy about fuzz testing? This fuzzing tutorial will help
Organizations are searching for ways to automate and improve their application security processes. Fuzz testing is one way to fill in some of the gaps. Continue Reading
By- Ed Moyle, Drake Software
-
News
20 Mar 2024
CISA urges defensive actions against Volt Typhoon threats
The U.S. cybersecurity agency advised critical infrastructure leaders to adopt several best practices and defensive measures to protect against Chinese state-sponsored attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
19 Mar 2024
Surprising ways Microsoft Copilot for Security helps infosec
Microsoft Copilot is the first of many GenAI tools that should help security leaders accelerate their program development and strengthen security postures. Continue Reading
By- Dave Gruber, Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
14 Mar 2024
How to craft a generative AI security policy that works
The advent of generative AI threatens to poke additional holes in your cybersecurity strategy. Compiling a GenAI-based security policy to guide your responses can help. Continue Reading
By -
Feature
06 Mar 2024
Cybersecurity market researchers forecast significant growth
The cybersecurity market is growing and changing at a rapid pace, leading to major opportunities for vendors, heightened confusion for buyers and new challenges for CISOs. Continue Reading
By- Alissa Irei, Senior Site Editor
-
News
05 Mar 2024
Inside an Alphv/BlackCat ransomware attack
Sygnia researchers investigated an intrusion in a client's network and discovered an Alphv/BlackCat ransomware actor had been lurking in the environment for weeks. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Feb 2024
AWS on why CISOs should track 'the metric of no'
AWS' Clarke Rodgers believes that tracking the number of times CISOs say no to line-of-business requests will ultimately help them build a stronger security culture. Continue Reading
By- Rob Wright, Senior News Director
-
Tutorial
26 Feb 2024
How to use a jump server to link security zones
Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Definition
22 Feb 2024
cybersecurity
Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats. Continue Reading
By- Sharon Shea, Executive Editor
- Alexander S. Gillis, Technical Writer and Editor
-
Definition
20 Feb 2024
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information. Continue Reading
-
Tip
15 Feb 2024
How to craft cyber-risk statements that work, with examples
A cyber-risk statement should be clear, concise and simple -- but that doesn't mean it's easy to write. Get tips and read our cyber-risk statement examples. Continue Reading
By- Jerald Murphy, Nemertes Research
-
Tip
14 Feb 2024
What is cybersecurity mesh and how can it help you?
The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments. Continue Reading
By- Ed Moyle, Drake Software
-
News
13 Feb 2024
Iranian cyberattacks targeting U.S. and Israeli entities
Google said Tuesday that state-backed Iranian actors targeted the U.S. and Israel consistently in the years prior to the start of the Israel-Hamas war as well as the months after. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
12 Feb 2024
Benefits and challenges of managed cloud security services
The rapid drive to hybrid and multi-cloud environments has organizations scrambling to get proper protections into place. For many, external security support is critical. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Tip
12 Feb 2024
Top metaverse cybersecurity challenges: How to address them
As the metaverse takes shape, companies must consider a slew of new cybersecurity challenges and how to deal with them. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Feature
09 Feb 2024
A who's who of cybercrime investigators
Cybercrime investigations are more than just first response. Learn about the patchwork of organizations that work together to combat international cybercrime. Continue Reading
By- Ben Lutkevich, Site Editor
-
Tip
09 Feb 2024
Understand the pros and cons of enterprise password managers
Almost half of breaches occur because of compromised credentials. Using a password manager to control how users create their IDs may be a good step to protect enterprise assets. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Feature
06 Feb 2024
20 free cybersecurity tools you should know about
Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here's a list of some of the most popular with cyber pros. Continue Reading
-
Definition
05 Feb 2024
SOAR (security orchestration, automation and response)
SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance. Continue Reading
By- Sharon Shea, Executive Editor
-
Guest Post
02 Feb 2024
GenAI development should follow secure-by-design principles
Every company wants a piece of the GenAI pie, but rushing to develop a product without incorporating secure-by-design principles could harm their business and customers. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
News
02 Feb 2024
Cloudflare discloses breach related to stolen Okta data
Cloudflare initially believed it contained an attempted cyberattack last October by a threat actor using an access token stolen in a breach of Okta's customer support system. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Feb 2024
CISA deputy director touts progress, anti-ransomware efforts
In this Q&A, CISA Deputy Director Nitin Natarajan shares his thoughts on scaling up to meet high demand, the agency's new initiative to address ransomware and more. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
01 Feb 2024
10 cybersecurity best practices and tips for businesses
Looking to improve your business's cybersecurity program? Study these 10 cybersecurity best practices and tips. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Definition
31 Jan 2024
security operations center (SOC)
A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with expertise in information security (infosec) monitors, analyzes and protects an organization from cyberattacks. Continue Reading
-
Tip
31 Jan 2024
4 tips to find cyber insurance coverage in 2024
The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2024 and how to get the most from your organization's coverage this year. Continue Reading
By- Sherri Davidoff, LMG Security
-
Tip
31 Jan 2024
Enterprise cybersecurity hygiene checklist for 2024
Enterprise cybersecurity hygiene must be a shared responsibility between employees and employers. Learn how both can get the job done with this checklist. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Tip
30 Jan 2024
Secure your machine learning models with these MLSecOps tips
By following MLSecOps best practices, companies can introduce AI and machine learning into development pipelines and processes without adding unmitigated security concerns, too. Continue Reading
By -
Definition
30 Jan 2024
What is incident response? A complete guide
Incident response is an organized, strategic approach to detecting and managing cyberattacks in ways that minimize damage, recovery time and total costs. Continue Reading
By- Alissa Irei, Senior Site Editor
- Sharon Shea, Executive Editor
-
Definition
29 Jan 2024
indicators of compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor. Continue Reading
By- Robert Sheldon
- Madelyn Bacon, TechTarget
-
Feature
29 Jan 2024
Top 10 types of information security threats for IT teams
Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them. Continue Reading
-
Tip
29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
25 Jan 2024
Top benefits and challenges of SOAR tools
To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success. Continue Reading
By- Andrew Froehlich, West Gate Networks
- Jessica Groopman, Kaleido Insights
-
Tip
24 Jan 2024
The 9 best incident response metrics and how to use them
To solve a problem, one first has to know it exists. In incident response, that means knowing how long it takes to respond to and remediate threats, using these key metrics. Continue Reading
By- John Burke, Nemertes Research
-
Tip
23 Jan 2024
Building an incident response framework for your enterprise
Understanding incident response framework standards and how to build the best framework for your organization is essential to prevent threats and mitigate cyber incidents. Continue Reading
By- David Geer, Geer Communications
- Peter Sullivan
-
Feature
23 Jan 2024
Top incident response service providers, vendors and software
Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
By -
Tip
22 Jan 2024
Business continuity vs. disaster recovery vs. incident response
To stay in business, expect the unexpected. Learn how business continuity, disaster recovery and incident response differ -- and why organizations need plans for all three. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
- Alissa Irei, Senior Site Editor
-
Tip
22 Jan 2024
Incident response automation: What it is and how it works
Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder. Continue Reading
By- Alissa Irei, Senior Site Editor
- Andrew Froehlich, West Gate Networks
-
Tip
17 Jan 2024
How to conduct incident response tabletop exercises
Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event. Continue Reading
By -
Feature
17 Jan 2024
CISOs on alert following SEC charges against SolarWinds
The Securities and Exchange Commission announced charges against SolarWinds and its CISO in October, but will it help improve transparency or simply scare infosec executives? Continue Reading
By- Arielle Waldman, News Writer
-
Definition
17 Jan 2024
OODA loop
The OODA loop -- Observe, Orient, Decide, Act -- is a four-step approach to decision-making that focuses on filtering available information, putting it in context and quickly making the most appropriate decision, while also understanding that changes can be made as more data becomes available. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Sarah Lewis
-
Tip
17 Jan 2024
CERT vs. CSIRT vs. SOC: What's the difference?
What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading
By- Ed Moyle, Drake Software
-
Feature
17 Jan 2024
How to create a CSIRT: 10 best practices
The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
17 Jan 2024
Top 6 SOAR use cases to implement in enterprise SOCs
Automating basic SOC workflows with SOAR can improve an organization's security posture. Explore six SOAR use cases to streamline SOC processes and augment human analysts. Continue Reading
By- Andrew Froehlich, West Gate Networks
- Jessica Groopman, Kaleido Insights
-
Tip
16 Jan 2024
13 incident response best practices for your organization
An incident response program ensures security events are addressed quickly and effectively as soon as they occur. These best practices can help get your organization on track fast. Continue Reading
By- Charles Kolodgy, Security Mindsets
-
Tip
12 Jan 2024
Incident response: How to implement a communication plan
Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Feature
12 Jan 2024
10 types of security incidents and how to prevent them
Cyberattacks are more varied and numerous than ever. Learn the key signs of common security incidents and how to respond to keep systems and data safe. Continue Reading
By- TechTarget Contributor
- Alissa Irei, Senior Site Editor
-
Tip
11 Jan 2024
Cloud incident response: Frameworks and best practices
Cloud incident response, like it sounds, involves responding to incidents in the cloud. But there are nuances to be aware of and unique best practices to follow. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Definition
10 Jan 2024
vulnerability management
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems. Continue Reading