Security operations and management
Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.
Top Stories
-
Feature
20 Dec 2024
Identity and access management tools and features for 2025
The IAM tool marketplace is complex and ever-changing. Learn about key features and how to discern what your organization needs before approaching potential providers. Continue Reading
By- Ed Moyle, Drake Software
-
Guest Post
19 Dec 2024
Add gamification learning to your pen testing training playbook
Organizations that embrace gamification in their pen testing training are better positioned to build and maintain the skilled security teams needed to address evolving threats. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Guest Post
18 Apr 2023
Standardized data collection methods can help fight cybercrime
Implementing standards similar to NERC CIP for the entire cybersecurity industry could make it easier for law enforcement to investigate and prosecute cyber attackers. Continue Reading
By- Juan Vargas
-
Tip
17 Apr 2023
How to build a cybersecurity deception program
In 'The Art of War,' Sun Tzu declared, 'All warfare is based on deception.' Learn how to apply this principle in the enterprise by building a cybersecurity deception program. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tutorial
13 Apr 2023
How to use the John the Ripper password cracker
Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
13 Apr 2023
Key Apple-native macOS security features for administrators
There are lots of universal security controls that can apply to any type of desktops, but IT teams need to look at the specific features native to desktops such as macOS. Continue Reading
-
Tutorial
12 Apr 2023
How to create fine-grained password policy in AD
Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tutorial
12 Apr 2023
How to enable Active Directory fine-grained password policies
Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Opinion
11 Apr 2023
10 hot topics to look for at RSA Conference 2023
RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Answer
07 Apr 2023
Defining policy vs. standard vs. procedure vs. control
Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control. Continue Reading
By- Katie Donegan, Social Media Manager
-
Definition
05 Apr 2023
deprovisioning
Deprovisioning is the part of the employee lifecycle in which access rights to software and network services are taken away. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Feature
05 Apr 2023
Reinforce industrial control system security with ICS monitoring
Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
By- Sharon Shea, Executive Editor
-
Feature
05 Apr 2023
An intro to the IDMZ, the demilitarized zone for ICSes
Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
By- Sharon Shea, Executive Editor
-
Feature
05 Apr 2023
ICS kill chain: Adapting the cyber kill chain to ICS environments
As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
By- Sharon Shea, Executive Editor
- Packt Publishing
-
Feature
03 Apr 2023
Why medical device vulnerabilities are hard to prioritize
Vulnerabilities in critical medical devices could lead to loss of life. But opinions are mixed on how serious the risk is to patient safety and how best to address the flaws. Continue Reading
By- Alexis Zacharakos, Student Co-op
-
Tip
29 Mar 2023
Vulnerability management vs. risk management, compared
Vulnerability management seeks out security weaknesses in an organization, while risk management involves looking holistically at how the company is running. Continue Reading
By- Ravi Das, ML Tech Inc.
-
Definition
24 Mar 2023
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
23 Mar 2023
cyber espionage
Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Tip
21 Mar 2023
4 ChatGPT cybersecurity benefits for the enterprise
As OpenAI technology matures, ChatGPT could help close cybersecurity's talent gap and alleviate its rampant burnout problem. Learn about these and other potential benefits. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
20 Mar 2023
FBI arrests suspected BreachForums owner in New York
The BreachForums arrest occurred days after DC Health Link's data went up for sale on the dark web message board, though the affidavit did not cite the breach in the arrest. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Guest Post
15 Mar 2023
6 principles for building engaged security governance
Security governance isn't enough. Enter engaged security governance -- an ongoing process that aligns business strategy with security across an organization. Continue Reading
By- Steve Durbin
-
News
15 Mar 2023
Dell launches new security offerings for data protection, MDR
Dell's new and expansive services focus on top security challenges enterprises face, such as data protection, ransomware recovery and supply chain threats. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
14 Mar 2023
information security (infosec)
Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information. Continue Reading
By- Kinza Yasar, Technical Writer
- Gavin Wright
- Taina Teravainen
-
Tip
13 Mar 2023
Is cybersecurity recession-proof?
No field is totally immune to economic downturns, but flexible, practical and prepared cybersecurity professionals should be able to weather any upcoming storms. Continue Reading
By- Jerald Murphy, Nemertes Research
-
News
09 Mar 2023
VulnCheck: CISA's KEV missing 42 vulnerabilities from 2022
VulnCheck said CISA's Known Exploited Vulnerabilities catalog 'cannot be treated as the authoritative catalog of exploited vulnerabilities' in its current state. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
08 Mar 2023
White House cybersecurity plan collides with SecOps reality
The White House Cybersecurity Strategy sets lofty goals. But recent market research suggests a significant number of enterprises don't follow existing SecOps best practices. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Opinion
07 Mar 2023
Research examines security operations proficiency issues
Instead of looking at where security operations teams excel, Enterprise Strategy Group asked security pros where teams are least proficient. Learn where and how to fix it. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
02 Mar 2023
New National Cybersecurity Strategy takes aim at ransomware
The Biden-Harris administration's 39-page National Cybersecurity Strategy covers multiple areas, including disrupting ransomware operations and addressing vulnerable software. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
23 Feb 2023
Inside the PEIR purple teaming model
Want to try purple team exercises but aren't sure how to do so? Try the 'Prepare, Execute, Identify and Remediate' purple teaming model. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Feature
23 Feb 2023
Understanding purple teaming benefits and challenges
Blue teams and red teams are coming together to form purple teams to improve their organization's security posture. What does this mean for the rivals? And how does it work? Continue Reading
By- Kyle Johnson, Technology Editor
-
Definition
16 Feb 2023
E-Sign Act (Electronic Signatures in Global and National Commerce Act)
The E-Sign Act (Electronic Signatures in Global and National Commerce Act) is a U.S. federal law that specifies that, in the United States, the use of an electronic signature (e-signature) is as legally valid as a traditional signature written in ink on paper. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Tip
16 Feb 2023
Web 3.0 security risks: What you need to know
Elements of the third version of the web are coming to fruition. But Web 3.0 also comes with new cybersecurity, financial and privacy threats besides the familiar risks of Web 2.0. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
Definition
09 Feb 2023
digital footprint
A digital footprint -- sometimes called a digital shadow -- is the body of data that an individual creates through their actions online. Continue Reading
By- Ben Lutkevich, Site Editor
- Ivy Wigmore
-
Tip
06 Feb 2023
What to keep in mind when securing virtual environments
Virtual environments can contain numerous vulnerabilities for attackers to exploit -- with potentially devastating results. Use these tips to select security tools and strategies. Continue Reading
By- Brian Kirsch, Milwaukee Area Technical College
-
Tutorial
01 Feb 2023
How to use BeEF, the Browser Exploitation Framework
The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks. Continue Reading
By- Ed Moyle, Drake Software
-
Tip
31 Jan 2023
What cybersecurity consolidation means for enterprises
Experts predict cybersecurity consolidation will increase in the months and years ahead. Security leaders should consider what that means for their purchasing strategies. Continue Reading
By- Jerald Murphy, Nemertes Research
-
News
25 Jan 2023
OpenSSF GM talks funding, legal software supply chain issues
The OpenSSF leader lays out plans fund open source software supply chain security in a slowing economy and to speak out against the EU's Cyber Resilience Act. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Tip
25 Jan 2023
How cyber deception technology strengthens enterprise security
They say the best defense is a good offense. Cyber deception puts that philosophy into practice in the enterprise, using a combination of technology and social engineering. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
17 Jan 2023
CircleCI incident adds to SecOps toil
SaaS CI/CD vendor CircleCI urged customers to rotate all secrets data, the latest of several security breaches weighing on SecOps pros charged with responding. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
16 Jan 2023
Judge dismisses Chris Hadnagy lawsuit against DEF CON
DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
10 Jan 2023
Risk & Repeat: Analyzing the Rackspace ransomware attack
This Risk & Repeat podcast episode discusses new details of the Rackspace ransomware attack, as well as the questions remaining following the company's final status update. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
05 Jan 2023
How to configure Windows privacy settings with Intune
To personalize UX, Windows devices aren't shy about collecting user data. This isn't ideal for enterprise security. Discover how to lock down privacy settings with Intune. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Podcast
21 Dec 2022
Risk & Repeat: OT security progress, threats in 2022
This Risk & Repeat podcast episode discusses the current state of OT security, including the convergence with IT environments and an ever-evolving threat landscape. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
19 Dec 2022
The state of OT security: A rapidly evolving landscape
Security experts weigh in on how the OT security landscape has evolved over the last decade, and where it could be going next as threats continue to mount. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
19 Dec 2022
11 cybersecurity predictions for 2023
Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By- Kyle Johnson, Technology Editor
-
News
02 Dec 2022
Experts argue 'sludge' could muck up cyber attacks
Network defenders can supplement their security postures with additional settings and policies that frustrate and discourage attackers, according to a new research paper. Continue Reading
-
Opinion
02 Dec 2022
XDR definitions don't matter, outcomes do
Despite remaining confusion about what XDR is, security teams need to improve threat detection and response. ESG research revealed plans for increased XDR spending in 2023. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
01 Dec 2022
Mozilla, Microsoft drop Trustcor as root certificate authority
Mozilla and Microsoft removed support for TrustCor certificates after a Washington Post report revealed the company's ties to government contractors specializing in spyware. Continue Reading
By- Rob Wright, Senior News Director
-
News
14 Nov 2022
Moreno Valley school system shores up ransomware defenses
Moreno Valley Unified School District officials discuss the steps they've taken to better protect sensitive data and critical applications against the growing threat of ransomware. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Nov 2022
DOJ charges accused Lockbit ransomware actor
The U.S. Department of Justice filed criminal charges against a Canadian man with dual Russian citizenship who is accused of being part of the LockBit ransomware crew. Continue Reading
-
Feature
08 Nov 2022
How to build a shadow IT policy to reduce risks, with template
With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
By -
News
07 Nov 2022
Nozomi Networks CEO talks OT security and 'budget muscle'
Nozomi Networks CEO Edgard Capdevielle sat down with TechTarget Editorial to discuss the evolution of OT security and the challenge of 'budget muscle' many organizations face. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
04 Nov 2022
Honeywell weighs in on OT cybersecurity challenges, evolution
TechTarget Editorial sat down with Honeywell's Paul Griswold and Jeff Zindel to discuss the rapid growth and evolution of the operational technology cybersecurity industry. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
01 Nov 2022
Ideal CISO reporting structure is to high-level business leaders
CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
By- John Burke, Nemertes Research
-
Opinion
31 Oct 2022
Security hygiene and posture management requires new tools
Using multiple tools to address security hygiene and posture management at scale is costly and difficult. A new converged security technology category may be the answer. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Podcast
28 Oct 2022
Risk & Repeat: Microsoft, SOCRadar spar over data leak
This podcast episode discusses threat intelligence vendor SOCRadar's disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
28 Oct 2022
8 cybersecurity books to read in 2023
Brush up on your cybersecurity skills by picking up one of these titles. Continue Reading
By- Sarah Amsler, Senior Managing Editor
-
Guest Post
28 Oct 2022
It's time to rethink security certification for OT devices
Security certifications don't protect OT devices from vulnerable processes and insecure-by-design practices. It's time to update security certs for the connected OT age. Continue Reading
By- Daniel dos Santos
-
Feature
28 Oct 2022
Enterprise ransomware preparedness improving but still lacking
An Enterprise Strategy Group survey found enterprises are making strides in ransomware preparedness, but work remains to prevent and mitigate attacks. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
26 Oct 2022
Researchers criticize HackerOne over triage, mediation woes
HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
24 Oct 2022
6 ways to prevent privilege escalation attacks
Privileges dictate the access a user or device gets on a network. Hackers who access these privileges can create tremendous damage. But there are ways to keep your networks safe. Continue Reading
By -
Tip
21 Oct 2022
The top 5 ethical hacker tools to learn
Ethical hackers have a wealth of tools at their disposal that search for vulnerabilities in systems. Learn about five such tools that should be part of any hacker's tool set. Continue Reading
By -
Tip
19 Oct 2022
How to manage and reduce secret sprawl
Secret sprawl plagues companies, making them vulnerable to data breaches. Discover what causes secret sprawl and how to better protect secrets. Continue Reading
By- Charles Kolodgy, Security Mindsets
-
Tip
18 Oct 2022
Compare vulnerability assessment vs. vulnerability management
Vulnerability assessments and vulnerability management are different but similar-sounding security terms. Discover their similarities and differences. Continue Reading
By- Ravi Das, ML Tech Inc.
-
Definition
18 Oct 2022
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Podcast
14 Oct 2022
Risk & Repeat: Breaking down the Joe Sullivan conviction
This podcast episode discusses conviction of former Uber CSO Joe Sullivan, who was found guilty last week of covering up the company's 2016 data breach. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
13 Oct 2022
How to avoid common GPO backup and restore problems
Group Policy Objects help admins maintain control of the enterprise environment, but it takes some planning to understand how to properly protect and recover GPOs to avoid trouble. Continue Reading
By- Mike Kanakos, Align Technology
-
Definition
13 Oct 2022
clean desk policy (CDP)
A clean desk policy (CDP) is a corporate directive that specifies how employees should leave their working space when they leave the office. Continue Reading
-
Feature
13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing
Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By- Kyle Johnson, Technology Editor
-
Feature
12 Oct 2022
7 steps for implementing zero trust, with real-life examples
More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
By- Alissa Irei, Senior Site Editor
- Johna Till Johnson, Nemertes Research
-
Tip
11 Oct 2022
How to conduct a cybersecurity audit based on zero trust
This checklist offers guidance on how to prepare for a zero-trust cybersecurity audit and helps document how well cybersecurity controls are performing based on CISA's ZTMM. Continue Reading
By -
Definition
07 Oct 2022
communication plan
A communication plan is a policy-driven approach to providing company stakeholders with certain information. Continue Reading
-
Feature
05 Oct 2022
Top zero-trust certifications and training courses
Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
By- Katie Donegan, Social Media Manager
- Isabella Harford, TechTarget
-
News
04 Oct 2022
Tenable shifts focus, launches exposure management platform
The company said it's expanding beyond vulnerability management to address the growing attack surface and the challenges customers face to address it. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
29 Sep 2022
Multifactor authentication isn't perfect, passwordless is better
Passwords are frequently the root cause of breaches, and multifactor authentication only provides a stopgap for account protection. It's time to adopt a passwordless strategy. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Guest Post
29 Sep 2022
Solve ICS security issues with ICS and IT team convergence
It's predicted that threat actors will weaponize industrial control systems to harm or kill humans by 2025. Prepare by learning how to balance ICS and security convergence. Continue Reading
By- Steve Durbin
-
Definition
27 Sep 2022
MICR (magnetic ink character recognition)
MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or originality of checks and other paper documents. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Guest Post
26 Sep 2022
Tips for developing cybersecurity leadership talent
Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
By- Richard Addiscott
-
News
21 Sep 2022
Cobalt Strike gets emergency patch
The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite. Continue Reading
-
Answer
20 Sep 2022
How DKIM records reduce email spoofing, phishing and spam
Learn how implementing DomainKeys Identified Mail helps protect against phishing, spam and email forgery by digitally signing outgoing messages. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
16 Sep 2022
Discover the benefits and challenges of bug bounty programs
Bug bounty programs have a number of benefits and challenges. Before adopting such a program at your organization, read up on the pros and cons to decide if it would be a good fit. Continue Reading
By -
Guest Post
16 Sep 2022
How SOCs can identify the threat actors behind the threats
Learn how SOC teams can track threat actors by understanding the factors that influence an attack, such as the type of infrastructure used or commonly targeted victims. Continue Reading
By- Josh Davies
-
Podcast
16 Sep 2022
Risk & Repeat: The White House wants secure software
This podcast episode discusses the implications of the Biden administration's new purchasing and usage guidelines for software utilized by U.S. federal agencies. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Sep 2022
Biden issues cybersecurity guidance for software vendors
The guidance is an extension of President Biden's cybersecurity executive order from 2021 and includes new requirements for software deployed in federal agencies. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Quiz
09 Sep 2022
Sample CompTIA CASP+ practice questions with answers
Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
09 Sep 2022
How to prepare for the CompTIA CASP+ exam
Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
By- Isabella Harford, TechTarget
-
Definition
08 Sep 2022
information security management system (ISMS)
An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. Continue Reading
By- Kinza Yasar, Technical Writer
-
Feature
05 Sep 2022
What is the future of cybersecurity?
Cybersecurity is top of mind for businesses and their boards amid a relentless rise in cyber threats. What does the future of cybersecurity look like? Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
News
25 Aug 2022
Twitter whistleblower report holds security lessons
The whistleblower report from Twitter's former security lead should provide companies and boards with lessons on how not to handle internal security concerns. Continue Reading
-
Tip
24 Aug 2022
How to conduct a secure code review
Learn how to conduct a secure code review -- a critical step in the software development lifecycle -- to avoid releasing an app with bugs and security vulnerabilities. Continue Reading
By -
Tip
18 Aug 2022
What is identity sprawl and how can it be managed?
With identity-based attacks on the rise, organizations need to prioritize identity management. Learn about identity sprawl, why it's a risk and how it can be managed. Continue Reading
By -
Opinion
17 Aug 2022
Data security as a layer in defense in depth against ransomware
Having data security as part of a defense-in-depth strategy can reduce the likelihood of a successful ransomware attack. Continue Reading
By -
News
16 Aug 2022
For cyber insurance, some technology leads to higher premiums
Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
16 Aug 2022
What is DomainKeys Identified Mail (DKIM)?
DomainKeys Identified Mail (DKIM) is a protocol for authenticating email messages using public key cryptography to protect against forged emails. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Definition
12 Aug 2022
What is Domain-based Message Authentication, Reporting and Conformance (DMARC)?
The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol is one leg of the tripod of internet protocols that support email authentication methods. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
11 Aug 2022
Sigstore co-creator talks GitHub, Kubernetes and next steps
Dan Lorenc reflects on a whirlwind year for his open source project, now officially incorporated into Kubernetes and GitHub's npm registry, and his plans for the year to come. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
11 Aug 2022
How CI/CD pipelines are putting enterprise networks at risk
At Black Hat USA 2022, NCC Group researchers demonstrated how threat actors can compromise CI/CD pipelines and break out into enterprise networks and cloud environments. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
11 Aug 2022
What is data security? The ultimate guide
Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
-
News
10 Aug 2022
AWS, Splunk and more launch cybersecurity analytics standard
AWS and other IT vendors will start building connectors based on a new standard schema meant to streamline data sharing between cybersecurity tools. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
10 Aug 2022
Is ethical hacking legal? And more ethical hacking advice
Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker. Continue Reading
By- Isabella Harford, TechTarget
-
Feature
10 Aug 2022
Ethical hacking: How to conduct a Sticky Keys hack
Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack. Continue Reading
By- Isabella Harford, TechTarget
- No Starch Press