Tips
Tips
-
How to ensure your enterprise doesn't have compromised hardware
Enterprise protections are crucial in order to guarantee the safety of your hardware. Discover best practices to guard your enterprise's hardware with Nick Lewis. Continue Reading
-
For effective customer IAM, bundle security and performance
CIAM can verify identity, manage access and deliver a smooth experience for customers. Get an expert's insights on how to tackle customer IAM now. Continue Reading
-
How a flaw in Apple DEP misuses an MDM server
Hackers are able to enroll their devices in an organization's MDM server via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks. Continue Reading
-
How the SHA-3 competition declared a winning hash function
NIST tested competing hash functions over a period of five years for the SHA-3 algorithm competition. Learn the details of what they discovered from Judith Myerson. Continue Reading
-
5 actionable deception-tech steps to take to fight hackers
Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture. Continue Reading
-
What's different about Google Asylo for confidential computing?
The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings. Continue Reading
-
Testing applications in production vs. non-production benefits
To ensure proper application security testing, production and non-production systems should both be tested. In this tip, expert Kevin Beaver weighs the pros and cons. Continue Reading
-
How supply chain security has evolved over two decades
Both physical and cyber supply chain security are critically important. Expert Ernie Hayden outlines the recent history of supply chain defenses and what enterprises need to know. Continue Reading
-
Is network traffic monitoring still relevant today?
An increase in DNS protocol variants has led to a higher demand for network traffic monitoring. The SANS Institute's Johannes Ullrich explains what this means for enterprises. Continue Reading
-
How Google's cloud data deletion process can influence security policies
Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it. Continue Reading
-
How bring-your-own-land attacks are challenging enterprises
FireEye researchers developed a new technique called bring your own land, which involves attackers creating their own tools. Discover more about how this works with Nick Lewis. Continue Reading
-
How to configure a vTAP for cloud networks
A vTAP can give enterprises better visibility into their cloud networks. Expert Frank Siemons of InfoSec Institute explains how virtual network TAPs work and the available options. Continue Reading
-
Zero-trust security means new thinking plus practical steps
Implementing a security policy that, essentially, trusts no one and nothing doesn't have to be overwhelming if you understand the basics behind the security model. Continue Reading
-
How to configure browsers to avoid web cache poisoning
Web cache poisoning poses a serious threat to web browser security. Learn how hackers can exploit unkeyed inputs for malicious use with expert Michael Cobb. Continue Reading
-
How the Microsoft Authenticator app integrates with Azure AD
Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford explains how this tool is improving security. Continue Reading
-
Insider threat protection: Strategies for enterprises
Insider threats pose a serious risk to enterprises. Peter Sullivan explains how enterprises can use background checks and risk assessments for insider threat protection. Continue Reading
-
Why entropy sources should be added to mobile application vetting
NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made. Continue Reading
-
How testing perspectives helps find application security flaws
Application security testing requires users to test from all the right perspectives. Discover testing techniques that help find application security flaws with expert Kevin Beaver. Continue Reading
-
How deception technologies improve threat hunting, response
Deception tech tools enable more effective threat hunting and incident response. Learn how these tools can give security pros an edge in defending their company systems and data. Continue Reading
-
NIST incident response plan: 4 steps to better incident handling
The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step. Continue Reading
-
What Microsoft's InPrivate Desktop feature could mean for enterprises
Microsoft's secretive, potential new feature InPrivate Desktop could give security teams access to disposable sandboxes. Expert Ed Moyle explains how the feature could work. Continue Reading
-
Enterprises should reconsider SMS-based 2FA use after breach
A Reddit breach was triggered by threat actors intercepting SMS messages used to authenticate employees to access sensitive data. Learn why enterprises should reconsider SMS for 2FA. Continue Reading
-
How to protect enterprise ICS networks with firewalls
ICS network security can be improved using firewalls. Expert Ernie Hayden explains how ICS-specific firewalls can help keep ICS networks strong and protected. Continue Reading
-
Guide to identifying and preventing OSI model security risks: Layers 4 to 7
Each layer of the Open Systems Interconnection presents unique vulnerabilities that could move to other layers if not properly monitored. Here's how to establish risk mitigation strategies for OSI layer security in Layers 4 through 7. Continue Reading
-
How security, compliance standards prevent OSI layer vulnerabilities
Each layer of the Open Systems Interconnection presents unique -- but connected -- vulnerabilities. Here's how to establish OSI security and compliance best practices. Continue Reading
-
How do SLAs factor into cloud risk management?
While you may not have much control over the infrastructure used by cloud service providers, you’re not completely at their mercy when it comes to cloud risk management. Continue Reading
-
The implications of the NetSpectre vulnerability
The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe. Continue Reading
-
How to monitor AWS credentials with the new Trailblazer tool
A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave Shackleford explains how it can bolster cloud security. Continue Reading
-
How entropy sources interact with security and privacy plans
NIST published a draft of its 'Risk Management Framework for Information Systems and Organizations.' Learn what this report entails, as well as how entropy source controls play a key role. Continue Reading
-
Give your SIEM system a power boost with machine learning
The enterprise SIEM is still essential to IT defenses, but the addition of AI, in the form of machine learning capabilities, gives it even more potential power. Continue Reading
-
The time to consider SIEM as a service has arrived
Now even your SIEM comes in the as-a-service model. Assess whether it's time to consider outsourcing this fundamental tool in your defense lineup. Continue Reading
-
Prepping your SIEM architecture for the future
Is your SIEM ready to face the future? Or is it time for a major tune-up or at least some tweaks around the edges? Learn how to approach your SIEM assessment and updates. Continue Reading
-
Picking the right focus for web application security testing
Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas. Continue Reading
-
How is Android Accessibility Service affected by a banking Trojan?
ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service. Continue Reading
-
How to collect open source threat intelligence in the cloud
Threat intelligence analysis can be challenging and expensive for enterprises. Expert Frank Siemons explains how open source threat intelligence can simplify the process. Continue Reading
-
Why communication is critical for web security management
Conveying the importance of web security to management can be difficult for many security professionals. Kevin Beaver explains how to best communicate with the enterprise. Continue Reading
-
Securing remote access for cloud-based systems
Don't believe the hype: Access control in the cloud is not a lost cause. Read these tips to learn how you can better secure remote access to your cloud-based systems. Continue Reading
-
Understanding the risk SQL injection vulnerabilities pose
SQL injection vulnerabilities put a system at risk and are often unknown to users. Discover how this web vulnerability works and how to prevent it with expert Kevin Beaver. Continue Reading
-
SaaS platform security: The challenges of cloud network security
Organizations have the necessary tools to protect data stored and processed in IaaS platforms. Learn why SaaS platform security remains a challenge from expert Rob Shapland. Continue Reading
-
What about enterprise identity management for 'non-users'?
Identity and access management for service, machine and application accounts is as important as it is for individuals, so be sure your IAM strategy considers so-called non-users. Continue Reading
-
How hardening options help handle unpatchable vulnerabilities
Using multiple hardening options to endure unpatchable vulnerabilities is explored in a recent NIST report. Learn how entropy sources can be an additional option with Judith Myerson. Continue Reading
-
How the STARTTLS Everywhere initiative will affect surveillance
The EFF's STARTTLS Everywhere initiative encrypts email during delivery and aims to prevent mass email surveillance. Expert Michael Cobb explains how STARTTLS works. Continue Reading
-
How Azure AD uses cloud access control to protect credentials
Features such as Microsoft Azure AD Smart Lockout and Password Protection add security via trusted authentication. Learn more about cloud access control from expert Ed Moyle. Continue Reading
-
How insider fraud can be detected and avoided in the enterprise
IT sabotage and insider threats can put an organization at great risk. Guest expert Peter Sullivan details preventative measures to take and employee training techniques. Continue Reading
-
How hard-coded credentials threaten ICS security
Hard-coded credentials open industrial control systems up to unauthorized access by malicious actors and threaten ICS security. Expert Ernie Hayden explains the threat and what enterprises can do about it. Continue Reading
-
How to monitor and detect a cloud API vulnerability
A REST API vulnerability in Salesforce's Marketing Cloud service put users at risk of data disclosure. Learn how to detect cloud API vulnerabilities from expert Rob Shapland. Continue Reading
-
Red team assessments and post-assessment posture improvement
Testing an organization's security maturity is crucial for an organization to improve their post-assessment posture. Learn how red teaming can help this situation with Matt Pascucci. Continue Reading
-
Network reconnaissance: How to use SI6 Networks' IPv6 toolkit
SI6 Networks' IPv6 toolkit can do network reconnaissance using search engines and the Certificate Transparency framework. Learn how to use IPv6 toolkits from expert Fernando Gont. Continue Reading
-
Why container orchestration platforms risk data exposure
Container orchestration platforms expose interfaces and create the risk of data exposure and unauthorized access. Expert Dave Shackleford explains why these risks exist in enterprises. Continue Reading
-
How new cybersecurity problems emerge from fake news
As fake news continues to emerge, new cybersecurity challenges for IT professionals arise. Learn why we should continue to care about cyber propaganda and what we can do. Continue Reading
-
How to mitigate the Efail flaws in OpenPGP and S/MIME
Efail exploits vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext in encrypted emails. Learn more about the Efail vulnerabilities from expert Michael Cobb. Continue Reading
-
How criticality analysis benefits from an entropy engineer
NIST published 'Criticality Analysis Process Model: Prioritizing Systems and Components' to guide organizations when prioritizing systems. Discover the key processes with Judith Myerson. Continue Reading
-
How online malware collection aids threat intelligence
Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware. Continue Reading
-
What to do when IPv4 and IPv6 policies disagree
Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules. Continue Reading
-
Four new Mac malware strains exposed by Malwarebytes
Mac platforms are at risk after Malwarebytes discovered four new Mac malware strains. Learn how to protect your enterprise and how to mitigate these attacks with expert Nick Lewis. Continue Reading
-
Three steps to improve data fidelity in enterprises
Ensuring data fidelity has become crucial for enterprises. Expert Char Sample explains how to use dependency modeling to create boundaries and gather contextual data. Continue Reading
-
How to identify and protect high-value data in the enterprise
Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data. Continue Reading
-
Anonymity tools: Why the cloud might be the best option
The cloud might be the best of the available anonymity tools. Expert Frank Siemons explains the other options for anonymity for security and why the cloud is the best for privacy. Continue Reading
-
Domain fronting: Why cloud providers are concerned about it
Domain fronting is a popular way to bypass censorship controls, but cloud providers like AWS and Google have outlawed its use. Expert Michael Cobb explains why. Continue Reading
-
The risks of container image repositories compared to GitHub
As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
-
Fine-tuning incident response automation for optimal results
Wondering where to apply automation to incident response in order to achieve the best results? The variety of options might be greater than you imagine. Read on to learn more. Continue Reading
-
How to integrate an incident response service provider
Adding a third-party incident response service to your cybersecurity program can bulk up enterprise defenses, but the provider must be integrated carefully to reap the benefits. Continue Reading
-
How to stop malicious browser add-ons from taking root
Researchers at Malwarebytes discovered several new browser extension threats. Discover how to avoid and properly removed malicious add-ons with expert Nick Lewis. Continue Reading
-
The threat of shadow admins in the cloud to enterprises
Having shadow admins in the cloud means unauthorized users can access everything a legitimate administrator can. Expert Ed Moyle explains how this works and how to stop it. Continue Reading
-
Common security oversights within an AWS environment
There's often an assumption that AWS systems can't be tested, as they're hosted in the cloud; however, this is not the case. Discover common security oversights in AWS environments. Continue Reading
-
How cyber resiliency is achieved via NIST's 14-step approach
Improving cyber resiliency helps organizations manage risk. Discover the 14 techniques NIST has identified to help achieve cyber resiliency with expert Judith Myerson. Continue Reading
-
Why a zero-trust network with authentication is essential
Zero-trust networks are often deemed compromised and untrusted, making authentication variables essential to security. Expert Matthew Pascucci explains a zero-trust security model. Continue Reading
-
How to use Packetbeat to monitor Docker container traffic
Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
-
Insider threats: Preventing intellectual property theft
IP theft is often committed by insiders or disgruntled employees who feel entitled to information. Peter Sullivan explains the threat and how to prevent these insider attacks. Continue Reading
-
How studying the black hat community can help enterprises
White hat hackers often assimilate themselves into the black hat community to track the latest threats. Discover how this behavior actually benefits the enterprise with David Geer. Continue Reading
-
Know your enemy: Understanding insider attacks
Insider attacks are a significant threat to enterprises. Expert Ernie Hayden provides an introduction to insider threats and how organizations can protect themselves. Continue Reading
-
How to secure cloud buckets for safer storage
Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
-
How white hat hackers can tell you more than threat intelligence
White hat hackers can play a key role in assessing threats lurking on the dark web. Discover what traditional threat intelligence isn't telling you and how white hats can help. Continue Reading
-
How to use the OODA loop to improve network security
The OODA loop can be used to establish cyber deception against hackers to improve network security. Learn the OODA steps and how they can be applied to security with Kevin Fiscus. Continue Reading
-
Application security programs: Establishing reasonable requirements
Creating security program requirements can be a challenging task, especially with application security. In this tip, Kevin Beaver shares several ways to create an effective program. Continue Reading
-
Cloud risk management explained: Just how secure are you?
There is no shortage of vulnerabilities in the cloud, but the same is true of any outsourcing arrangement. Practicing cloud risk management is essential to staying secure. Continue Reading
-
Where machine learning for cybersecurity works best now
Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more. Continue Reading
-
AI and machine learning in network security advance detection
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals. Continue Reading
-
How lattice-based cryptography will improve encryption
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option. Continue Reading
-
How entropy sources help secure applications with SDLC
Some applications need cryptographic algorithms to test and work properly. Expert Judith Myerson discusses this division in terms of the software development lifecycle. Continue Reading
-
How layered security can help and hinder application security
The growth of technology includes the growth of layered security. Join expert Kevin Beaver as he explains the pros and cons of layered defenses for application security. Continue Reading
-
Cloud endpoint security: Balance the risks with the rewards
While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
-
Building an effective security program for beginners
Charles Kao explains why continuous learning, observation of merit and appreciation of others are key elements for an effective security program -- and for preventing cyberattacks. Continue Reading
-
How the Meltdown and Spectre vulnerabilities impact security
The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. Continue Reading
-
DeOS attacks: How enterprises can mitigate the threat
An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer. Continue Reading
-
Are Meltdown and Spectre real vulnerabilities or mere flaws?
There's been some debate over whether Meltdown and Spectre are true vulnerabilities. Expert Michael Cobb discusses what qualifies as a vulnerability and if these two make the cut. Continue Reading
-
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
How to prevent cloud cryptojacking attacks on your enterprise
As the value of bitcoin has risen over the last year, so has the prevalence of cloud cryptojacking attacks. Expert Rob Shapland explains how enterprises can prevent these attacks. Continue Reading
-
Three IoT encryption alternatives for enterprises to consider
The use of cryptography alternatives for IoT devices grants users certain benefits and potential security challenges. Learn more about each alternative with expert Judith Myerson. Continue Reading
-
Protecting the DNS protocol: How DNSSEC can help
Securing the DNS protocol is no joke. Learn what the DNS Security Extensions are and the efforts the United States government is taking to push DNSSEC adoption. Continue Reading
-
Ways to solve DNS security issues in your organization
Get up to speed fast on means and methods for reducing or eliminating security-related issues in DNS, an integral service upon which the internet depends. Continue Reading
-
How a cloud backdoor poses a threat to the enterprise
Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
-
How security automation and orchestration impacts enterprises
The use of security automation and orchestration systems is on the rise, as they have the ability to provide automatic responses to threats. Learn how this benefits the enterprise. Continue Reading
-
How the BloodHound tool can improve Active Directory security
Auditing Active Directory can be made easier with tools like the open source BloodHound tool. Expert Joe Granneman looks at the different functions of the tool and how it can help. Continue Reading
-
How enterprises should handle GDPR compliance in the cloud
GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland explains why it's not so different from on premises. Continue Reading
-
What the security incident response process should look like
An enterprise needs to have a strong security incident response process plan mapped out early. Expert Ernie Hayden shares how to turn an incident into a learning experience. Continue Reading
-
How TLS mutual authentication for cloud APIs bolsters security
Secure access to cloud APIs is necessary but challenging. One viable option to combat that is TLS mutual authentication, according to expert Ed Moyle. Continue Reading
-
Zero-trust model promises increased security, decreased risk
The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading
-
How to do risk management in cybersecurity using ERM
Perfect security is impossible, but using risk management in cybersecurity using a range of strategies can significantly reduce your organization’s risk. Continue Reading
-
How a Blizzard DNS rebinding flaw put millions of gamers at risk
A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it. Continue Reading