New & Notable
News
Cisco zero-day flaws in ASA, FTD software under attack
Cisco revealed a nation-state threat campaign dubbed "ArcaneDoor" exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products.
Evaluate
3 ways AI is transforming cloud security, according to experts
Generative AI only recently burst into the collective consciousness, but experts say it is already changing cloud security -- on both the defensive and offensive sides.
News
Critical CrushFTP zero-day vulnerability under attack
While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server.
News
Coalition: Insurance claims for Cisco ASA users spiked in 2023
Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access.
Trending Topics
-
Data Security & Privacy News
U.S. cracks down on commercial spyware with visa restrictions
The move marks the latest effort by the U.S. government to curb the spread of commercial spyware, which has been used to target journalists, politicians and human rights activists.
-
Threats & Vulnerabilities News
GitHub vulnerability leaks sensitive security reports
The vulnerability is triggered when GitHub users correct code or other mistakes they discover on repositories. But GitHub does not believe it warrants a fix.
-
IAM Evaluate
Traditional MFA isn't enough, phishing-resistant MFA is key
Not every MFA technique is effective in combating phishing attacks. Enterprises need to consider new approaches to protect end users from fraudulent emails.
-
Analytics & Automation News
Microsoft Copilot for Security brings GenAI to SOC teams
Microsoft's latest AI-powered tool, now generally available, has been beneficial for security teams regarding efficiency, but infosec experts see some room for improvements.
-
Network Security News
Cisco discloses high-severity vulnerability, PoC available
The security vendor released fixes for a vulnerability that affects Cisco Integrated Management Controller, which is used by devices including routers and servers.
-
Operations & Management Evaluate
4 steps CISOs can take to raise trust in their business
When CISOs align their investments with CIOs' tech investments, both can fuel business success and enable greater trust with customers, employees and partners.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
Traditional MFA isn't enough, phishing-resistant MFA is key
Not every MFA technique is effective in combating phishing attacks. Enterprises need to consider new approaches to protect end users from fraudulent emails.
-
4 steps CISOs can take to raise trust in their business
-
3 Keycloak authorization strategies to secure app access
-
Optimize encryption and key management in 2024
-
-
Problem Solve
How to conduct security patch validation and verification
Learn about the validation and verification phases of the security patch deployment cycle, two key steps to ensuring an organization's patch management procedure is proactive.
-
Key software patch testing best practices
-
Microsoft Teams phishing attacks and how to prevent them
-
How to prevent cloud account hijacking attacks
-
-
Manage
Automated patch management: 9 best practices for success
Automating the patching process is almost a necessity, especially in large organizations. Here's why, plus pros and cons, tips and best practices for keeping systems up to date.
-
ID management
-
Cloud database security: Best practices, challenges and threats
-
5 top OT threats and security challenges
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
Stateful vs. stateless firewalls: Understanding the differences
Stateful firewalls are the norm in most networks, but there are still times where a stateless firewall fits the bill. Learn how these firewalls work and what approach might be best.
-
Get Started
ID management
Identity management (ID management) is the organizational process for ensuring individuals have the appropriate access to technology resources.
-
Get Started
single sign-on (SSO)
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a username and password -- to access multiple applications.
Multimedia
-
News
View All -
Threat detection and response
Critical CrushFTP zero-day vulnerability under attack
While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server.
-
Risk management
Coalition: Insurance claims for Cisco ASA users spiked in 2023
Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access.
-
Threats and vulnerabilities
GitHub vulnerability leaks sensitive security reports
The vulnerability is triggered when GitHub users correct code or other mistakes they discover on repositories. But GitHub does not believe it warrants a fix.