Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
Mitre ATT&CK framework
The Mitre ATT&CK (pronounced miter attack) framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyber adversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system. Continue Reading
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments. Continue Reading
-
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ... Continue Reading
CISO as a service (vCISO, virtual CISO, fractional CISO)
A CISO as a service (CISOaaS) is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider. Continue Reading
4 tips to find cyber insurance coverage in 2024
The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2024 and how to get the most from your organization's coverage this year.Continue Reading
SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags
Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best.Continue Reading
How to protect your organization from IoT malware
IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks.Continue Reading
cardholder data environment (CDE)
A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores or transmits cardholder data or sensitive payment authentication data.Continue Reading
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.Continue Reading
-
threat detection and response (TDR)
Threat detection and response (TDR) is the process of identifying potential threats and reacting to them before they impact the business.Continue Reading
7 useful hardware pen testing tools
Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more.Continue Reading
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a publicly listed catalog of known security threats.Continue Reading
cybersecurity asset management (CSAM)
Cybersecurity asset management (CSAM) is the process created to continuously discover, inventory, monitor, manage and track an organization's assets to determine what those assets do and identify and automatically remediate any gaps in its ...Continue Reading
authentication
Authentication is the process of determining whether someone or something is who or what they say they are.Continue Reading
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management.Continue Reading
privacy impact assessment (PIA)
A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system.Continue Reading
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits.Continue Reading
What does an IT security manager do?
IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection.Continue Reading
What an email security policy is and how to build one
Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company.Continue Reading
Top 12 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right ones for your organization.Continue Reading
How to create a company password policy, with template
Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use.Continue Reading
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions.Continue Reading
How to use SDelete to ensure deleted data is gone for good
When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data.Continue Reading
SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (...Continue Reading
Plundervolt
Plundervolt is the name of an undervolting attack that targeted Intel central processing units (CPUs).Continue Reading
12 common types of malware attacks and how to prevent them
The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them.Continue Reading
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN).Continue Reading
Structured Threat Information eXpression (STIX)
Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.Continue Reading
antispoofing
Antispoofing is a technique for identifying and dropping packets that have a false source address.Continue Reading
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure ...Continue Reading
Cybersecurity vs. cyber resilience: What's the difference?
Companies need cybersecurity and cyber-resilience strategies to protect against attacks and mitigate damage in the aftermath of a successful data breach.Continue Reading
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser.Continue Reading
speculative risk
Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss.Continue Reading
Allowlisting vs. blocklisting: Benefits and challenges
Allowlisting and blocklisting are key components of access control. Learn the benefits and challenges of each approach and why a combination of the two is often the best strategy.Continue Reading
How to conduct a cyber-resilience assessment
It's a good cyber-hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment.Continue Reading
What are the most important email security protocols?
Email was designed without security considerations. Email security protocols, including SMPTS, SPF and S/MIME, add mechanisms to keep messaging safe from threats.Continue Reading
security awareness training
Security awareness training is a strategic approach IT and security professionals take to educate employees and stakeholders on the importance of cybersecurity and data privacy.Continue Reading
5 steps to achieve a risk-based security strategy
Learn about the five steps to implement a risk-based security strategy that helps naturally deliver compliance as a consequence of an improved security posture.Continue Reading
chief risk officer (CRO)
The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.Continue Reading
authentication, authorization and accounting (AAA)
Authentication, authorization and accounting (AAA) is a security framework for controlling and tracking user access within a computer network.Continue Reading
Security awareness training quiz: Questions and answers
From ransomware to passphrases, find out how much you know about preventing cybersecurity incidents in this security awareness training quiz.Continue Reading
Physical pen testing methods and tools
While companies regularly conduct network penetration tests, they may overlook physical office security. Here's how attackers -- with a baseball cap and smartphone -- get in.Continue Reading
risk appetite
Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.Continue Reading
CSSLP (Certified Secure Software Lifecycle Professional)
CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC).Continue Reading
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise.Continue Reading
Microsoft Schannel (Microsoft Secure Channel)
The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms.Continue Reading
risk assessment
Risk assessment is the process of identifying hazards that could negatively affect an organization's ability to conduct business.Continue Reading
compliance as a service (CaaS)
Compliance as a service (CaaS) is a cloud service that specifies how a managed service provider (MSP) helps an organization meet its regulatory compliance mandates.Continue Reading
security posture
Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats.Continue Reading
ISO 31000 Risk Management
The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management.Continue Reading
voice squatting
Voice squatting is an attack vector for voice user interfaces, or VUIs, that exploits homonyms -- words that sound the same, but are spelled differently -- and input errors -- words that are mispronounced.Continue Reading
multifactor authentication
Multifactor authentication (MFA) is an account login process that requires multiple methods of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.Continue Reading
How to land a corporate board seat as a CISO
Any CISO who aspires to a corporate board seat needs a strategic approach. Learn how security executives can position themselves to become top-level decision-makers.Continue Reading
cyber insurance
Cyber insurance, also called cyber liability insurance or cybersecurity insurance, is a contract an entity can purchase to help reduce the financial risks associated with doing business online.Continue Reading
How to use Wireshark to sniff and scan network traffic
Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list.Continue Reading
How to develop a cybersecurity strategy: Step-by-step guide
A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there.Continue Reading
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks.Continue Reading
principle of least privilege (POLP)
The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what is strictly required to do their jobs.Continue Reading
How to create a SOAR playbook in Microsoft Sentinel
Using automation through tools such as SOAR and SIEM can improve incident response alert efficiency. One automated feature analysts can use is the SOAR playbook.Continue Reading
DNS over HTTPS (DoH)
DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.Continue Reading
governance, risk and compliance (GRC)
Governance, risk and compliance (GRC) refers to an organization's strategy for handling the interdependencies among the following three components: corporate governance policies, enterprise risk management programs, and regulatory and company ...Continue Reading
What is extortionware? How does it differ from ransomware?
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware.Continue Reading
total risk
Total risk is an assessment that identifies all the risk factors associated with pursuing a specific course of action.Continue Reading
steganography
Steganography is the technique of hiding data within an ordinary, nonsecret file or message to avoid detection; the hidden data is then extracted at its destination.Continue Reading
triple extortion ransomware
Triple extortion ransomware is a type of ransomware attack where a cybercriminal extorts their victim multiple times, namely by encrypting data, exfiltrating data to expose and threatening a third attack vector.Continue Reading
double extortion ransomware
Double extortion ransomware is a novel form of malware that combines ransomware with elements of extortionware to maximize the victim's potential payout.Continue Reading
The 10 biggest ransomware attacks in history
From private organizations and manufacturers to healthcare organizations and entire countries, read up on 10 of the most famous ransomware attacks of all time.Continue Reading
risk avoidance
Risk avoidance is the elimination of hazards, activities and exposures that can negatively affect an organization and its assets.Continue Reading
6 stages of the ransomware lifecycle
Know thy enemy. By understanding the nuances of the ransomware lifecycle, enterprise security teams can best protect their organizations from attacks.Continue Reading
pure risk
Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.Continue Reading
risk profile
A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.Continue Reading
residual risk
Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made.Continue Reading
risk exposure
Risk exposure is the quantified potential loss from business activities currently underway or planned.Continue Reading
risk map (risk heat map)
A risk map (risk heat map) is a data visualization tool for communicating specific risks an organization faces.Continue Reading
email security
Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting against unauthorized access and email threats.Continue Reading
Types of ransomware and a timeline of attack examples
There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants.Continue Reading
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they are who they say they are.Continue Reading
network vulnerability scanning
Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points.Continue Reading
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication.Continue Reading
risk analysis
Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.Continue Reading
How to conduct a cloud security assessment
Cloud environments are complicated by visibility issues, misconfigurations and more. Cloud security assessments are one way to ensure everything is protected.Continue Reading
Best practices for reporting ransomware attacks
Organizations must decide whether to report ransomware incidents to the authorities and disclose them to the public. Experts weigh in on the options and best practices.Continue Reading
Google Play Protect
Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.Continue Reading
insecure deserialization
Insecure deserialization is a vulnerability in which untrusted or unknown data is used to inflict a denial-of-service attack, execute code, bypass authentication or otherwise abuse the logic behind an application.Continue Reading
orphan account
An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, services and applications but does not have a valid owner.Continue Reading
cryptosystem
A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.Continue Reading
SOC 2 (System and Organization Controls 2)
SOC 2 (System and Organization Controls 2), pronounced "sock two," is a voluntary compliance standard for ensuring that service providers properly manage and protect the sensitive data in their care.Continue Reading
Computer Fraud and Abuse Act (CFAA)
The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization.Continue Reading
national identity card
A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity.Continue Reading
cyber extortion
Cyber extortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.Continue Reading
The history and evolution of ransomware
Ransomware has evolved from a malicious floppy disk demanding $189 in ransom to a multibillion-dollar industry with ransom for rent, sophisticated techniques and big-name victims.Continue Reading
The history, evolution and current state of SIEM
SIEM met the need for a security tool that could pinpoint threats in real time. But new threats mean that the next evolution of SIEM will offer even more firepower.Continue Reading
How to map security gaps to the Mitre ATT&CK framework
Mapping security gaps to the Mitre ATT&CK framework enables SOC teams to prioritize, remediate and eliminate vulnerabilities before malicious actors exploit them.Continue Reading
Get started: Threat modeling with the Mitre ATT&CK framework
The Mitre ATT&CK framework may seem daunting at first, but it is a key tool that helps SOC teams conduct threat modeling. Learn how to get started.Continue Reading
bridge
A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network.Continue Reading
mobile authentication
Mobile authentication is the verification of a user's identity via a mobile device using one or more authentication methods for secure access.Continue Reading
cloud security posture management (CSPM)
Cloud security posture management (CSPM) is a market segment for IT security tools that are designed to identify misconfiguration issues and compliance risks in the cloud.Continue Reading
cloud security architecture
Cloud security architecture is a security strategy designed around securing an organization's data and applications in the cloud.Continue Reading
single-factor authentication (SFA)
Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials.Continue Reading