SearchSecurity
New & Notable
Problem Solve
Protecting insecure software from popular exploit kits
Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.
Problem Solve
How to secure point-of-sale terminals from MitM attacks
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks.
News
Microsoft data privacy options come to web and Windows
New Microsoft privacy tools will give users control over the data collected on the web and within Windows. Experts hope the tools will offer data privacy transparency.
News
Flawed medical device security means life or death
News roundup: St. Jude Medical patches vulnerable medical IoT devices after a five-month controversy. Plus, the Email Privacy Act is reintroduced; Juniper warns of a firewall flaw; and more.
Download Now: Why You Must Make Ransomware A Security Priority
Hackers’ use of ransomware is growing and getting more sophisticated. Download our expert handbook for concrete actions to take now to harden defenses and protect your enterprise from becoming a ransomware victim.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
Trending Topics
-
Emerging threats News
MongoDB misconfiguration at fault in ransom attacks
Poor authentication in MongoDB configurations has led to a sharp increase in ransom attacks, and experts say tens of thousands of databases could be at risk.
-
Windows Security: Alerts, Updates and Best Practices News
Google discloses Windows zero-day under active exploit
Google disclosed an unpatched Windows zero-day vulnerability, which Microsoft claims is actively being exploited by a Russian APT group connected to the DNC hack.
-
PCI Data Security Standard Evaluate
What does a PCI Internal Security Assessor do?
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security Assessor helps with security.
-
Disk Encryption and File Encryption Problem Solve
How a PGP short ID flaw can lead to collision attacks
A well-known PGP short key ID flaw has been discovered to be the cause of collision attacks on Linux developers. Expert Michael Cobb explains the flaw with short key IDs.
-
Market trends and predictions Evaluate
Podcast: McAfee returns as Intel spins off security business
In this Risk & Repeat podcast, SearchSecurity editors discuss the $3.1 billion Intel Security sale and what it means for the infosec industry, the McAfee brand and Intel.
-
CISSP Certification Get Started
CISSP training: Software Development Security
Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.
Topics Covered
-
Application and Platform Security (13) +
- Application Attacks (Buffer Overflows, Cross-Site Scripting)
- Application Firewall Security
- Database Security Management
- Email Protection
- Enterprise Vulnerability Management
- Open Source Security Tools and Applications
- Operating System Security
- Secure SaaS: Cloud services and systems
- Securing Productivity Applications
- Social media security risks and real-time communication security
- Software Development Methodology
- Virtualization Security Issues and Threats
- Web Security Tools and Best Practices
-
Enterprise Data Protection (7) +
-
Enterprise Identity and Access Management (3) +
-
Enterprise Network Security (6) +
Government IT Security Management
-
Information Security Careers, Training and Certifications (3) +
-
Information Security Management (12) +
- Business Management: Security Support and Executive Communications
- Disaster Recovery and Business Continuity Planning
- Enterprise Compliance Management Strategy
- Enterprise Compliance Tools
- Enterprise Risk Management: Metrics and Assessments
- Information Security Incident Response-Information
- Information Security Laws, Investigations and Ethics
- Information Security Policies, Procedures and Guidelines
- News and analysis from IT security conferences
- Security Awareness Training and Internal Threats-Information
- Security Industry Market Trends, Predictions and Forecasts
- Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
Information Security Threats (13) +
- Application Attacks -Information Security Threats
- Denial of Service (DoS) Attack Prevention
- Email and Messaging Threats-Information Security Threats
- Emerging Information Security Threats
- Enterprise Vulnerability Management
- Hacker Tools and Techniques: Underground Sites and Hacking Groups
- Identity Theft and Data Security Breaches
- Information Security Incident Response
- Malware, Viruses, Trojans and Spyware
- Security Awareness Training and Internal Threats
- Smartphone and PDA Viruses and Threats
- Web Application and Web 2.0 Threats-Information Security Threats
- Web Server Threats and Countermeasures
-
Security Audit, Compliance and Standards (10) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Nick Lewis asks:
How does your enterprise ensure that credit card details are kept secure during transactions on PIN pads?
Find Solutions For Your Project
-
Evaluate
Sniff out insider threats with these tools
Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.
-
FIDO authentication could mean end of passwords
-
How to choose the right digital certificates
-
How NIST's new password guidelines may affect policies
-
-
Problem Solve
How USB storage devices can secretly transmit data
USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack.
-
Protecting insecure software from popular exploit kits
-
How to secure point-of-sale terminals from MitM attacks
-
Does FITARA affect government cybersecurity?
-
-
Manage
Insider Edition: Attaining security for IoT, through discovery, identity and testing
Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second ...
-
Privileged access management and security in the enterprise
-
Why breach investigations are critical to security
-
Why a security policy template can be dangerous
-
-
E-Zine | January 2017
Insider Edition: Attaining security for IoT, through discovery, identity and testing
Download -
E-Handbook | December 2016
Combatting the top cybersecurity threats with intelligence
Download -
E-Handbook | December 2016
Managed security services market: What you need to know now
Download -
E-Zine | December 2016
Dedicated CISO job still open to debate
Download -
E-Zine | November 2016
Insider Edition: Improved threat detection and incident response
Download
Information Security Basics
-
Get Started
security
Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats.
-
Get Started
Sniff out insider threats with these tools
Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.
-
Get Started
insider threat
An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false ...
Multimedia
-
-
Problem Solve
Podcast: How IoT botnets have changed DDoS defense
-
Vendor Resources
- 5 Lessons from an Application Security Pro –White Paper
- Application Security Beyond SAST and DAST –White Paper
- Tackle Email Fraud with Comprehensive Targeted Threat Protection –White Paper
Blog: Security Bytes
-
How cloud file sharing is creating new headaches for security teams
A sharp rise in cloud file sharing and collaboration activity is creating big problems for security teams – even when the number of security incidents is miniscule.Continue Reading
-
Android malware delivery is harder than you might think
Headlines about Android malware often gloss over just how difficult the process is for a user to install a malicious app on a device. Let's talk about that.Continue Reading
-
More Security Bytes Posts
Patent race picks up speed in the cloud access security broker market
Windows 10 Anniversary update adds headaches for antivirus vendors
Netskope nabs another patent for CASB technology
-
News
View All -
Data Privacy and Protection
Microsoft data privacy options come to web and Windows
New Microsoft privacy tools will give users control over the data collected on the web and within Windows. Experts hope the tools will offer data privacy transparency.
-
Network Device Management
Flawed medical device security means life or death
News roundup: St. Jude Medical patches vulnerable medical IoT devices after a five-month controversy. Plus, the Email Privacy Act is reintroduced; Juniper warns of a firewall flaw; and more.
-
Data Security and Cloud Computing
Experts mixed on Google's Cloud KMS
Experts are impressed with the simplicity of Google's Cloud KMS even if it doesn't separate itself from the key management service competition.