Expert analysis
Advice for aspiring threat hunters, investigators, and researchers from the old town folk
There’s a big cohort of security geeks who joined the industry around the turn of the millennium by either landing “infosec” jobs or, quite frequently, just by making infosec …
Get your firm to say goodbye to password headaches
Passwords are problematic. They can be costly and burdensome for businesses to manage, can cause poor user experience, and they are easily compromised. It’s no wonder, then, …
XDR and MDR: What’s the difference and why does it matter?
The cybersecurity industry loves acronyms and XDR is rising swiftly to the top of the charts of the current lexicon. Extended detection and response (XDR) is a designation …
How to address post-pandemic infrastructure pain points
Like bankruptcy, falling asleep, or even falling in love, today’s infrastructure and security pain points develop first gradually, and then all at once. The coronavirus …
Using Salesforce? Here are 5 security and compliance considerations
When it comes to mission-critical cloud applications, today’s security teams have a laundry list of different focus areas. From ensuring cloud providers deliver adequate …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
April 2021 Patch Tuesday forecast: Security best practices
March kept us all very busy with the ongoing out-of-band Microsoft updates for Exchange Server and the printing BSODs, which plagued us since last Patch Tuesday. It looks like …
4 things you can do to minimize cyberattacks on supply and value chains
Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, …
Cloud-native watering hole attack: Simple and potentially devastating
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored …
SASE or zero trust? Why security teams should be using both
As companies continue to navigate increasingly distributed environments, the question of zero trust is coming up more and more – as is the relationship between this …
Encryption is either secure or it’s not – there is no middle ground
The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any …
We must crush digital misinformation before it destroys society
Digital communication is connecting people around the globe with tremendous benefits, but is also being misused in terrible ways that take advantage of the community. We are …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?