Advertisement

programming code development split screen display
IDG Contributor Network

Lessons learned through 15 years of SDL at work

In short? Security Development Lifecycle is all about the developers...


CSO slideshow - Insider Security Breaches - Flag of China, binary code

Senator Warner seeks "grand alliance" to protect against surveillance threat from China’s tech dominance

The senator believes Chinese companies will be required to aid surveillance of the US, especially as 5G networks roll out.


Selecting the right people.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Advertisement

Admission tickets in an digital network / access / admittance / authorization / authentication

What is OAuth? How the open authorization framework works

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets. It is widely accepted, but be aware of its vulnerabilities.


Fraud / deception / social engineering  >  A wolf in sheep's clothing in a binary environment.

10 signs you're being socially engineered

Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.


DDOS attack

Misconfigured WS-Discovery in devices enable massive DDoS amplification

Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.


Botnet Trouble / Botnet army

Secrets of latest Smominru botnet variant revealed in new attack

Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack.


Credential theft  > A thief steals a password.

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.


Two business people shake hands with a third at a meeting, surrounded by question marks.

6 questions candidates should ask at every security job interview

The cybersecurity skills shortage means security pros can be picky about where they work. Here's how to suss out bad employers.


network security / network traffic scanning

Review: Blue Hexagon may make you rethink perimeter security

This fully functional, fully trained cybersecurity tool is ready on day 1 to spot threats on whatever network it’s charged with protecting.


Advertisement

Email encryption  >  A key + a three-dimensional 'at' symbol bearing a series of locks.

The top 5 email encryption tools: More capable, better integrated

Most of the email encryption solution vendors have broadened the scope of their products to include anti-phishing, anti-spam, and data loss prevention (DLP).


golden egg / nest / numbers / precious value / worth / growth

Three strategies to prove security's value

How CISOs can identify and quantify security’s value in real dollars


shadow flashlight shadowy investigation

Shining light on dark data, shadow IT and shadow IoT

What's lurking in the shadows of YOUR organization? What you don't know can hurt you. Insider Pro columnist Mike Elgan looks at how your business is at risk and offers six steps to minimize it.


financ credit pos

What is PSD2? And how it will impact the payments processing industry

The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.


Let's Encrypt automated encryption gears
Cybersecurity Snippets

SOAPA vs. SOAR: How these security terms differ

SOAPA and SOAR are vastly different. Security orchestration, automation, and response (SOAR) tools represent a component of a security operations and analytics platform architecture (SOAPA).