David Strom

David Strom writes and speaks about security, networking and communications topics for CSO Online, Network World, Computerworld, and other publications. He can be reached through his web site, or on Twitter @dstrom.

9 cloud and on-premises email security suites compared

What is Magecart? How this hacker group steals payment card data

What is Magecart? How this hacker group steals payment card data

Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.

What is MITRE's ATT&CK framework? What red teams need to know

What is MITRE's ATT&CK framework? What red teams need to know

The ATT&CK framework allows security researchers and red teams to better understand hacker threats.

How to find the right testing tool for Okta, Auth0, and other SSO solutions

How to find the right testing tool for Okta, Auth0, and other SSO solutions

Implementing a single sign-on solution can be complicated, especially if you have apps that are not in the SSO vendor's catalog. These tools can simplify the process.

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

CSPM explained: Filling the gaps in cloud security

CSPM explained: Filling the gaps in cloud security

Cloud security posture management (CSPM) provides threat intelligence, detection, and remediation for complex cloud environments.

How to hack 2FA: 5 attack methods explained

How to hack 2FA: 5 attack methods explained

As two-factor authentication becomes more widespread, criminals seek novel ways to subvert it. Here's what you need to know.

What is IAM? Identity and access management explained

What is IAM? Identity and access management explained

IAM products provide IT managers with tools and technologies for controlling user access to critical information within an organization.

Top 7 security mistakes when migrating to cloud-based apps

Top 7 security mistakes when migrating to cloud-based apps

As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.

Homomorphic encryption tools find their niche

Homomorphic encryption tools find their niche

Current homomorphic encryption offerings require fewer specialized skills and are proving themselves effective in some use cases.

10 common cloud security mistakes that put your data at risk

10 common cloud security mistakes that put your data at risk

Yes, the cloud offers many security advantages over on-premises, especially for smaller organizations, but only if you avoid these mistakes around cloud configuration, monitoring and patching.

Securing Microsoft Teams: The options are limited

Securing Microsoft Teams: The options are limited

The popular messaging and video conferencing platform comes with security and privacy risks. These are your limited native and third-party options for protecting users and data.

Load More