David Strom

David Strom writes and speaks about security, networking and communications topics for CSO Online, Network World, Computerworld, and other publications. He can be reached through his web site, or on Twitter @dstrom.

How to set up a successful digital forensics program

Top application security tools for 2019

Top application security tools for 2019

Checking for security flaws in your applications is essential. These tools can help find and fix them.

What is application security? A process and tools for securing software

What is application security? A process and tools for securing software

Application security is the process of making apps more secure by finding, fixing, and enhancing the security of apps. Checking for security flaws in your applications is essential as threats become more potent and prevalent.

The Sony hacker indictment: 5 lessons for IT security

The Sony hacker indictment: 5 lessons for IT security

The recent indictment of North Korean hacker Park Jin Hyok contains valuable information from the FBI’s investigation that will help you defend against similar attacks.

New tools protect your AWS infrastructure

New tools protect your AWS infrastructure

Rhino Security and Amazon offer tools to improve visibility into your AWS cloud environments, making it easier to find configuration errors and vulnerabilities.

Mastering email security with DMARC, SPF and DKIM

Mastering email security with DMARC, SPF and DKIM

The three main email security protocols complement one another, so implementing them all provides the best protection. That’s easier said than done, but these tips can help.

How to perform a risk assessment: Rethinking the process

How to perform a risk assessment: Rethinking the process

New regulations and a changing threat landscape mean you need a different approach to your security risk assessment process.

What is a CASB? What you need to know before you buy

What is a CASB? What you need to know before you buy

Cloud access security brokers have come a long way in a few years and can be an effective way to manage authentication and encryption across cloud and on-premise systems.

How risk-based authentication has become an essential security tool

How risk-based authentication has become an essential security tool

A new generation of risk-based authentication (RBA) products can improve both customer experience and security. Here's what to look for in them.

Honeypots as deception solutions: What to look for and how to buy

Honeypots as deception solutions: What to look for and how to buy

Commercial and open source honeypot tools are now effective deception solutions. Here's what you need to know before implement them.

4 open-source Mitre ATT&CK test tools compared

4 open-source Mitre ATT&CK test tools compared

Any of these tools from Endgame, Red Canary, Mitre, and Uber will get your red team and pentesters started with Mitre's ATT&CK framework.

What is Mitre's ATT&CK framework? What red teams need to know

What is Mitre's ATT&CK framework? What red teams need to know

The ATT&CK framework allows security researchers and red teams to better understand hacker threats.

Load More