Network Security

Network Security news, information, and how-to advice

virus detection
Dana Deasy

cloud computing - data center

Review: Protecting clouds with Cloud Defender from Alert Logic

Cloud Defender is a user-friendly tool that lets local IT staff inspect their cloud deployments to look for evidence of hidden threats or breaches. But it can also be used in a SaaS model, with the cybersecurity team at Alert Logic...

4 shock stunned fear

Negative motivation is not positive engagement

The barrage of fearmongering and FOMO over social media and advertising leads to a vicious cycle of negative engagement that builds anger and frustration that can’t be addressed by buying new products. We can break the cycle through...

cyberwarfare defense illustration

Nation state attacks – the cyber cold war gets down to business

Cyber weaponry is moving to new frontiers: yours. Businesses are the next target on the nation state menu. Are you protected or vulnerable?

adrian sanabria
video

Is it time to kill the pen test? | Salted Hash Ep 22

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping...

01 hot products at rsa 2018

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

balance - measure - comparison - risk assessment

Want IT resiliency? Stop the see-saw of imbalanced attention

As cyber threats continue to grow among companies with sensitive data, IT must take a holistic approach to managing and mitigating these threats. Here’s how to bridge preventative and restorative measures for IT resiliency.

3 legal law books

Insider threat legalese

Understanding your lawyer’s perspective on insider threats...and three suggestions to help start the conversation.

enhancing ddos defenses with a web application firewall

Your cache is exposed

On February 28, Akamai recorded a 1.35 Tbps DDoS attack driven by a relatively new vector, memcached reflection. Memcached can have an amplification factor of roughly 500,000 times larger than the initial query, which allows small set...

people search find locate

How to hire the right analysts for your intelligence program

As someone who’s been deeply involved in virtually every aspect of hiring and job-seeking in security and intelligence, I can attest firsthand that while the process is rarely easy, it’s worth the effort.

hunting and monitoring security threats

How can SOC analysts hunt more efficiently? By not hunting

To win the battle against today’s sophisticated cyber threats, security analysts must disrupt a kill chain or lateral movement attack early in the process. Achieving success requires pinpointing the real threat amidst a never-ending...

cyber attack

4 open-source Mitre ATT&CK test tools compared

Any of these tools from Endgame, Red Canary, Mitre, and Uber will get your red team and pentesters started with Mitre's ATT&CK framework.

green army soldier on a laptop keyboard

For endpoint security, trust but verify

Your organization might eventually fall victim to a data breach but creating checks and balances to maintain a layered data security approach can help you come out the other side with fewer losses.

locks on binary code

Software-defined perimeter: Important initiative, ineffective name

A geeky and confusing name doesn’t communicate business, privacy, and security benefits. Instead of software-defined perimeter, I suggest ubiquitous security access services (USAS).

login password - user permissions - administrative control

Turbo-charging your single sign-on solution

A comprehensive privileged password manager fills the SSO gaps and boosts overall data security.

data breach thinkstock

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

eyeglasses laptop programming code development

The value of 20/20 hindsight in cybersecurity

Security will find indications of compromise revealed in public disclosures exponentially more valuable if they find a way to go back and compare historical data against the new intelligence.

fast food cheeseburger

Taking a bite-sized approach to security automation and orchestration

Gradual, focused implementation lets you educate your team and course correct as needed.

framework metal

What is Mitre's ATT&CK framework? What red teams need to know

The ATT&CK framework allows security researchers and red teams to better understand hacker threats.

Load More