Threat and Vulnerability Management

Threat and Vulnerability Management | News, how-tos, features, reviews, and videos

iPhone security
Feature

10 security tools all remote employees should have

data analytics / risk assessment / tracking data or trends
Cybersecurity SnippetsBy

Move over XDR, it's time for security observability, prioritization, and validation (SOPV)

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]
Feature

7 best practices for enterprise attack surface management

Follow this advice to minimize vulnerabilities and give threat actors fewer opportunities to compromise your organization's network and devices.

Money flows through a tunnel of binary code as a target hovers over a code bug.
Feature

5 questions to answer before jumping on the bug bounty bandwagon

Bug bounty programs can bolster your vulnerability management capabilities, but are you ready?

target threat hunting program sitting duck duck shooting gallery by roz woodward getty 2400x1600
Feature

Tips and tactics of today's cybersecurity threat hunters

Having internal threat hunting capability is becoming a necessity for many organizations. Here are the most common things they look for and how they respond to incidents.

Conceptual images of a woman listening to a stream of abstract letters.
Cybersecurity SnippetsBy

8 things CISOs want to hear from XDR vendors

Beyond industry rhetoric, vendors must use their time at the RSA Conference to provide clarity around what XDR is, where it fits, and how it complements existing security technologies.

Security system alert: 'DANGER'
Feature

6 tips for receiving and responding to third-party security disclosures

Your first notification of your next breach or significant threat might come from outside your organization. Have these preparations in place to effectively and quickly respond to inbound security intelligence.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.
Opinion

Coca-Cola trade secret theft underscores importance of insider threat early detection

A research engineer used basic exfiltration techniques to steal trade secrets from Coca-Cola, but wasn't caught until she attempted to steal similar data from another company.

succession brain sharing intellectual knowledge sharing
News Analysis

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.

broken lock amid binary code and circuits
Analysis

Is enterprise security broken?

Deploying independent endpoint or network security separately is coming to a rapid – and much-needed -- end. If you want to stay secure longer-term, focus on unifying your security products now.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

information security 2

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Red team versus blue team: How to run an effective simulation

Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

How to survive (and thrive) in the CISO hot seat

The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.

Special report: platforms play big in the cloud

This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.

Research report: IT security's looming tipping point

Even as security draws board-level attention, many IT professionals give their organizations’ infosec practices low marks. This special report from CIO, CSO and Computerworld reveals how to tip the balance in the right direction.

The CSO identity management survival guide

This guide will help you communicate through the challenges of identity management, learn from success stories and discover the most valuable features of today's identity management tools.

Load More