UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Vendors and Providers

Vendors and Providers | News, how-tos, features, reviews, and videos

podcast 3x16 2

Sponsor Podcast in partnership with Microsoft

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How-To

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

A broken link in a digital chaing / weakness / vulnerability

News Analysis

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

A hand activates the software update button in a virtual interface. [ update / patch / fix ]

Opinion

The .NET patch failure that wasn’t

This month’s patch updates from Microsoft have caused few problems, and though there were some issues related to .NET, even those have been scattered.

Todd McKinnon, CEO and founder, Okta

Interview

Okta CEO: Here’s where cloud identity management is headed

Todd McKinnon, CEO and founder of Okta, talks about the road ahead for his company and the future of identity and access management in the cloud.

podcast 3x16 2

Sponsor Podcast in partnership with Microsoft

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...

A hacker attacks from within a Windows system.

Feature

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.

9 systems theory global crash outage

News

Google services, apps hit by global outage

The company’s popular business apps and services, including Gmail, Docs, Workspace, Sheets and Meet were knocked offline for more than a half hour Monday morning.

incoming emails / DNS security / locked server / parked domain

News

18 (new) ways attackers can compromise email

Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.

video conferencing / remote work / online meeting

Review

Review: 5 top videoconferencing services put to the test

We compared Zoom, Cisco Webex, Microsoft Teams, GoToMeeting, and Google Meet in real-world tests to see which videoconferencing platforms perform best for business users. Here’s how they stack up.

Zero-trust

News Analysis

Google enters zero-trust market with BeyondCorp Remote Access offering

Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.

binary code flows around a corporate structure / cybersecurity / technology companies

Feature

The 10 most powerful cybersecurity companies

What makes these 10 security vendors the biggest power players? We break it down.

access management / access control / user connections / identities

Feature

Flex streamlines app access for 20k suppliers with IAM overhaul

Contract manufacturer Flex dumped its distributed identity and access management system for a more centralized, cloud-based option that better protects data and intellectual property.

programming code development split screen display

SAFE CodeBy Steve Lipner

Lessons learned through 15 years of SDL at work

In short? Security Development Lifecycle is all about the developers...

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

What it takes to become an IT security engineer

The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set...

information security 2

Tech Primer

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Load More

Popular Resources

eBook
Sponsored

How to Build the Business Case for Contract Management Solutions
Video/Webcast
Sponsored

Modernize Your Storage Strategy
White Paper

Accelerate I/O with NVMe drives on the new Dell EMC PowerEdge R650 server
eBook
Sponsored

An assume breach Mindset
White Paper

Lock in your security maturity through strategic mainframe modernization

See All

Most Popular