UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Vendors and Providers

Vendors and Providers | News, how-tos, features, reviews, and videos

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.

Feature

AWS, Google Cloud, and Azure: How their security features compare

Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.

questions to ask a vendor curious hand with question mark tablet ipad by stevanovicigor getty

Feature

What CISOs really want from security vendors

Less risk? Better security? Value for dollars spent? Check, check, and check. But of all the things CISOs want from security vendors, trusted partnership tops the list. Here's how leading CISOs find and foster those relationships.

Clues are mapped out for investigation with maps, events, dates and photos connected by red threads.

Feature

The Microsoft Exchange Server hack: A timeline

Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.

podcast 3x16 2

Sponsor Podcast in partnership with Microsoft

Episode 4: Reduce SOC burnout

Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...

podcast 3x16 2

Sponsor Podcast in partnership with Microsoft

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How-To

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

A broken link in a digital chaing / weakness / vulnerability

News Analysis

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

A hand activates the software update button in a virtual interface. [ update / patch / fix ]

Opinion

The .NET patch failure that wasn’t

This month’s patch updates from Microsoft have caused few problems, and though there were some issues related to .NET, even those have been scattered.

Todd McKinnon, CEO and founder, Okta

Interview

Okta CEO: Here’s where cloud identity management is headed

Todd McKinnon, CEO and founder of Okta, talks about the road ahead for his company and the future of identity and access management in the cloud.

podcast 3x16 2

Sponsor Podcast in partnership with Microsoft

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...

A hacker attacks from within a Windows system.

Feature

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.

9 systems theory global crash outage

News

Google services, apps hit by global outage

The company’s popular business apps and services, including Gmail, Docs, Workspace, Sheets and Meet were knocked offline for more than a half hour Monday morning.

incoming emails / DNS security / locked server / parked domain

News

18 (new) ways attackers can compromise email

Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.

Zero-trust

News Analysis

Google enters zero-trust market with BeyondCorp Remote Access offering

Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.

access management / access control / user connections / identities

Feature

Flex streamlines app access for 20k suppliers with IAM overhaul

Contract manufacturer Flex dumped its distributed identity and access management system for a more centralized, cloud-based option that better protects data and intellectual property.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

information security 2

Tech Primer

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Load More

Popular Resources

Video/Webcast
Sponsored

Advancing to the Next Generation of Data Management Services
Video/Webcast
Sponsored

5 Ways You’re Inviting a Ransomware Attack: How to Build Better Security Protections
Video/Webcast
Sponsored

Adobe Sign for Microsoft SharePoint and M365
eBook
Sponsored

Aras Cloud and the Future of PLM
White Paper

A Roadmap Towards Composable Commerce

See All

Most Popular