Features

vulnerable breach cyberattack hacker

Securing CI/CD pipelines: 6 best practices

Criminals are exploiting vulnerabilities in continuous integration/continuous delivery pipelines to steal sensitive information, mine cryptocurrencies, and deliver malicious code.

Windows 11 PC devices

Windows 11 hardware requirements will drive security update decisions

Windows 11 is Microsoft's most security-oriented OS ever, but will your network-connected computers support it? Here's how to tell.

Chaotic streams brought to binary order / holistic organization / taming data structure

How to choose a SIEM solution: 11 key features and considerations

Get a clear, consolidated view of events and threats across your entire enterprise with SIEM (security and event management). Here’s how to select the best SIEM solution based on your company’s unique assortment of needs.

database data center futuristic technology

11 technologies improving database security

The database does not have to be a security and privacy liability. These technologies can reduce risk and help ensure regulatory compliance.

Windows 11 PC devices

Windows 11's best security features

Windows 11 uses some of the best security features of Windows 10. The big difference is that many are now required.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2021

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

Hands use a keyboard at a desktop display showing lines of code in a dimly lit workspace.

Securing infrastructure as code: Perils and best practices

Some organizations are leaving themselves vulnerable when they adopt an infrastructure-as-code approach. Here's how to avoid misconfigurations and insecure templates.

iot security startups hot highlights planets rocket lock security

12 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

GDPR data privacy / data protection / security / risk management

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

Conceptual image of a password amid hexadecimal code.

Rainbow tables explained: How they work and why they're (mostly) obsolete

Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.

Ransomware > An encrypted system, held ransom with lock + chain, displays a dollar sign.

How to control ransomware? International cooperation, disrupting payments are key, experts say

Anti-ransomware acts or regulations will require global cooperation, experts say. In the meantime, ransomware victims should cooperate quickly and fully with authorities.

Jonathan Scott-Lee, CISO at HSBC

HSBC CISO champions neurodiversity awareness in cybersecurity

HSBC’s CISO for Asia Pacific Jonathan Scott-Lee discusses his aims as the organization’s ambassador for neurodiversity, the importance of neurodiversity in cybersecurity and cultivating a more neurodiverse technology sector.

CSO > Botnet > Robots amid a blue binary matrix

Botnet attacks on APIs: Why most companies are unprepared

The use of botnets to target applications for illegal and unethical purposes is growing, yet implementation of bot detection tools and best practices lags.

Chris Zannetos, STEMatch founder and president.

STEMatch creates new cybersecurity education and career paths

CSO50 award-winning program STEMatch makes cybersecurity education and careers more accessible thanks to private and public sector support.

man typing on laptop search internet web browswer

15 top open-source intelligence tools

OSINT (open-source intelligence) is the practice of collecting information from published or otherwise publicly available sources. These tools will help you find sensitive public info before bad guys do.

Jason Lee, Chief Information Security Officer, Zoom

CISO Jason Lee on Zoom's response to its pandemic security challenges

A year into his role, Lee discusses how he and Zoom's security team addressed security and privacy issues amid rapid growth and public scrutiny.

login credential - user name, password - administrative controls - access control - single sign-on

4 tips to prevent easy attacker access to Windows networks

The Colonial Pipeline attackers likely got in using old, compromised VPN credentials. This advice will force attackers to work much harder.

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]

7 best practices for enterprise attack surface management

Follow this advice to minimize vulnerabilities and give threat actors fewer opportunities to compromise your organization's network and devices.

A group discussion takes place in a glass conference room, in a busy office workspace.

Tabletop exercises explained: Definition, examples, and objectives

A tabletop exercise is an informal, discussion-based session in which a team or discusses their roles and responses during an emergency, walking through one or more example scenarios.

technology debt drowning in debt piggy bank by romolo tavani hudiem getty images

7 ways technical debt increases security risk

Shoddily developed and deployed projects can leave your enterprise vulnerable to attacks. Here's how to stop technical debt from sending your organization to the cyber-poorhouse.

Load More