Feed aggregator

Threat modeling is the systematic process of identifying threats to and vulnerabilities in software applications, and then defining countermeasures to mitigate those threats and vulnerabilities to better protect business processes, networks, systems and data.

Malvertising is an up-and-coming cybersecurity threat, but marketing and IT teams alike can take several important steps to avoid and remove this threat.

The Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999, is a federal law enacted in the United States to control the ways financial institutions deal with the private information of individuals.

Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal.

A web server is software and hardware that uses HTTP and other protocols to respond to client requests made over the World Wide Web.

Companies are turning to passkeys as a secure login for consumers. Passkeys make it more difficult for thieves to steal information, and they are also more convenient for users.

IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.

Endpoint detection and response (EDR) is a system that gathers and analyzes security threat-related information from computer workstations and other endpoints.

One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help.

Organizational security is undermined by a number of identity and access management problems. Learn what those risks are and get ideas on how to solve them.

Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises while avoiding detection by an electronic or human access control (or alarm) system.

Ensuring the security of your company's online payment systems is key to preventing costly attacks, meeting compliance requirements and maintaining customer trust.

Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ.

You don't have to build your blockchain project from the ground up. These cloud-based service providers can provide the necessary infrastructure, networking and development tools.

A uniform resource identifier (URI) is a character sequence that identifies a logical (abstract) or physical resource -- usually, but not always, connected to the internet.

An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks.

While AI PCs show legitimate promise, the rock-solid use cases haven't been as prominent. However, security vendor ESET is showing more concrete applications of this technology.

IAM is critical to an organization's data security posture, and its role in regulatory compliance is just as crucial.

AI PCs have struggled to find a perfect use case, but the need for stronger security systems on local desktops, along with agentic AI might end that struggle.

A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.